thr3ads.net - Secure testing commits - [Secure-testing-commits] r5029

If this information is useful, please help other people find it:
Share via:
Joey Hess
2006-Nov-30 21:14 UTC
[Secure-testing-commits] r5029 - data/CVE

Author: joeyh
Date: 2006-11-30 21:14:21 +0100 (Thu, 30 Nov 2006)
New Revision: 5029

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2006-11-30 16:36:11 UTC (rev 5028)
+++ data/CVE/list	2006-11-30 20:14:21 UTC (rev 5029)
@@ -1,3 +1,23 @@
+CVE-2006-6177 (SQL injection vulnerability in
system/core/users/users.profile.inc.php ...)
+	TODO: check
+CVE-2006-6176 (Cross-site scripting (XSS) vulnerability in admin.php in Blogn
before ...)
+	TODO: check
+CVE-2006-6175 (Directory traversal vulnerability in lib/FBView.php in Horde
Kronolith ...)
+	TODO: check
+CVE-2006-6174 (Cross-site scripting (XSS) vulnerability in tDiary before 2.0.3
and ...)
+	TODO: check
+CVE-2006-6173 (Buffer overflow in the shared_region_make_private_np function in
...)
+	TODO: check
+CVE-2006-6172 (Buffer overflow in the asmrp_eval function for Real Media input
plugin ...)
+	TODO: check
+CVE-2006-6171 (** DISPUTED ** ...)
+	TODO: check
+CVE-2006-6170 (Buffer overflow in the tls_x509_name_oneline function in the
mod_tls ...)
+	TODO: check
+CVE-2003-1310 (The DeviceIoControl function in the Norton Device Driver
(NAVAP.sys) ...)
+	TODO: check
+CVE-2003-1309 (The DeviceIoControl function in the TrueVector Device Driver
...)
+	TODO: check
 CVE-2006-6168 (tiki-register.php in TikiWiki before 1.9.7 allows remote
attackers to ...)
 	TODO: check
 CVE-2006-6167 (** DISPUTED ** ...)
@@ -82,7 +102,7 @@
 CVE-2006-XXXX [proftpd buffer overflow in mod_tls]
 	- proftpd-dfsg 1.3.0-16 (medium; bug #400793)
 	- proftpd <removed> (medium)
-CVE-2006-6169 [gnupg buffer overflow in ask_outfile_name]
+CVE-2006-6169 (Buffer overflow in the ask_outfile_name function in openfile.c
for ...)
 	- gnupg 1.4.5-3 (medium)
 	- gnupg2 <unfixed> (medium; bug #400777)
 CVE-2006-XXXX [tikiwiki script insertion vulnerability]
@@ -750,7 +770,7 @@
 	NOT-FOR-US: Parallels
 CVE-2006-5816 (Multiple PHP remote file inclusion vulnerabilities in Dmitry
Sheiko ...)
 	NOT-FOR-US: Business Card Web Builder
-CVE-2006-5815 (Buffer overflow in ProFTPD 1.3.0 and earlier, when configured to
use ...)
+CVE-2006-5815 (Stack-based buffer overflow in the sreplace function in ProFTPD
1.3.0 ...)
 	{DSA-1218}
 	- proftpd-dfsg 1.3.0-15 (bug #399070; high) 
 	- proftpd <removed> (high)
@@ -3840,40 +3860,40 @@
 	RESERVED
 CVE-2006-4413 (Apple Remote Desktop before 3.1 uses insecure permissions for
certain ...)
 	NOT-FOR-US: Apple Remote Desktop
-CVE-2006-4412
-	RESERVED
-CVE-2006-4411
-	RESERVED
-CVE-2006-4410
-	RESERVED
-CVE-2006-4409
-	RESERVED
-CVE-2006-4408
-	RESERVED
-CVE-2006-4407
-	RESERVED
-CVE-2006-4406
-	RESERVED
+CVE-2006-4412 (WebKit in Apple Mac OS X 10.3.x through 10.3.9 and 10.4 through
10.4.8 ...)
+	TODO: check
+CVE-2006-4411 (The VPN service in Apple Mac OS X 10.3.x through 10.3.9 and
10.4.x ...)
+	TODO: check
+CVE-2006-4410 (The Security Framework in Apple Mac OS X 10.3.9, and 10.4.x
before ...)
+	TODO: check
+CVE-2006-4409 (The Online Certificate Status Protocol (OCSP) service in the
Security ...)
+	TODO: check
+CVE-2006-4408 (The Security Framework in Apple Mac OS X 10.4 through 10.4.8
allows ...)
+	TODO: check
+CVE-2006-4407 (The Security Framework in Apple Mac OS X 10.3.x up to 10.3.9
does not ...)
+	TODO: check
+CVE-2006-4406 (Buffer overflow in PPP on Apple Mac OS X 10.4.x up to 10.4.8 and
...)
+	TODO: check
 CVE-2006-4405
 	RESERVED
-CVE-2006-4404
-	RESERVED
-CVE-2006-4403
-	RESERVED
-CVE-2006-4402
-	RESERVED
-CVE-2006-4401
-	RESERVED
-CVE-2006-4400
-	RESERVED
+CVE-2006-4404 (The Installer application in Apple Mac OS X 10.4.8 and earlier,
when ...)
+	TODO: check
+CVE-2006-4403 (The FTP server in Apple Mac OS X 10.4.8 and earlier, when FTP
Access ...)
+	TODO: check
+CVE-2006-4402 (Heap-based buffer overflow in the Finder in Apple Mac OS X
10.4.8 and ...)
+	TODO: check
+CVE-2006-4401 (Unspecified vulnerability in CFNetwork in Mac OS 10.4.8 and
earlier ...)
+	TODO: check
+CVE-2006-4400 (Stack-based buffer overflow in the Apple Type Services (ATS)
server in ...)
+	TODO: check
 CVE-2006-4399 (User interface inconsistency in Workgroup Manager in Apple Mac
OS X ...)
 	NOT-FOR-US: Mac OS
-CVE-2006-4398
-	RESERVED
+CVE-2006-4398 (Multiple buffer overflows in the Apple Type Services (ATS)
server in ...)
+	TODO: check
 CVE-2006-4397 (Unchecked error condition in LoginWindow in Apple Mac OS X 10.4
...)
 	NOT-FOR-US: Mac OS
-CVE-2006-4396
-	RESERVED
+CVE-2006-4396 (The Apple Type Services (ATS) server in Mac OS X 10.4.8 and
earlier ...)
+	TODO: check
 CVE-2006-4395 (Unspecified vulnerability in QuickDraw Manager in Apple Mac OS X
...)
 	NOT-FOR-US: Mac OS
 CVE-2006-4394 (A logic error in LoginWindow in Apple Mac OS X 10.4 through
10.4.7, ...)
@@ -4545,8 +4565,8 @@
 	RESERVED
 CVE-2006-4100
 	RESERVED
-CVE-2006-4099
-	RESERVED
+CVE-2006-4099 (Business Objects Crystal Enterprise 9 and 10 generates
predictable ...)
+	TODO: check
 CVE-2006-4098
 	RESERVED
 CVE-2006-4097
Secure testing commits - Nov 2006 - r5029 - data/CVE

[Secure-testing-commits] r5029 - data/CVE
