Author: jmm-guest Date: 2005-11-21 09:46:20 +0000 (Mon, 21 Nov 2005) New Revision: 2810 Modified: data/CVE/list Log: centericq/dos CVEfied and fixed openswan/dos CVEfied and fixed add some itp notes to xoops issues lots of NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2005-11-21 09:29:07 UTC (rev 2809) +++ data/CVE/list 2005-11-21 09:46:20 UTC (rev 2810) @@ -1,109 +1,110 @@ -begin claimed by jmm CVE-2005-3731 (Unspecified vulnerability in yaSSL before 1.0.6 has unknown impact and ...) - TODO: check + NOT-FOR-US: yaSSL CVE-2005-3730 (Multiple cross-site scripting (XSS) vulnerabilities in ...) - TODO: check + NOT-FOR-US: Revize CMS CVE-2005-3729 (Idetix Software Systems Revize CMS allows remote attackers to obtain ...) - TODO: check + NOT-FOR-US: Revize CMS CVE-2005-3728 (Idetix Software Systems Revize CMS stores conf/revize.xml under the ...) - TODO: check + NOT-FOR-US: Revize CMS CVE-2005-3727 (SQL injection vulnerability in debug/query_results.jsp in Idetix ...) - TODO: check + NOT-FOR-US: Revize CMS CVE-2005-3726 (SQL injection vulnerability in Interspire ArticleLive NX 0.3 allows ...) - TODO: check + NOT-FOR-US: ArticleLive NX CVE-2005-3725 (Zyxel P2000W Version 1 VOIP WIFI Phone Wj.00.10 uses hardcoded IP ...) - TODO: check + NOT-FOR-US: Zyxel WIFI Phone CVE-2005-3724 (Zyxel P2000W Version 1 VOIP WIFI Phone Wj.00.10 allows remote ...) - TODO: check + NOT-FOR-US: Zyxel WIFI Phone CVE-2005-3723 (Hitachi IP5000 VOIP WIFI Phone 1.5.6 does not allow the user to ...) - TODO: check + NOT-FOR-US: Hitachi WIFI Phone CVE-2005-3722 (The SNMP v1/v2c daemon in Hitachi IP5000 VOIP WIFI Phone 1.5.6 allows ...) - TODO: check + NOT-FOR-US: Hitachi WIFI Phone CVE-2005-3721 (The default configuration of the HTTP server in Hitachi IP5000 VOIP ...) - TODO: check + NOT-FOR-US: Hitachi WIFI Phone CVE-2005-3720 (The default index page in the HTTP server in Hitachi IP5000 VOIP WIFI ...) - TODO: check + NOT-FOR-US: Hitachi WIFI Phone CVE-2005-3719 (Hitachi IP5000 VOIP WIFI Phone 1.5.6 has a hard-coded administrator ...) - TODO: check + NOT-FOR-US: Hitachi WIFI Phone CVE-2005-3718 (UTStarcom F1000 VOIP WIFI Phone s2.0 running VxWorks 5.5.1 with kernel ...) - TODO: check + NOT-FOR-US: UTStarcom WIFI Phone CVE-2005-3717 (The telnet daemon in UTStarcom F1000 VOIP WIFI Phone s2.0 running ...) - TODO: check + NOT-FOR-US: UTStarcom WIFI Phone CVE-2005-3716 (The SNMP daemon in UTStarcom F1000 VOIP WIFI Phone s2.0 running ...) - TODO: check + NOT-FOR-US: UTStarcom WIFI Phone CVE-2005-3715 (Senao SI-680H Wireless VoIP Phone Firmware 0.03.0839 leaves the ...) - TODO: check + NOT-FOR-US: Senao Wireless VoIP Phone CVE-2005-3699 (Opera Web Browser 8.50 and 8.0 through 8.0.2 allows remote attackers ...) - TODO: check + NOT-FOR-US: Opera CVE-2005-3698 (PHP Easy Download allows remote attackers to bypass authentication via ...) - TODO: check + NOT-FOR-US: PHP Easy Download CVE-2005-3697 (Unspecified vulnerability in the administration interface in Uresk ...) - TODO: check + NOT-FOR-US: Uresk Links Lite CVE-2005-3696 (SQL injection vulnerability in Arki-DB 1.0 and 2.0 allows remote ...) - TODO: