Author: joeyh
Date: 2006-03-29 09:14:24 +0000 (Wed, 29 Mar 2006)
New Revision: 3710
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2006-03-29 08:14:54 UTC (rev 3709)
+++ data/CVE/list 2006-03-29 09:14:24 UTC (rev 3710)
@@ -1,3 +1,197 @@
+CVE-2006-1488 (ActiveCampaign SupportTrio 2.5 allows remote attackers to obtain
the ...)
+ TODO: check
+CVE-2006-1487 (Cross-site scripting (XSS) vulnerability in ActiveCampaign
SupportTrio ...)
+ TODO: check
+CVE-2006-1486 (Multiple cross-site scripting (XSS) vulnerabilities in index.cfm
in ...)
+ TODO: check
+CVE-2006-1485 (gm-upload.cgi in Greymatter 1.3.1 allows remote authenticated
users ...)
+ TODO: check
+CVE-2006-1484 (Genius VideoCAM NB Driver does not drop privileges when saving
files, ...)
+ TODO: check
+CVE-2006-1483 (Blazix Web Server before 1.2.6, when running on Windows, allows
remote ...)
+ TODO: check
+CVE-2006-1482 (Cross-site scripting (XSS) vulnerability in index.php in
ConfTool 1.1 ...)
+ TODO: check
+CVE-2006-1481 (SQL injection vulnerability in search.php in PHP Ticket 0.71
allows ...)
+ TODO: check
+CVE-2006-1480 (Directory traversal vulnerability in start.php in WebAlbum 2.02
allows ...)
+ TODO: check
+CVE-2006-1479 (Multiple cross-site scripting (XSS) vulnerabilities in Serge Rey
...)
+ TODO: check
+CVE-2006-1478 (Directory traversal vulnerability in (1) initiate.php and (2)
possibly ...)
+ TODO: check
+CVE-2006-1477 (Multiple PHP remote file inclusion vulnerabilities in Turnkey
Web ...)
+ TODO: check
+CVE-2006-1476 (Windows Firewall in Microsoft Windows XP SP2 produces incorrect
...)
+ TODO: check
+CVE-2006-1475 (Windows Firewall in Microsoft Windows XP SP2 does not produce
...)
+ TODO: check
+CVE-2006-1474 (Cross-site scripting (XSS) vulnerability in the
"failed" functionality ...)
+ TODO: check
+CVE-2006-1473
+ RESERVED
+CVE-2006-1472
+ RESERVED
+CVE-2006-1471
+ RESERVED
+CVE-2006-1470
+ RESERVED
+CVE-2006-1469
+ RESERVED
+CVE-2006-1468
+ RESERVED
+CVE-2006-1467
+ RESERVED
+CVE-2006-1466
+ RESERVED
+CVE-2006-1465
+ RESERVED
+CVE-2006-1464
+ RESERVED
+CVE-2006-1463
+ RESERVED
+CVE-2006-1462
+ RESERVED
+CVE-2006-1461
+ RESERVED
+CVE-2006-1460
+ RESERVED
+CVE-2006-1459
+ RESERVED
+CVE-2006-1458
+ RESERVED
+CVE-2006-1457
+ RESERVED
+CVE-2006-1456
+ RESERVED
+CVE-2006-1455
+ RESERVED
+CVE-2006-1454
+ RESERVED
+CVE-2006-1453
+ RESERVED
+CVE-2006-1452
+ RESERVED
+CVE-2006-1451
+ RESERVED
+CVE-2006-1450
+ RESERVED
+CVE-2006-1449
+ RESERVED
+CVE-2006-1448
+ RESERVED
+CVE-2006-1447
+ RESERVED
+CVE-2006-1446
+ RESERVED
+CVE-2006-1445
+ RESERVED
+CVE-2006-1444
+ RESERVED
+CVE-2006-1443
+ RESERVED
+CVE-2006-1442
+ RESERVED
+CVE-2006-1441
+ RESERVED
+CVE-2006-1440
+ RESERVED
+CVE-2006-1439
+ RESERVED
+CVE-2006-1438
+ RESERVED
+CVE-2006-1437
+ RESERVED
+CVE-2006-1436
+ RESERVED
+CVE-2006-1435
+ RESERVED
+CVE-2006-1434
+ RESERVED
+CVE-2006-1433
+ RESERVED
+CVE-2006-1432 (fusionZONE couponZONE 4.2 allows remote attackers to obtain the
full ...)
