thr3ads.net - Secure testing commits - [Secure-testing-commits] r3724

If this information is useful, please help other people find it:
Share via:
Joey Hess
2006-Mar-31 09:15 UTC
[Secure-testing-commits] r3724 - data/CVE

Author: joeyh
Date: 2006-03-31 09:14:22 +0000 (Fri, 31 Mar 2006)
New Revision: 3724

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2006-03-31 09:09:03 UTC (rev 3723)
+++ data/CVE/list	2006-03-31 09:14:22 UTC (rev 3724)
@@ -1,3 +1,113 @@
+CVE-2006-1545 (Direct static code injection vulnerability in admin/config.php
in ...)
+	TODO: check
+CVE-2006-1544 (Multiple cross-site scripting (XSS) vulnerabilities in news.php
in ...)
+	TODO: check
+CVE-2006-1543 (Multiple SQL injection vulnerabilities in vscripts (aka Kuba
...)
+	TODO: check
+CVE-2006-1542 (Stack-based buffer overflow in Python 2.4.2 and earlier, running
on ...)
+	TODO: check
+CVE-2006-1541 (SQL injection vulnerability in Default.asp in EzASPSite 2.0 RC3
and ...)
+	TODO: check
+CVE-2006-1540 (Microsoft Office 2002 (aka Office XP) allows user-complicit
attackers ...)
+	TODO: check
+CVE-2006-1539 (Multiple buffer overflows in the checkscores function in
scores.c in ...)
+	TODO: check
+CVE-2006-1538 (The Enova X-Wall ASIC encrypts with a key obtained via Microwire
from ...)
+	TODO: check
+CVE-2006-1537 (Craig Knudsen WebCalendar 1.1.0-CVS allows remote attackers to
obtain ...)
+	TODO: check
+CVE-2006-1536 (Multiple SQL injection vulnerabilities in Phoetux.net
PhxContacts ...)
+	TODO: check
+CVE-2006-1535 (Cross-site scripting (XSS) vulnerability in login.php in
Phoetux.net ...)
+	TODO: check
+CVE-2006-1534 (Multiple SQL injection vulnerabilities in Null news allow remote
...)
+	TODO: check
+CVE-2006-1533 (SQL injection vulnerability in newsletter.php in Sourceworkshop
...)
+	TODO: check
+CVE-2006-1532 (Cross-site scripting (XSS) vulnerability in search.php in PHP
...)
+	TODO: check
+CVE-2006-1531
+	RESERVED
+CVE-2006-1530
+	RESERVED
+CVE-2006-1529
+	RESERVED
+CVE-2006-1528
+	RESERVED
+CVE-2006-1527
+	RESERVED
+CVE-2006-1526
+	RESERVED
+CVE-2006-1525
+	RESERVED
+CVE-2006-1524
+	RESERVED
+CVE-2006-1523
+	RESERVED
+CVE-2006-1522
+	RESERVED
+CVE-2006-1521
+	RESERVED
+CVE-2006-1520
+	RESERVED
+CVE-2006-1519
+	RESERVED
+CVE-2006-1518
+	RESERVED
+CVE-2006-1517
+	RESERVED
+CVE-2006-1516
+	RESERVED
+CVE-2006-1515
+	RESERVED
+CVE-2006-1514
+	RESERVED
+CVE-2006-1513
+	RESERVED
+CVE-2006-1512
+	RESERVED
+CVE-2006-1511 (Buffer overflow in the ILASM assembler in the Microsoft .NET 1.0
and ...)
+	TODO: check
+CVE-2006-1510 (Buffer overflow in calloc.c in the Microsoft Windows XP SP2
ntdll.dll ...)
+	TODO: check
+CVE-2006-1509 (/sbin/passwd in HP-UX B.11.00, B.11.11, and B.11.23 before
20060326 ...)
+	TODO: check
+CVE-2006-1508 (Multiple cross-site scripting (XSS) vulnerabilities in MH
Software ...)
+	TODO: check
+CVE-2006-1507 (Cross-site scripting (XSS) vulnerability in PHPKIT 1.6.03 allows
...)
+	TODO: check
+CVE-2006-1506 (Unspecified vulnerability in rsh in Sun Microsystems Sun Grid
Engine ...)
+	TODO: check
+CVE-2006-1505 (base_maintenance.php in Basic Analysis and Security Engine
(BASE) ...)
+	TODO: check
+CVE-2006-1504 (Multiple cross-site scripting (XSS) vulnerabilities in Arab
Portal 2.0 ...)
+	TODO: check
+CVE-2006-1503 (PHP remote file inclusion vulnerability in ...)
+	TODO: check
+CVE-2006-1502 (Multiple integer overflows in MPlayer 1.0pre7try2 allow remote
...)
+	TODO: check
+CVE-2006-1501 (SQL injection vulnerability in index.php in OneOrZero 1.6.3.0
allows ...)
+	TODO: check
+CVE-2006-1500 (SQL injection vulnerability in index.php in Tilde CMS 3.0 allows
...)
+	TODO: check
+CVE-2006-1499 (SQL injection vulnerability in vCounter.php in vCounter 1.0
