Author: joeyh Date: 2006-05-02 09:14:20 +0000 (Tue, 02 May 2006) New Revision: 3905 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-05-01 09:14:25 UTC (rev 3904) +++ data/CVE/list 2006-05-02 09:14:20 UTC (rev 3905) @@ -1,3 +1,133 @@ +CVE-2006-2133 (SQL injection vulnerability in index.php in BoonEx Barracuda 1.1 and ...) + TODO: check +CVE-2006-2132 (SQL injection vulnerability in detail.asp in DUclassified allows ...) + TODO: check +CVE-2006-2131 (include/class_poll.php in Advanced Poll 2.0.4 uses the ...) + TODO: check +CVE-2006-2130 (SQL injection vulnerability in include/class_poll.php in Advanced Poll ...) + TODO: check +CVE-2006-2129 (Direct static code injection vulnerability in Pro Publish 2.0 allows ...) + TODO: check +CVE-2006-2128 (Multiple SQL injection vulnerabilities in Pro Publish 2.0 allow remote ...) + TODO: check +CVE-2006-2127 (SQL injection vulnerability in weblog_posting.php in Blog Mod 0.2.x ...) + TODO: check +CVE-2006-2126 (SQL injection vulnerability in pocategories.php in MaxTrade 1.0.1 and ...) + TODO: check +CVE-2006-2125 (Unspecified vulnerability in xterm in HP-UX B.11.00, B.11.11, and ...) + TODO: check +CVE-2006-2124 (Multiple cross-site scripting (XSS) vulnerabilities in SunShop 3.5 and ...) + TODO: check +CVE-2006-2123 (Multiple SQL injection vulnerabilities in the report interface in ...) + TODO: check +CVE-2006-2122 (PHP remote file inclusion vulnerability in index.php in CoolMenus allows ...) + TODO: check +CVE-2006-2121 (PHP remote file include vulnerability in admin/config_settings.tpl.php ...) + TODO: check +CVE-2006-2120 (The TIFFToRGB function in libtiff before 3.8.1 allows remote attackers ...) + TODO: check +CVE-2006-2119 (PHP remote file inclusion vulnerability in event/index.php in Artmedic ...) + TODO: check +CVE-2006-2118 (JMK''s Picture Gallery allows remote attackers to bypass authentication ...) + TODO: check +CVE-2006-2117 (Cross-site scripting (XSS) vulnerability in Thyme 1.3 allows remote ...) + TODO: check +CVE-2006-2116 (planetGallery allows remote attackers to gain administrator privileges ...) + TODO: check +CVE-2006-2115 (Format string vulnerability in SWS web Server 0.1.7 allows remote ...) + TODO: check +CVE-2006-2114 (Buffer overflow in SWS web Server 0.1.7 allows remote attackers to ...) + TODO: check +CVE-2006-2113 + RESERVED +CVE-2006-2112 + RESERVED +CVE-2006-2111 (Microsoft Internet Explorer 6.0 on Windows XP SP2, and possibly other ...) + TODO: check +CVE-2006-2110 (Virtual Private Server (Vserver) 2.0.x before 2.0.2-rc18 and 2.1.x ...) + TODO: check +CVE-2006-2109 + RESERVED +CVE-2006-2108 (parser.exe in Océ (OCE) 3121/3122 Printer allows remote attackers to ...) + TODO: check +CVE-2006-2107 (Buffer overflow in BL4 SMTP Server 0.1.4 and earlier allows remote ...) + TODO: check +CVE-2006-2106 (Cross-site scripting (XSS) vulnerability in Edgewall Software Trac ...) + TODO: check +CVE-2006-2105 (Directory traversal vulnerability in index.php in Jupiter CMS 1.1.4 ...) + TODO: check +CVE-2006-2104 (Multiple cross-site scripting (XSS) vulnerabilities in Kamgaing Email ...) + TODO: check +CVE-2006-2103 (SQL injection vulnerability in MyBB (MyBulletinBoard) 1.1.1 allows ...) + TODO: check +CVE-2006-2102 (Directory traversal vulnerability in PowerISO 2.9 allows remote ...) + TODO: check +CVE-2006-2101 (Directory traversal vulnerability in WinISO 5.3 allows remote ...) + TODO: check +CVE-2006-2100 (Directory traversal vulnerability in Magic ISO 5.0 Build 0166 allows ...) + TODO: check +CVE-2006-2099 (Directory traversal vulnerability in UltraISO 8.0.0.1392 allows remote ...) + TODO: check +CVE-2006-2098 (PHP remote file inclusion vulnerability in Thumbnail AutoIndex before ...) + TODO: check +CVE-2006-2097 (SQL injection vulnerability in func_msg.php in Invision Power Board ...) + TODO: check +CVE-2006-2096 (plug.php in Land Down Under (LDU) 802 and earlier allows remote ...) + TODO: check +CVE-2006-2095 (Phex before 2.8.6 allows remote attackers to cause a denial of service ...) + TODO: check +CVE-2006-2094 (Microsoft Internet Explorer before Windows XP Service Pack 2 and ...) + TODO: check +CVE-2006-2093 (Nessus before 2.2.8, and 3.x before 3.0.3, allows user-complicit ...) + TODO: check +CVE-2006-2092 (Unspecified vulnerability in HP StorageWorks Secure Path for Windows ...) + TODO: check +CVE-2006-2091 (admin.php