thr3ads.net - Secure testing commits - [Secure-testing-commits] r4800

If this information is useful, please help other people find it:
Share via:
Joey Hess
2006-Oct-02 21:14 UTC
[Secure-testing-commits] r4800 - data/CVE

Author: joeyh
Date: 2006-10-02 21:14:19 +0000 (Mon, 02 Oct 2006)
New Revision: 4800

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2006-10-02 14:29:26 UTC (rev 4799)
+++ data/CVE/list	2006-10-02 21:14:19 UTC (rev 4800)
@@ -1,3 +1,57 @@
+CVE-2006-5099 (lib/exec/fetch.php in DokuWiki before 2006-03-09e, when ...)
+	TODO: check
+CVE-2006-5098 (lib/exec/fetch.php in DokuWiki before 2006-03-09e allows remote
...)
+	TODO: check
+CVE-2006-5097 (PHP remote file inclusion vulnerability in index.php in net2ftp
allows ...)
+	TODO: check
+CVE-2006-5096 (Multiple cross-site scripting (XSS) vulnerabilities in index.php
in ...)
+	TODO: check
+CVE-2006-5095 (** DISPUTED ** ...)
+	TODO: check
+CVE-2006-5094 (PHP remote file inclusion vulnerability in
includes/functions_kb.php ...)
+	TODO: check
+CVE-2006-5093 (PHP remote file inclusion vulnerability in index.php in Tagmin
Control ...)
+	TODO: check
+CVE-2006-5092 (PHP remote file inclusion vulnerability in navigation/menu.php
in ...)
+	TODO: check
+CVE-2006-5091 (Unspecified vulnerability in HP-UX B.11.11 and B.11.23 CIFS
Server ...)
+	TODO: check
+CVE-2006-5090 (Multiple cross-site scripting (XSS) vulnerabilities in Phoenix
...)
+	TODO: check
+CVE-2006-5089 (PHP remote file inclusion vulnerability in mybic_server.php in
My-BIC ...)
+	TODO: check
+CVE-2006-5088 (PHP remote file inclusion vulnerability in
connected_users.lib.php3 in ...)
+	TODO: check
+CVE-2006-5087 (Multiple PHP remote file inclusion vulnerabilities in evoBB 0.3
and ...)
+	TODO: check
+CVE-2006-5086 (Blog Pixel Motion 2.1.1 allows remote attackers to change the
username ...)
+	TODO: check
+CVE-2006-5085 (Static code injection vulnerability in config.php in Blog Pixel
Motion ...)
+	TODO: check
+CVE-2006-5084 (Format string vulnerability in eBay Skype 1.5.0.79 has
unspecified ...)
+	TODO: check
+CVE-2006-5083 (PHP remote file inclusion vulnerability in ...)
+	TODO: check
+CVE-2006-5082 (Unspecified vulnerability in Sugar Suite Open Source (SugarCRM)
before ...)
+	TODO: check
+CVE-2006-5081 (PHP remote file inclusion vulnerability in acc.php in
QuickBlogger ...)
+	TODO: check
+CVE-2006-5080 (Cross-site scripting (XSS) vulnerability in the search function
in Six ...)
+	TODO: check
+CVE-2006-5079 (PHP remote file inclusion vulnerability in class.mysql.php in
Matt ...)
+	TODO: check
+CVE-2006-5078 (PHP remote file inclusion vulnerability in view/general.php in
...)
+	TODO: check
+CVE-2006-5077 (PHP remote file inclusion vulnerability in ...)
+	TODO: check
+CVE-2006-5076 (Multiple PHP remote file inclusion vulnerabilities in
OpenConcept ...)
+	TODO: check
+CVE-2006-5075 (The Kernel SSL Proxy service (svc:/network/ssl/proxy) in Sun
Solaris ...)
+	TODO: check
+CVE-2006-5074 (Cross-site scripting (XSS) vulnerability in home.php in PHP
Invoice ...)
+	TODO: check
+CVE-2006-5073 (Unspecified vulnerability in Sun Solaris 8, 9 and 10 allows
remote ...)
+	TODO: check
 CVE-2006-XXXX [graphicsmagic buffer overflows]
 	- graphicsmagick 1.1.7-9
 	TODO: check for security relevance and CVE-ids. Maybe imagemagick is affected,
too
@@ -305,8 +359,7 @@
 	NOT-FOR-US: SISCO OSI stack for Windows
 CVE-2005-4811 (The hugepage code (hugetlb.c) in Linux kernel 2.6, possibly
2.6.12 and ...)
 	- linux-2.6 2.6.14
-CVE-2006-4925 (openssh GSSAPI information leak)
-	RESERVED
+CVE-2006-4925 (packet.c in ssh in OpenSSH allows remote attackers to cause a
denial ...)
 	- openssh <unfixed> (low)
 	- openssh-krb5 <unfixed> (low)
 	[sarge] - openssh <not-affected>
@@ -1595,7 +1648,7 @@
 	- asterisk 1:1.2.11.dfsg-1 (medium; bug #385060)
 CVE-2006-4344 (CRLF injection vulnerability in CGI-Rescue Mail F/W System
(formd) ...)
 	NOT-FOR-US: CGI-Rescue Mail F/W System
-CVE-2006-4343 (Unspecified vulnerability in the SSLv2 client code in OpenSSL
0.9.7 ...)
+CVE-2006-4343 (The get_server_hello function in the SSLv2 client code in
OpenSSL ...)
 	{DSA-1185-1}
 	- openssl 0.9.8c-2
 	- openssl097 0.9.7k-2
@@ -1825,8 +1878,7 @@
 	RESERVED
 CVE-2006-4248
 	RESERVED
-CVE-2006-4247 [plone password reset vulnerability]
-	RESERVED
+CVE-2006-4247 (Unspecified vulnerability in the Password Reset Tool before
0.4.1 on ...)
 	[sarge] - zope-cmfplone <not-affected> (Vulnerable code not present)
 	- zope-cmfplone <unfixed>
 CVE-2006-4246 (Usermin before 1.220 (20060629) allows remote attackers to read
...)
Secure testing commits - Oct 2006 - r4800 - data/CVE

[Secure-testing-commits] r4800 - data/CVE