check + NOT-FOR-US: Arki-DB CVE-2005-3695 (Cross-site scripting (XSS) vulnerability in admin/config/confMgr.php ...) - TODO: check + NOT-FOR-US: LiteSpeed Webserver CVE-2005-3694 (centericq 4.20.0-r3 with "Enable peer-to-peer communications" set ...) - TODO: check + - centericq 4.21.0-4 (bug #334089; low) CVE-2005-3693 (The AxWebRemoveCtrl ActiveX control for uninstalling the SunnComm ...) - TODO: check + NOT-FOR-US: SunnComm MediaMax DRM CVE-2005-3692 (Cross-site scripting (XSS) vulnerability in AMAX Magic Winmail Server ...) - TODO: check + NOT-FOR-US: AMAX Magic Winmail Server CVE-2005-3691 (Directory traversal vulnerability in the IMAP service (meimaps.exe) of ...) - TODO: check + NOT-FOR-US: MailEnable Professional CVE-2005-3690 (Stack-based buffer overflow in the IMAP service (meimaps.exe) of ...) - TODO: check + NOT-FOR-US: MailEnable Professional CVE-2005-3689 (post.php in XMB 1.9.2 allows remote attackers to obtain the ...) - TODO: check + NOT-FOR-US: XMB CVE-2005-3688 (Cross-site scripting (XSS) vulnerability in members.php in XMB 1.9.3 ...) - TODO: check + NOT-FOR-US: XMB CVE-2005-3687 (cancel_account.php in WHM AutoPilot 2.5.30 and earlier allows remote ...) - TODO: check + NOT-FOR-US: WHM AutoPilot CVE-2005-3686 (SQL injection vulnerability in search.inc.php in Unclassified ...) - TODO: check + NOT-FOR-US: Unclassified Newsboard CVE-2005-3685 (Cross-site scripting (XSS) vulnerability in shopadmin.asp in VP-ASP ...) - TODO: check + NOT-FOR-US: VP-ASP Shopping Cart CVE-2005-3684 (Multiple buffer overflows in freeFTPd 1.0.8, without logging enabled, ...) - TODO: check + NOT-FOR-US: freeFTPd CVE-2005-3683 (Stack-based buffer overflow in freeFTPd before 1.0.9 with Logging ...) - TODO: check + NOT-FOR-US: freeFTPd CVE-2005-3682 (Multiple SQL injection vulnerabilities in Wizz Forum 1.20 allow remote ...) - TODO: check + NOT-FOR-US: Wizz Forum CVE-2005-3681 (SQL injection vulnerability in viewcat.php in XOOPS WF-Downloads ...) - TODO: check + - xoops <itp> (bug #207640) CVE-2005-3680 (Directory traversal vulnerability in editor_registry.php in XOOPS ...) - TODO: check + - xoops <itp> (bug #207640) CVE-2005-3679 (SQL injection vulnerability in admin/index.php in ActiveCampaign ...) - TODO: check + NOT-FOR-US: ActiveCampaign 1-2-All Broadcast Email CVE-2005-3678 (Google Talk before 1.0.0.76, with email notification enabled, allows ...) - TODO: check + NOT-FOR-US: Google Talk CVE-2005-3677 (Buffer overflow in RealNetworks RealPlayer 10 and 10.5 allows remote ...) - TODO: check + NOT-FOR-US: RealPlayer + TODO: check Helix, some past issues affected it as well CVE-2005-3676 (SQL injection vulnerability in download.php in PhpWebThings 1.4.4 ...) - TODO: check + NOT-FOR-US: PhpWebThings CVE-2005-3675 (The Transmission Control Protocol (TCP) allows remote attackers to ...) TODO: check CVE-2005-3674 (The Internet Key Exchange version 1 (IKEv1) implementation in the ...) - TODO: check + NOT-FOR-US: libike from Solaris CVE-2005-3673 (The Internet Key Exchange version 1 (IKEv1) implementation in Check ...) - TODO: check + NOT-FOR-US: Check Point''s IKE implementation CVE-2005-3672 (The Internet Key Exchange version 1 (IKEv1) implementation in ...) - TODO: check + NOT-FOR-US: StoneGate''s IKE implementation CVE-2005-3671 (The Internet Key Exchange version 1 (IKEv1) implementation in Openswan ...) - TODO: check + - openswan 1:2.4.4-1 (bug #339082; medium) + NOTE: Initial 2.4.3 didn''t fix all the issues from the NISCC report + TODO: Keep an eye on ipsec-tools''s upstream, it''s potentially affected as well CVE-2005-3670 (Multiple unspecified vulnerabilities in the Internet Key Exchange ...) - TODO: check + NOT-FOR-US: HP-UX''s IKE implementation CVE-2005-3669 (Multiple unspecified vulnerabilities in the Internet Key Exchange ...) - TODO: check + NOT-FOR-US: Cisco''s IKE implementation CVE-2005-3668 (Multiple buffer overflows in multiple unspecified implementations of ...) - TODO: check + NOT-FOR-US: Just a "meta CVE" for all the IKE issues, will possibly be rejected CVE-2005-3667 (Multiple unspecified vulnerabilities in multiple unspecified ...) - TODO: check + NOT-FOR-US: Just a "meta CVE" for all the IKE issues, will possibly be rejected CVE-2005-3666 (Multiple unspecified format string vulnerabilities in multiple ...) - TODO: check + NOT-FOR-US: Just a "meta CVE" for all the IKE issues, will possibly be rejected CVE-2005-3665 RESERVED -end claimed by jmm CVE-2004-2558 (Unspecified vulnerability in IBM Tivoli SecureWay Policy Director 3.8, ...) TODO: check CVE-2004-2557 (NetGear WG602 (aka WG602v1) Wireless Access Point 1.7.14 has a ...) @@ -833,10 +834,6 @@ TODO: check CVE-2005-3621 (CRLF injection vulnerability in phpMyAdmin before 2.6.4-pl4 allows ...) - phpmyadmin 4:2.6.4-pl4-1 (bug #339437; medium) -CVE-2005-XXXX [openswan isakmp dos] - - openswan 1:2.4.4-1 (bug #339082; medium) - NOTE: Initial 2.4.3 didn''t fix all the issues from the NISCC report - TODO: Keep an eye on ipsec-tools''s upstream, it''s potentially affected as well CVE-2005-XXXX [Two unspecified issues in non-free rar] - rar <unfixed> (bug #339077; unknown) CVE-2005-3524 (Buffer overflow in the SSL-ready version of linux-ftpd ...) @@ -1684,8 +1681,6 @@ - flexbackup <unfixed> (bug #334350; low) CVE-2005-XXXX [xscreensaver does not maintain screen locks during upgrade] - xscreensaver <unfixed> (bug #334193; low) -CVE-2005-XXXX [centericq remote dos by special nmap scan] - - centericq <unfixed> (bug #334089; low) CVE-2005-3185 (Stack-based buffer overflow in the ntlm_output function in http-ntlm.c ...) - wget 1.10.2-1 (medium) - curl 7.15.0-1 (bug #333734; medium) @@ -5504,9 +5499,9 @@ NOTE: cannot reproduce with firefox 1.0.5-1 using POC exploits - mozilla 2:1.7.10-1 (bug #318723; medium) CVE-2005-2113 (SQL injection vulnerability in the loginUser function in the XMLRPC ...) - NOT-FOR-US: XOOPS + - xoops <itp> (bug #207640) CVE-2005-2112 (Multiple cross-site scripting (XSS) vulnerabilities in XOOPS 2.0.11 ...) - NOT-FOR-US: XOOPS + - xoops <itp> (bug #207640) CVE-2005-2111 (login.cgi in Community Link Pro Web Editor allows remote attackers to ...) NOT-FOR-US: Community Link Pro Web Editor CVE-2005-2110 (WordPress 1.5.1.2 and earlier allows remote attackers to obtain ...)