in Virtual War (VWar) 1.5 and versions before 1.2 allows ...) + TODO: check +CVE-2006-2090 (Multiple SQL injection vulnerabilities in misc.php in MySmartBB 1.1.x ...) + TODO: check +CVE-2006-2089 (Multiple cross-site scripting (XSS) vulnerabilities in misc.php in ...) + TODO: check +CVE-2006-2088 (Multiple cross-site scripting (XSS) vulnerabilities in Devsyn Open ...) + TODO: check +CVE-2006-2087 (The Gmax Mail client in Hitachi Groupmax before 20060426 allows remote ...) + TODO: check +CVE-2006-2086 (Buffer overflow in JuniperSetupDLL.dll, loaded from JuniperSetup.ocx ...) + TODO: check +CVE-2006-2085 (Multiple buffer overflows in (1) CxAce60.dll and (2) CxAce60u.dll in ...) + TODO: check +CVE-2006-2084 (Multiple cross-site scripting (XSS) vulnerabilities in FarsiNews 2.5.3 ...) + TODO: check +CVE-2006-2083 (Integer overflow in the receive_xattr function in the extended ...) + TODO: check +CVE-2006-2082 + RESERVED +CVE-2006-2081 (Oracle Database Server 10g Release 2 allows local users to execute ...) + TODO: check +CVE-2006-2080 (SQL injection vulnerability in portfolio_photo_popup.php in Verosky ...) + TODO: check +CVE-2006-2079 (Cross-site scripting (XSS) vulnerability in portfolio.php in Verosky ...) + TODO: check +CVE-2006-2078 (Multiple unspecified vulnerabilities in multiple FITELnet products, ...) + TODO: check +CVE-2006-2077 (Buffer overflow in Paul Rombouts pdnsd before 1.2.4 has unknown impact ...) + TODO: check +CVE-2006-2076 (Memory leak in Paul Rombouts pdnsd before 1.2.4 allows remote ...) + TODO: check +CVE-2006-2075 (Unspecified vulnerability in MyDNS 1.1.0 allows remote attackers to ...) + TODO: check +CVE-2006-2074 (Unspecified vulnerability in Juniper Networks JUNOSe E-series routers ...) + TODO: check +CVE-2006-2073 (Unspecified vulnerability in ISC BIND allows remote attackers to cause ...) + TODO: check +CVE-2006-2072 (Multiple unspecified vulnerabilities in DeleGate 9.x before 9.0.6 and ...) + TODO: check +CVE-2005-4793 (Multiple unspecified vulnerabilities in the web utility function in ...) + TODO: check +CVE-2005-4792 (SQL injection vulnerability in index.php in Appalachian State ...) + TODO: check +CVE-2004-2659 (Opera offers an Open button to verify that a user wishes to execute a ...) + TODO: check CVE-2006-2071 (Linux kernel 2.4.x and 2.6.x up to 2.6.16 allows local users to bypass ...) TODO: check CVE-2006-2070 (Cross-site scripting (XSS) vulnerability in member.php in DevBB 1.0.0 ...) @@ -175,8 +305,7 @@ CVE-2006-1990 (Integer overflow in the wordwrap function in string.c in PHP 4.4.2 and ...) - php4 <unfixed> (bug #365311; medium) - php5 <unfixed> (bug #365312; medium) -CVE-2006-1989 [freshclam: lack of proper check for the size of header data] - RESERVED +CVE-2006-1989 (Buffer overflow in the get_database function in the HTTP client in ...) - clamav 0.88.2-1 CVE-2006-1988 (The WebTextRenderer(WebInternal) _CG_drawRun:style:geometry: function ...) NOT-FOR-US: Apple Safari @@ -11718,10 +11847,10 @@ CVE-2005-2317 (Shorewall 2.4.x before 2.4.1, 2.2.x before 2.2.5, and 2.0.x before ...) {DSA-849-1} - shorewall 2.4.1-2 (bug #318946; medium) -CVE-2005-2316 - RESERVED -CVE-2005-2315 - RESERVED +CVE-2005-2316 (Domain Name Relay Daemon (DNRD) before 2.19.1 allows remote attackers ...) + TODO: check +CVE-2005-2315 (Buffer overflow in Domain Name Relay Daemon (DNRD) before 2.19.1 ...) + TODO: check CVE-2005-2314 (inc.login.php in PHPsFTPd 0.2 through 0.4 allows remote attackers to ...) NOT-FOR-US: PHPsFTPd CVE-2005-2313 (Check Point SecuRemote NG with Application Intelligence R54 allows ...) @@ -20623,12 +20752,12 @@ NOTE: These are known issues of IPSEC and basically every VPN system using NOTE: encryption without authentication. NOTE: openswan even prevents such configurations -CVE-2005-0038 - RESERVED -CVE-2005-0037 - RESERVED -CVE-2005-0036 - RESERVED +CVE-2005-0038 (The DNS implementation of PowerDNS 2.9.16 and earlier allows remote ...) + TODO: check +CVE-2005-0037 (The DNS implementation of DNRD before 2.10 allows remote attackers to ...) + TODO: check +CVE-2005-0036 (The DNS implementation in DeleGate 8.10.2 and earlier allows remote ...) + TODO: check CVE-2005-0035 (The Acrobat web control in Adobe Acrobat and Acrobat Reader 7.0 and ...) NOT-FOR-US: Adobe CVE-2005-0034 (An "incorrect assumption" in the authvalidated validator function in ...)