Author: jmm-guest
Date: 2006-02-12 22:58:32 +0000 (Sun, 12 Feb 2006)
New Revision: 3461
Modified:
data/CVE/list
Log:
new gallery, heimdal issues
NFUs
Modified: data/CVE/list
==================================================================---
data/CVE/list 2006-02-10 21:14:23 UTC (rev 3460)
+++ data/CVE/list 2006-02-12 22:58:32 UTC (rev 3461)
@@ -115,58 +115,68 @@
{DSA-967-1}
- elog 2.6.1+r1642-1
CVE-2006-0593 (Cross-site scripting (XSS) vulnerability in PHP-Fusion before
6.00.304 ...)
- TODO: check
+ NOT-FOR-US: PHP-Fusion
CVE-2006-0592 (Unspecified vulnerability in the Lexmark Printer Sharing LexBce
Server ...)
- TODO: check
+ NOT-FOR-US: Lexmark Printer
CVE-2006-0591 (The crypt_gensalt functions for BSDI-style extended DES-based
and ...)
- TODO: check
+ NOT-FOR-US: crypt_blowfish implementation from OWL, does not seem to be in
Debian
CVE-2006-0590 (MyTopix 1.2.3 allows remote attackers to obtain the installation
path ...)
- TODO: check
+ NOT-FOR-US: MyTopix
CVE-2006-0589 (MyTopix 1.2.3 allows remote attackers to obtain the installation
path ...)
- TODO: check
+ NOT-FOR-US: MyTopix
CVE-2006-0588 (SQL injection vulnerability in search.php in MyTopix 1.2.3
allows ...)
- TODO: check
+ NOT-FOR-US: MyTopix
CVE-2006-0587 (Unspecified vulnerability in Gallery before 1.5.2-pl2 allows
remote ...)
- TODO: check
+ - gallery 1.5.2-pl2-1
CVE-2006-0586 (Multiple SQL injection vulnerabilities in Oracle 10g Release 1
before ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2006-0585 (jscript.dll in Microsoft Internet Explorer 6.0 SP1 and earlier
allows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2006-0584 (The PSCipher function in PeopleSoft People Tools 8.4x uses weak
...)
- TODO: check
+ NOT-FOR-US: PeopleSoft People Tools
CVE-2006-0583 (SQL injection vulnerability in mailarticle.php in Clever Copy
3.0 and ...)
- TODO: check
+ NOT-FOR-US: Clever Copy
CVE-2006-0582 (Unspecified vulnerability in Heimdal rshd 0.6.x before 0.6.6 and
0.7.x ...)
- TODO: check
+ - heimdal <unfixed>
CVE-2006-0581 (SQL injection vulnerability in Hosting Controller 6.1 Hotfix 2.8
...)
- TODO: check
+ NOT-FOR-US: Hosting Controller
CVE-2006-0580 (IBM Lotus Domino Server 7.0 allows remote attackers to cause a
denial ...)
- TODO: check
+ NOT-FOR-US: Lotus Domino
CVE-2006-0579 (Multiple integer overflows in (1) the new_demux_packet function
in ...)
- TODO: check
+ TODO: check, whether the vulnerable code is present in xine-lib or ffmpeg
CVE-2006-0578 (Blue Coat Proxy Security Gateway OS (SGOS) 4.1.2.1 does not
enforce ...)
- TODO: check
+ NOT-FOR-US: Blue Coat Proxy Security Gateway OS
CVE-2006-0577 (Lexmark X1185 printer allows local users to gain SYSTEM
privileges by ...)
- TODO: check
+ NOT-FOR-US: Lexmark printer
CVE-2006-0576 (Untrusted search path vulnerability in opcontrol in OProfile
0.9.1 and ...)
+ NOT-FOR-US:
TODO: check
CVE-2006-0575 (convert-fcrontab in Fcron 2.9.5 and 3.0.0 allows remote
attackers to ...)
+ NOT-FOR-US:
TODO: check
CVE-2006-0574 (Cross-site scripting (XSS) vulnerability in mime/handle.html in
cPanel ...)
+ NOT-FOR-US:
TODO: check
CVE-2006-0573 (Multiple cross-site scripting (XSS) vulnerabilies in cPanel 10
and ...)
+ NOT-FOR-US:
TODO: check
CVE-2006-0572 (phpstatus 1.0 does not require passwords when using cookies to
...)
+ NOT-FOR-US:
TODO: check
CVE-2006-0571 (Multiple cross-site scripting (XSS) vulnerabilities in phpstatus
1.0 ...)
+ NOT-FOR-US:
TODO: check
CVE-2006-0570 (Multiple SQL injection vulnerabilities in phpstatus 1.0, when
...)
+ NOT-FOR-US:
TODO: check
CVE-2006-0569 (Cross-site scripting (XSS) vulnerability in user_class.php in
Papoo ...)
+ NOT-FOR-US:
TODO: check
CVE-2006-0568 (Cross-site scripting (XSS) vulnerability in throw.main in
Outblaze ...)
+ NOT-FOR-US:
TODO: check
CVE-2006-0567 (Directory traversal vulnerability in Files Xaraya module before
0.5.1, ...)
+ NOT-FOR-US:
TODO: check
CVE-2006-XXXX [bluez-hcidump DoS]
- bluez-hcidump <unfixed> (bug #351881)