Author: stef-guest Date: 2006-11-08 21:16:37 +0100 (Wed, 08 Nov 2006) New Revision: 4938 Modified: data/CVE/list Log: some NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-11-08 20:14:45 UTC (rev 4937) +++ data/CVE/list 2006-11-08 20:16:37 UTC (rev 4938) @@ -175,7 +175,7 @@ CVE-2006-5705 (Directory traversal vulnerability in plugins/wp-db-backup.php in ...) TODO: check CVE-2006-5704 (HP NonStop Server G06.29, when running Standard Security T6533G06 ...) - TODO: check + NOT-FOR-US: HP CVE-2006-5703 (Cross-site scripting (XSS) vulnerability in tiki-featured_link.php in ...) - tikiwiki 1.9.6+dfsg-1 (low) CVE-2006-5702 (Tikiwiki 1.9.5 allows remote attackers to obtain sensitive information ...) @@ -227,63 +227,63 @@ CVE-2006-5679 (Integer overflow in the ffs_mountfs function in FreeBSD 6.1 allows ...) TODO: check CVE-2006-5678 (** DISPUTED ** ...) - TODO: check + NOT-FOR-US: Les Visiteurs CVE-2006-5677 (resmom/start_exec.c in pbs_mom in TORQUE Resource Manager 2.0.0p8 and ...) - TODO: check + NOT-FOR-US: TORQUE Resource Manager CVE-2006-5676 (SQL injection vulnerability in consult/classement.php in Uni-Vert ...) - TODO: check + NOT-FOR-US: PhpLeague CVE-2006-5675 (Multiple unspecified vulnerabilities in Pentaho Business Intelligence ...) - TODO: check + NOT-FOR-US: Pentaho Business Intelligence (BI) Suite CVE-2006-5674 (Multiple PHP remote file inclusion vulnerabilities in miniBB 2.0.2 and ...) - TODO: check + NOT-FOR-US: miniBB CVE-2006-5673 (PHP remote file inclusion vulnerability in bb_func_txt.php in miniBB ...) - TODO: check + NOT-FOR-US: miniBB CVE-2006-5672 (PHP remote file inclusion vulnerability in web/init_mysource.php in ...) - TODO: check + NOT-FOR-US: MySource CMS CVE-2006-5671 (PHP remote file inclusion vulnerability in contact.php in Free Image ...) - TODO: check + NOT-FOR-US: Free Image Hosting CVE-2006-5670 (PHP remote file inclusion vulnerability in forgot_pass.php in Free ...) - TODO: check + NOT-FOR-US: Free Image Hosting CVE-2006-5669 (PHP remote file inclusion vulnerability in gestion/savebackup.php in ...) - TODO: check + NOT-FOR-US: Gepi CVE-2006-5668 (Unspecified vulnerability in Ampache 3.3.2 and earlier, when ...) - TODO: check + NOT-FOR-US: Ampache CVE-2006-5667 (Multiple PHP remote file inclusion vulnerabilities in P-Book 1.17 and ...) - TODO: check + NOT-FOR-US: P-Book CVE-2006-5666 (SQL injection vulnerability in includes/menu.inc.php in E-Annu 1.0 ...) - TODO: check + NOT-FOR-US: E-Annu CVE-2006-5665 (PHP remote file inclusion vulnerability in admin/modules_data.php in ...) - TODO: check + NOT-FOR-US: phpBB module Spider Friendly CVE-2006-5664 (The installation script in IBM Informix Dynamic Server 10.00, Informix ...) - TODO: check + NOT-FOR-US: IBM Informix CVE-2006-5663 (IBM Informix Dynamic Server 10.00, Informix Client Software ...) - TODO: check + NOT-FOR-US: IBM Informix CVE-2006-5662 (SQL injection vulnerability in easy notesManager (eNM) 0.0.1 allows ...) - TODO: check + NOT-FOR-US: easy notesManager (eNM) CVE-2006-5661 (Cross-site scripting (XSS) vulnerability in nquser.php in VIRtech ...) - TODO: check + NOT-FOR-US: Netquery CVE-2006-5660 (Cisco Security Agent Management Center (CSAMC) 5.1 before 5.1.0.79 ...) - TODO: check + NOT-FOR-US: Cisco CVE-2006-5659 (PAM_extern before 0.2 sends a password as a command line argument, ...) - TODO: check + NOT-FOR-US: PAM_extern CVE-2006-5658 (BlooMooWeb ActiveX control (AidemATL.dll) allows remote attackers to ...) - TODO: check + NOT-FOR-US: BlooMooWeb ActiveX control CVE-2006-5657 (Multiple off-by-one errors in src/text.c in Vilistextum before 2.6.9 ...) - TODO: check + NOT-FOR-US: Vilistextum CVE-2006-5656 (Memory leak in the push_align function in src/util.c in Vilistextum ...) - TODO: check + NOT-FOR-US: Vilistextum CVE-2006-5655 (SQL injection vulnerability in index.php in OpenDocMan 1.2p3 allows ...) - TODO: check + NOT-FOR-US: OpenDocMan CVE-2006-5654 (Unspecified vulnerability in the Network Security Services (NSS) in ...) - TODO: check + NOT-FOR-US: Sun Java System Web Server CVE-2006-5653 (Cross-site scripting (XSS) vulnerability in the errorHTML function in ...) - TODO: check + NOT-FOR-US: Sun Java System Messenger Express CVE-2006-5652 (Cross-site scripting (XSS) vulnerability in Sun iPlanet Messaging ...) - TODO: check + NOT-FOR-US: Sun CVE-2006-5651 (list.php in DigiOz Guestbook before 1.7.1 allows remote attackers to ...) - TODO: check + NOT-FOR-US: DigiOz Guestbook CVE-2006-5650 (The ICQPhone.SipxPhoneManager ActiveX control in America Online ICQ ...) - TODO: check + NOT-FOR-US: ICQPhone.SipxPhoneManager CVE-2006-XXXX [phpmyadmin XSS (PMASA-2006-6)] - phpmyadmin 4:2.9.0.3-1 (low; bug #396638) [sarge] - phpmyadmin <not-affected> (Vulnerable code not present) @@ -302,77 +302,77 @@ CVE-2006-5644 RESERVED CVE-2006-5643 (Cross-site scripting (XSS) vulnerability in search_de.html in foresite ...) - TODO: check + NOT-FOR-US: foresite CMS CVE-2006-5642 (Unspecified vulnerability in NmnLogger 1.0.0 and earlier has unknown ...) - TODO: check + NOT-FOR-US: NmnLogger CVE-2006-5641 (SQL injection vulnerability in MainAnnounce2.asp in Techno Dreams ...) NOT-FOR-US: Techno Dreams CVE-2006-5640 (SQL injection vulnerability in guestbookview.asp in Techno Dreams ...) NOT-FOR-US: Techno Dreams CVE-2006-5639 (Unspecified vulnerability in the random number generator in OpenWBEM ...) - TODO: check + NOT-FOR-US: OpenWBEM CVE-2006-5638 (Multiple SQL injection vulnerabilities in cherche.php in PHPMyRing ...) - TODO: check + NOT-FOR-US: PHPMyRing CVE-2006-5637 (PHP remote file inclusion vulnerability in faq_reply.php in Faq ...) - TODO: check + NOT-FOR-US: Faq Administrator CVE-2006-5636 (PHP remote file inclusion vulnerability in common.php in Simple ...) - TODO: check + NOT-FOR-US: Simple Website Software CVE-2006-5635 (SQL injection vulnerability in forum/search.asp in Web Wiz Forums ...) - TODO: check + NOT-FOR-US: Web Wiz Forums CVE-2006-5634 (Multile PHP remote file inclusion vulnerabilities in phpProfiles 2.1 ...) - TODO: check + NOT-FOR-US: phpProfiles CVE-2006-5633 (Firefox 1.5.0.7 and 2.0 allows remote attackers to cause a denial of ...) TODO: check CVE-2006-5632 (Cross-site scripting (XSS) vulnerability in change_pass.php in iG Shop ...) - TODO: check + NOT-FOR-US: iG Shop CVE-2006-5631 (Cross-site scripting (XSS) vulnerability in change_pass.php in iG Shop ...) - TODO: check + NOT-FOR-US: iG Shop CVE-2006-5630 (Hosting Controller 6.1 before Hotfix 3.3 