thr3ads.net - Secure testing commits - [Secure-testing-commits] r5025

If this information is useful, please help other people find it:
Share via:
Joey Hess
2006-Nov-29 21:15 UTC
[Secure-testing-commits] r5025 - data/CVE

Author: joeyh
Date: 2006-11-29 21:15:09 +0100 (Wed, 29 Nov 2006)
New Revision: 5025

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2006-11-29 19:05:32 UTC (rev 5024)
+++ data/CVE/list	2006-11-29 20:15:09 UTC (rev 5025)
@@ -1,3 +1,81 @@
+CVE-2006-6168 (tiki-register.php in TikiWiki before 1.9.7 allows remote
attackers to ...)
+	TODO: check
+CVE-2006-6167 (** DISPUTED ** ...)
+	TODO: check
+CVE-2006-6166 (Cross-site scripting (XSS) vulnerability in jce.php in the JCE
Admin ...)
+	TODO: check
+CVE-2006-6165 (** DISPUTED ** ...)
+	TODO: check
+CVE-2006-6164 (The _dl_unsetenv function in loader.c in the ELF ld.so in
OpenBSD 3.9 ...)
+	TODO: check
+CVE-2006-6163 (Cross-site scripting (XSS) vulnerability in tiki-setup_base.php
in ...)
+	TODO: check
+CVE-2006-6162 (Cross-site scripting (XSS) vulnerability in
tiki-edit_structures.php ...)
+	TODO: check
+CVE-2006-6161 (Multiple SQL injection vulnerabilities in Doug Luxem Liberum
Help Desk ...)
+	TODO: check
+CVE-2006-6160 (SQL injection vulnerability in details.asp in Doug Luxem Liberum
Help ...)
+	TODO: check
+CVE-2006-6159 (Multiple cross-site scripting (XSS) vulnerabilities in
newticket.php ...)
+	TODO: check
+CVE-2006-6158 (Multiple cross-site scripting (XSS) vulnerabilities in (a) PMOS
Help ...)
+	TODO: check
+CVE-2006-6157 (SQL injection vulnerability in index.php in ContentNow 1.39 and
...)
+	TODO: check
+CVE-2006-6156 (Cross-site scripting (XSS) vulnerability in auth/message.php in
HIOX ...)
+	TODO: check
+CVE-2006-6155 (Multiple SQL injection vulnerabilities in addrating.php in HIOX
Star ...)
+	TODO: check
+CVE-2006-6154 (PHP remote file inclusion vulnerability in addcode.php in HIOX
Star ...)
+	TODO: check
+CVE-2006-6153 (Multiple cross-site scripting (XSS) vulnerabilities in vSpin.net
...)
+	TODO: check
+CVE-2006-6152 (Multiple SQL injection vulnerabilities in vSpin.net Classified
System ...)
+	TODO: check
+CVE-2006-6151 (PHP remote file inclusion vulnerability in centre.php in
Messagerie ...)
+	TODO: check
+CVE-2006-6150 (PHP remote file inclusion vulnerability in ...)
+	TODO: check
+CVE-2006-6149 (SQL injection vulnerability in index.asp in JiRos FAQ Manager
1.0 ...)
+	TODO: check
+CVE-2006-6148 (Multiple cross-site scripting (XSS) vulnerabilities in
submitlink.asp ...)
+	TODO: check
+CVE-2006-6147 (Multiple SQL injection vulnerabilities in JiRos Links Manager
allow ...)
+	TODO: check
+CVE-2006-6146 (Buffer overflow in the HPDF_Page_Circle function in ...)
+	TODO: check
+CVE-2006-6145 (CRYPTOCard CRYPTO-Server before 6.4.56 stores LDAP credentials
in ...)
+	TODO: check
+CVE-2006-6144
+	RESERVED
+CVE-2006-6143
+	RESERVED
+CVE-2006-6142
+	RESERVED
+CVE-2006-6141 (Buffer overflow in Tftpd32 3.01 allows remote attackers to cause
a ...)
+	TODO: check
+CVE-2006-6140 (PHP remote file inclusion vulnerability in Sisfo Kampus 2006
(Semarang ...)
+	TODO: check
+CVE-2006-6139 (Directory traversal vulnerability in downloadexcel.php in Sisfo
Kampus ...)
+	TODO: check
+CVE-2006-6138 (Directory traversal vulnerability in download.php in Sisfo
Kampus 0.8 ...)
+	TODO: check
+CVE-2006-6137 (Multiple PHP remote file inclusion vulnerabilities in Sisfo
Kampus 0.8 ...)
+	TODO: check
+CVE-2006-6136 (IBM WebSphere Application Server 6.1.0 before Fix Pack 3
(6.1.0.3) ...)
+	TODO: check
+CVE-2006-6135 (Multiple unspecified vulnerabilities in IBM WebSphere