allows ...)
+	TODO: check
+CVE-2006-1497 (Directory traversal vulnerability in index.php in ViHor Design
allows ...)
+	TODO: check
+CVE-2006-1496 (Multiple cross-site scripting (XSS) vulnerabilities in index.php
in ...)
+	TODO: check
+CVE-2006-1495 (SQL injection vulnerability in general/sendpassword.php in (1)
...)
+	TODO: check
+CVE-2006-1494
+	RESERVED
+CVE-2006-1493 (Cross-site scripting (XSS) vulnerability in dir.php in Explorer
XP ...)
+	TODO: check
+CVE-2006-1492 (Directory traversal vulnerability in dir.php in Explorer XP
allows ...)
+	TODO: check
+CVE-2006-1489 (Multiple SQL injection vulnerabilities in FusionZONE CouponZONE
...)
+	TODO: check
+CVE-2005-4748 (PHP remote file include vulnerability in functions_admin.php in
...)
+	TODO: check
 CVE-2006-XXXX [gpib rpath set to /tmp]
 	- gpib <unfixed> (bug #358239; low)
 	[sarge] - gpib <not-affected> (rpath not set to /tmp in Sarge)
@@ -9,12 +119,12 @@
 	[sarge] - gauche <not-affected> (gauche-config is a shell script in
Sarge)
 CVE-2006-1550 [dia buffer overflow in xfig import]
 	- dia 0.94.0-18
-CVE-2006-1498 [Unspecified mediawiki issue]
+CVE-2006-1498 (Cross-site scripting (XSS) vulnerability in MediaWiki before
1.5.8 and ...)
 	- mediawiki 1.4.15-1
 	- mediawiki1.5 1.5.8-1
-CVE-2006-1491 [horde3 eval injection()]
+CVE-2006-1491 (Eval injection vulnerability in Horde Application Framework
versions ...)
 	- horde3 <unfixed>
-CVE-2006-1490 [PHP information leak]
+CVE-2006-1490 (PHP before 5.1.3-RC1 might allow remote attackers to obtain
portions ...)
 	- php5 <unfixed> (bug #359904; low)
 	- php4 <unfixed> (bug #359907; low)
 CVE-2006-1488 (ActiveCampaign SupportTrio 2.5 allows remote attackers to obtain
the ...)
@@ -157,9 +267,9 @@
 	TODO: check
 CVE-2006-1419 (SQL injection vulnerability in the Calendar module in nuked-klan
1.7.5 ...)
 	TODO: check
-CVE-2006-1418 (Cross-site scripting (XSS) vulnerability in default.asp in
E-School ...)
+CVE-2006-1418 (Cross-site scripting (XSS) vulnerability in default.asp in
Caloris ...)
 	TODO: check
-CVE-2006-1417 (Multiple cross-site scripting (XSS) vulnerabilities in Web Quiz
pro, ...)
+CVE-2006-1417 (Multiple cross-site scripting (XSS) vulnerabilities in Caloris
...)
 	TODO: check
 CVE-2006-1416 (Cross-site scripting (XSS) vulnerability in afmsearch.aspx in
Absolute ...)
 	TODO: check
@@ -183,7 +293,7 @@
 	TODO: check
 CVE-2006-1406 (Multiple cross-site scripting (XSS) vulnerabilities in
wbadmlog.aspx ...)
 	TODO: check
-CVE-2006-1405 (Cross-site scripting (XSS) vulnerability in search.aspx in ssCMS
2.1.0 ...)
+CVE-2006-1405 (Cross-site scripting (XSS) vulnerability in search.aspx in ...)
 	TODO: check
 CVE-2006-1404 (Multiple cross-site scripting (XSS) vulnerabilities in bol.cgi
in ...)
 	TODO: check
@@ -1133,7 +1243,8 @@
 	NOT-FOR-US: MTS Pro
 CVE-2006-0976 (Directory traversal vulnerability in scan_lang_insert.php in
Boris ...)
 	NOT-FOR-US: SPiD
-CVE-2006-0975 (Multiple unspecified vulnerabilities in Will Estes and John
Millaway ...)
+CVE-2006-0975
+	REJECTED
 	- flex 2.5.33-1
 	NOTE: There are other package affected by this vulnerability
 	NOTE: Martin Pitt has built a list for ubuntu and also mentionned that
@@ -2370,8 +2481,7 @@
 CVE-2006-0460 (Multiple buffer overflows in BomberClone before 0.11.6.2 allow
remote ...)
 	{DSA-997-1}
 	- bomberclone 0.11.6.2-1
-CVE-2006-0459
-	RESERVED
+CVE-2006-0459 (flex.skl in Will Estes and John Millaway Fast Lexical Analyzer
...)
 	{DSA-1020-1}
 CVE-2006-0458 (The DCC ACCEPT command handler in irssi before ...)
 	TODO: check
Secure testing commits - Mar 2006 - r3724 - data/CVE

[Secure-testing-commits] r3724 - data/CVE