+ TODO: check
+CVE-2006-1431 (Cross-site scripting (XSS) vulnerability in local.cfm in
fusionZONE ...)
+ TODO: check
+CVE-2006-1430 (Multiple cross-site scripting (XSS) vulnerabilities in CONTROLzx
HMS ...)
+ TODO: check
+CVE-2006-1429 (Cross-site scripting (XSS) vulnerability in accountlogon.cfm in
...)
+ TODO: check
+CVE-2006-1428 (Multiple cross-site scripting (XSS) vulnerabilities in phpCOIN
1.2.2 ...)
+ TODO: check
+CVE-2006-1427 (Multiple cross-site scripting (XSS) vulnerabilities in WebAPP
...)
+ TODO: check
+CVE-2006-1426 (Multiple SQL injection vulnerabilities in Pixel Motion Blog
allow ...)
+ TODO: check
+CVE-2006-1425 (Cross-site scripting (XSS) vulnerability in track.php in
phpmyfamily ...)
+ TODO: check
+CVE-2006-1424 (Cross-site scripting (XSS) vulnerability in index.php in
ConfTool 1.1 ...)
+ TODO: check
+CVE-2006-1423 (SQL injection vulnerability in showflat.php in UBB.threads
5.5.1, 6.0 ...)
+ TODO: check
+CVE-2006-1422 (SQL injection vulnerability in details_view.php in PHP Booking
Calendar ...)
+ TODO: check
+CVE-2006-1421 (Multiple SQL injection vulnerabilities in akocomment.php in
AkoComment ...)
+ TODO: check
+CVE-2006-1420 (SQL injection vulnerability in print.php in SaphpLesson 2.0
allows ...)
+ TODO: check
+CVE-2006-1419 (SQL injection vulnerability in the Calendar module in nuked-klan
1.7.5 ...)
+ TODO: check
+CVE-2006-1418 (Cross-site scripting (XSS) vulnerability in default.asp in
E-School ...)
+ TODO: check
+CVE-2006-1417 (Multiple cross-site scripting (XSS) vulnerabilities in Web Quiz
pro, ...)
+ TODO: check
+CVE-2006-1416 (Cross-site scripting (XSS) vulnerability in afmsearch.aspx in
Absolute ...)
+ TODO: check
+CVE-2006-1415 (Cross-site scripting (XSS) vulnerability in iforget.aspx in
dotNetBB ...)
+ TODO: check
+CVE-2006-1414 (Multiple cross-site scripting (XSS) vulnerabilities in toast.asp
in ...)
+ TODO: check
+CVE-2006-1413 (Multiple cross-site scripting (XSS) vulnerabilities in
EZHomepagePro ...)
+ TODO: check
+CVE-2006-1412 (TFT Gallery 0.10 stores sensitive information under the web root
with ...)
+ TODO: check
+CVE-2006-1411 (Cross-site scripting (XSS) vulnerability in Absolute Image
Gallery XE ...)
+ TODO: check
+CVE-2006-1410 (Multiple cross-site scripting (XSS) vulnerabilities in XIGLA
Absolute ...)
+ TODO: check
+CVE-2006-1409 (Buffer overflow in Vavoom 1.19.1 and earlier allows remote
attackers ...)
+ TODO: check
+CVE-2006-1408 (Vavoom 1.19.1 and earlier allows remote attackers to cause a
denial of ...)
+ TODO: check
+CVE-2006-1407 (Multiple cross-site scripting (XSS) vulnerabilities in Helm Web
...)