Application ...)
+	TODO: check
+CVE-2006-6134 (Windows Media 10.00.00.4036 allows remote attackers to cause a
denial ...)
+	TODO: check
+CVE-2006-6133 (Stack-based buffer overflow in Business Objects Crystal Reports
XI ...)
+	TODO: check
+CVE-2006-6132 (Multiple SQL injection vulnerabilities in Link Exchange Lite
allow ...)
+	TODO: check
+CVE-2006-6131 (Untrusted search path vulnerability in (1) WSAdminServer and (2)
...)
+	TODO: check
+CVE-2006-6130 (Apple Mac OS X AppleTalk allows local users to cause a denial of
...)
+	TODO: check
 CVE-2006-XXXX [kronolith arbitrary file inclusion]
 	- kronolith2 2.1.4-1 (bug #400899)
 	TODO: check kronolith 1.x
@@ -50,8 +128,8 @@
 	NOT-FOR-US: fipsCMS
 CVE-2006-6114 (Buffer overflow in NWSPOOL.DLL in Novell Client 4.91 Post-SP3
for ...)
 	NOT-FOR-US: Novell
-CVE-2006-6113
-	RESERVED
+CVE-2006-6113 (Monkey Boards 0.3.5 allows remote attackers to obtain sensitive
...)
+	TODO: check
 CVE-2006-6112
 	RESERVED
 CVE-2006-6111 (Multiple SQL injection vulnerabilities in Alan Ward A-Cart Pro
2.0 ...)
@@ -500,8 +578,8 @@
 	NOT-FOR-US: PhpMyChat 
 CVE-2006-5897 (Multiple directory traversal vulnerabilities in PhpMyChat Plus
1.9 and ...)
 	NOT-FOR-US: PhpMyChat Plus
-CVE-2006-5896
-	RESERVED
+CVE-2006-5896 (REMLAB Web Mech Designer 2.0.5 allows remote attackers to obtain
the ...)
+	TODO: check
 CVE-2006-5895 (PHP remote file inclusion vulnerability in core/core.php in
EncapsCMS ...)
 	NOT-FOR-US: EncapsCMS
 CVE-2006-5894 (Directory traversal vulnerability in lang.php in Rama CMS 0.68
and ...)
@@ -812,8 +890,8 @@
 	RESERVED
 CVE-2006-5751
 	RESERVED
-CVE-2006-5750
-	RESERVED
+CVE-2006-5750 (Directory traversal vulnerability in JBoss Application Server
...)
+	TODO: check
 CVE-2006-5749
 	RESERVED
 CVE-2006-5748 (Multiple unspecified vulnerabilities in the JavaScript engine in
...)
@@ -832,7 +910,7 @@
 	- xulrunner <unfixed> (high)
 	[sarge] - mozilla-firefox <not-affected> (Vulnerable code not present)
 	- mozilla-thunderbird <removed> (medium)
-CVE-2006-5746 (The console in AirMagnet Enterprise does not properly validate
the ...)
+CVE-2006-5746 (The console in AirMagnet Enterprise before 7.5 build 6307 does
not ...)
 	NOT-FOR-US: AirMagnet
 CVE-2006-5745 (Unspecified vulnerability in the setRequestHeader method in the
...)
 	NOT-FOR-US: Microsoft
@@ -1060,7 +1138,7 @@
 	NOT-FOR-US: Web Wiz Forums
 CVE-2006-5634 (Multile PHP remote file inclusion vulnerabilities in phpProfiles
2.1 ...)
 	NOT-FOR-US: phpProfiles
-CVE-2006-5633 (Firefox 1.5.0.7 and 2.0 allows remote attackers to cause a
denial of ...)
+CVE-2006-5633 (Firefox 1.5.0.7 and 2.0, and Seamonkey 1.1b, allows remote
attackers ...)
 	- firefox <unfixed> (low)
 	- icedove <unfixed> (low)
 	- mozilla <unfixed> (low)
@@ -3515,8 +3593,8 @@
 	RESERVED
 CVE-2006-4519
 	RESERVED
-CVE-2006-4518
-	RESERVED
+CVE-2006-4518 (Qbik WinGate 6.1.4 and earlier allows remote attackers to cause
a ...)
+	TODO: check
 CVE-2006-4517 (Novell iManager 2.5 and 2.0.2 allows remote attackers to cause a
...)
 	NOT-FOR-US: Novell iManager
 CVE-2006-4516 (Integer signedness error in FreeBSD 6.0-RELEASE allows local
users to ...)
@@ -4302,8 +4380,8 @@
 CVE-2006-4182 (Integer overflow in ClamAV 0.88.1 and 0.88.4, and other versions
...)
 	{DSA-1196-1}
 	- clamav 0.88.5-1 (high; bug #393445)
-CVE-2006-4181
-	RESERVED
+CVE-2006-4181 (Format string vulnerability in the sqllog function in the SQL
...)
+	TODO: check
 CVE-2006-4180
 	REJECTED
 CVE-2006-4179
Secure testing commits - Nov 2006 - r5025 - data/CVE

[Secure-testing-commits] r5025 - data/CVE
