Author: joeyh Date: 2006-05-03 21:14:23 +0000 (Wed, 03 May 2006) New Revision: 3916 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-05-03 20:10:22 UTC (rev 3915) +++ data/CVE/list 2006-05-03 21:14:23 UTC (rev 3916) @@ -1,4 +1,60 @@ -CVE-2006-2148 (Multiple buffer overflows in client.c in CGI:IRC before 0.5.8 ...) +CVE-2006-2161 + RESERVED +CVE-2006-2160 (Cross-site scripting (XSS) vulnerability in Russcom Network Loginphp ...) + TODO: check +CVE-2006-2159 (CRLF injection vulnerability in help.php in Russcom Network Loginphp ...) + TODO: check +CVE-2006-2158 (Dynamic variable evaluation vulnerability in index.php in Stadtaus ...) + TODO: check +CVE-2006-2157 (SQL injection vulnerability in gallery.php in Plogger Beta 2.1 and ...) + TODO: check +CVE-2006-2156 (Directory traversal vulnerability in help/index.php in X7 Chat 2.0 and ...) + TODO: check +CVE-2006-2155 (EMC Retrospect for Windows 6.5 before 6.5.382, 7.0 before 7.0.344, and ...) + TODO: check +CVE-2006-2154 (EMC Retrospect for Windows 6.5 before 6.5.382, 7.0 before 7.0.344, and ...) + TODO: check +CVE-2006-2153 (Cross-site scripting (XSS) vulnerability in HTM_PASSWD in DirectAdmin ...) + TODO: check +CVE-2006-2152 (PHP remote file inclusion vulnerability in admin/addentry.php in phpBB ...) + TODO: check +CVE-2006-2151 (PHP remote file inclusion vulnerability in toplist.php in phpBB ...) + TODO: check +CVE-2006-2150 (PHP remote file inclusion vulnerability in top/list.php in phpBB ...) + TODO: check +CVE-2006-2149 (PHP remote file inclusion vulnerability in sources/lostpw.php in ...) + TODO: check +CVE-2006-2147 (resmgrd in resmgr for SUSE Linux and other distributions does not ...) + TODO: check +CVE-2006-2146 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...) + TODO: check +CVE-2006-2145 (Multiple SQL injection vulnerabilities in index.php in HB-NS 1.1.6 ...) + TODO: check +CVE-2006-2144 (PHP remote file inclusion vulnerability in kopf.php in DMCounter ...) + TODO: check +CVE-2006-2143 (Multiple cross-site scripting (XSS) vulnerabilities in TextFileBB ...) + TODO: check +CVE-2006-2142 (PHP remote file inclusion vulnerability in classes/adodbt/sql.php in ...) + TODO: check +CVE-2006-2141 (Cross-site scripting (XSS) vulnerability in popup_image in ...) + TODO: check +CVE-2006-2140 (Multiple cross-site scripting (XSS) vulnerabilities in OrbitHYIP 2.0 ...) + TODO: check +CVE-2006-2139 (Multiple SQL injection vulnerabilities in PHP Newsfeed 20040723 allow ...) + TODO: check +CVE-2006-2138 (Cross-site scripting (XSS) vulnerability in neomail.pl in NeoMail 1.29 ...) + TODO: check +CVE-2006-2137 (PHP remote file inclusion vulnerability in master.php in OpenPHPNuke ...) + TODO: check +CVE-2006-2136 (SQL injection vulnerability in news.php in AZNEWS allows remote ...) + TODO: check +CVE-2006-2135 (SQL injection vulnerability in login.php in Ruperts News allows remote ...) + TODO: check +CVE-2006-2134 (PHP remote file inclusion vulnerability in /includes/kb_constants.php ...) + TODO: check +CVE-2005-4794 (Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and ...) + TODO: check +CVE-2006-2148 (Multiple buffer overflows in client.c in CGI:IRC (CGIIRC) before 0.5.8 ...) - cgiirc <unfixed> (bug #365680; medium) [sarge] - cgiirc <unfixed> (bug #365680; medium) CVE-2006-2133 (SQL injection vulnerability in index.php in BoonEx Barracuda 1.1 and ...) @@ -17,7 +73,8 @@ TODO: check CVE-2006-2126 (SQL injection vulnerability in pocategories.php in MaxTrade 1.0.1 and ...) TODO: check -CVE-2006-2125 (Unspecified vulnerability in xterm in HP-UX B.11.00, B.11.11, and ...) +CVE-2006-2125 + REJECTED TODO: check CVE-2006-2124 (Multiple cross-site scripting (XSS) vulnerabilities in SunShop 3.5 and ...) TODO: check @@ -49,8 +106,8 @@ TODO: check CVE-2006-2110 (Virtual Private Server (Vserver) 2.0.x before 2.0.2-rc18 and 2.1.x ...) TODO: check -CVE-2006-2109 - RESERVED +CVE-2006-2109 (Cross-site scripting (XSS) vulnerability in the parse_query_str ...) + TODO: check CVE-2006-2108 (parser.exe in Océ (OCE) 3121/3122 Printer allows remote attackers to ...) TODO: check CVE-2006-2107 (Buffer overflow in BL4 SMTP Server 0.1.4 and earlier allows remote ...) @@ -338,7 +395,7 @@ NOT-FOR-US: FlexBB CVE-2006-1977 (Cross-site scripting (XSS) vulnerability in FlexBB 0.5.7 BETA and ...) NOT-FOR-US: FlexBB -CVE-2006-1993 (Mozilla Firefox 1.5.0.2 allows remote attackers to cause a denial of ...) +CVE-2006-1993 (Mozilla Firefox 1.5.0.2, when designMode is enabled, allows remote ...) - firefox 1.5.dfsg+1.5.0.2-2 [sarge] - mozilla-firefox <not-affected> CVE-2006-XXXX [typo3 mailforms can be abused to send spam] @@ -1509,8 +1566,7 @@ RESERVED CVE-2006-1527 RESERVED -CVE-2006-1526 [Buffer overflow in the Xrender extension] - RESERVED +CVE-2006-1526 (Buffer overflow in the Xrender extension in X.org X server 6.8.0 up to ...) - xorg-server 1:1.0.2-8 CVE-2006-1525 (ip_route_input in Linux kernel 2.6 before 2.6.16.8 allows local users ...) - linux-2.6 2.6.16-9 @@ -37350,7 +37406,7 @@ TODO: check CVE-1999-1234 (LSA (LSASS.EXE) in Windows NT 4.0 allows remote attackers to cause a ...) TODO: check -CVE-1999-1232 (day5datacopier in SGI IRIX 6.2 trusts the PATH environmental variable ...) +CVE-1999-1232 (Untrusted search path vulnerability in day5datacopier in SGI IRIX 6.2 ...) TODO: check CVE-1999-1231 (ssh 2.0.12, and possibly other versions, allows valid user names to ...) TODO: check