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Hosting Controller CVE-2006-5629 (Multiple SQL injection vulnerabilities in Hosting Controller 6.1 ...) - TODO: check + NOT-FOR-US: Hosting Controller CVE-2006-5628 (SQL injection vulnerability in login.asp in UNISOR Content Management ...) - TODO: check + NOT-FOR-US: UNISOR Content Management System (CMS) CVE-2006-5627 (Multiple PHP remote file inclusion vulnerabilities in QnECMS 2.5.6 and ...) - TODO: check + NOT-FOR-US: QnECMS CVE-2006-5626 (Cross-site scripting (XSS) vulnerability in ...) - TODO: check + NOT-FOR-US: phpFaber CVE-2006-5625 (PHP remote file inclusion vulnerability in wwwdev/nxheader.inc.php in ...) - TODO: check + NOT-FOR-US: N/X 2002 Professional Edition Web Content Management System (WCMS) CVE-2006-5624 (Multiple PHP remote file inclusion vulnerabilities in Multi-Page ...) - TODO: check + NOT-FOR-US: Multi-Page Comment System (MPCS) CVE-2006-5623 (PHP remote file inclusion vulnerability in ip.inc.php in Electronic ...) - TODO: check + NOT-FOR-US: Electronic Engineering Tool (EE Tool) CVE-2006-5622 (SQL injection vulnerability in picmgr.php in Coppermine Photo Gallery ...) - TODO: check + NOT-FOR-US: Coppermine Photo Gallery CVE-2006-5621 (PHP remote file inclusion vulnerability in end.php in ask_rave 0.9 PR ...) - TODO: check + NOT-FOR-US: ask_rave CVE-2006-5620 (PHP remote file inclusion vulnerability in include/menu_builder.php in ...) - TODO: check + NOT-FOR-US: MiniBILL CVE-2006-5619 (The seqfile handling (ip6fl_get_n function in ip6_flowlabel.c) in ...) - linux-2.6 2.6.18-4 (low) CVE-2006-5618 (Directory traversal vulnerability in script/cat_for_aff.php in Netref ...) - TODO: check + NOT-FOR-US: Netref CVE-2006-5617 (Directory traversal vulnerability in index.php in Thepeak File Upload ...) - TODO: check + NOT-FOR-US: Thepeak File Upload Manager CVE-2006-5616 (Multiple unspecified vulnerabilities in OpenPBS, as used in SUSE Linux ...) - TODO: check + NOT-FOR-US: OpenPBS CVE-2006-5615 (PHP remote file inclusion vulnerability in publish.php in Textpattern ...) - TODO: check + NOT-FOR-US: Textpattern CVE-2006-5614 (Microsoft Windows NAT Helper Components (ipnathlp.dll) on Windows XP ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2006-5613 (PHP remote file inclusion in Core/core.inc.php in MP3 Streaming ...) - TODO: check + NOT-FOR-US: MP3 Streaming DownSampler (mp3SDS) CVE-2006-5612 (PHP remote file inclusion vulnerability in aide.php3 in GestArt beta ...) - TODO: check + NOT-FOR-US: GestArt CVE-2006-5611 (Unspecified vulnerability in Toshiba Bluetooth Stack before 4.20.01 ...) - TODO: check + NOT-FOR-US: Toshiba CVE-2006-5610 (PHP remote file inclusion vulnerability in player/includes/common.php ...) - TODO: check + NOT-FOR-US: Teake Nutma Foing CVE-2006-5609 (Directory traversal vulnerability in dir.php in TorrentFlux 2.1 allows ...) - torrentflux 2.1-5 (bug #395930; medium) CVE-2006-5608 (SQL injection vulnerability in Extended Tracker (xtracker) 4.7 before ...) - TODO: check + NOT-FOR-US: Extended Tracker (xtracker) for Drupal CVE-2006-5607 (Directory traversal vulnerability in /cgi-bin/webcm in INCA IM-204 ...) TODO: check CVE-2006-5606 (Multiple SQL injection vulnerabilities in BytesFall Explorer ...)