+ TODO: check
+CVE-2006-1406 (Multiple cross-site scripting (XSS) vulnerabilities in
wbadmlog.aspx ...)
+ TODO: check
+CVE-2006-1405 (Cross-site scripting (XSS) vulnerability in search.aspx in ssCMS
2.1.0 ...)
+ TODO: check
+CVE-2006-1404 (Multiple cross-site scripting (XSS) vulnerabilities in bol.cgi
in ...)
+ TODO: check
+CVE-2006-1403 (Format string vulnerability in the PrintString function in ...)
+ TODO: check
+CVE-2006-1402 (Buffer overflow in client/server Doom (csDoom) 0.7 and earlier
allows ...)
+ TODO: check
+CVE-2006-1401 (Multiple cross-site scripting (XSS) vulnerabilities in
search.php in ...)
+ TODO: check
+CVE-2006-1400 (Cross-site scripting (XSS) vulnerability in ...)
+ TODO: check
+CVE-2006-1399 (Cross-site scripting (XSS) vulnerability in searchresult.php in
...)
+ TODO: check
+CVE-2006-1398 (Cross-site scripting (XSS) vulnerability in guestbook.php in
G-Book ...)
+ TODO: check
+CVE-2006-1397 (Multiple cross-site scripting (XSS) vulnerabilities in (a)
phpAdsNew ...)
+ TODO: check
+CVE-2005-4747 (Cross-site scripting (XSS) vulnerability in WebHost Automation
Ltd ...)
+ TODO: check
+CVE-2005-4746 (Multiple buffer overflows in FreeRADIUS 1.0.3 and 1.0.4 allow
remote ...)
+ TODO: check
+CVE-2005-4745 (SQL injection vulnerability in the rlm_sqlcounter module in
FreeRADIUS ...)
+ TODO: check
+CVE-2005-4744 (Off-by-one error in the sql_error function in sql_unixodbc.c in
...)
+ TODO: check
+CVE-1999-1587 (/usr/ucb/ps in Sun Microsystems Solaris 8 and 9, and certain
earlier ...)
+ TODO: check
CVE-2006-XXXX [libimager-perl DoS]
- libimager-perl <unfixed> (bug #359661)
NOTE: requested ID from Joey
@@ -726,7 +920,7 @@
NOT-FOR-US: VXWorks
CVE-2006-1067 (Linksys WRT54G routers version 5 (running VXWorks) allow remote
...)
NOT-FOR-US: VXWorks
-CVE-2006-1066 (Linux kernel 2.6.16-rc2 and earlier, when running on the IA64
...)
+CVE-2006-1066 (Linux kernel 2.6.16-rc2 and earlier, when running on x86_64
systems ...)
{DSA-1017-1}
CVE-2006-1065 (SQL injection vulnerability in search.php in MyBulletinBoard
(MyBB) ...)
NOT-FOR-US: MyBulletinBoard
@@ -887,12 +1081,12 @@
RESERVED
CVE-2006-0992
RESERVED
-CVE-2006-0991
- RESERVED
-CVE-2006-0990
- RESERVED
-CVE-2006-0989
- RESERVED
+CVE-2006-0991 (Buffer overflow in the NetBackup Sharepoint Services server
daemon ...)
+ TODO: check
+CVE-2006-0990 (Stack-based buffer overflow in the NetBackup Catalog daemon
(bpdbm) in ...)
+ TODO: check
+CVE-2006-0989 (Stack-based buffer overflow in the volume manager daemon (vmd)
in ...)
+ TODO: check
CVE-2006-0988 (The default configuration of the DNS Server service on Windows
Server ...)
NOT-FOR-US: MS Windows issue
CVE-2006-0987 (The default configuration of ISC BIND, when configured as a
caching ...)
@@ -9466,6 +9660,7 @@
CVE-2005-2472 (Multiple buffer overflows in BusinessMail 4.60.00 allow remote
...)
NOT-FOR-US: BusinessMail
CVE-2005-2471 (pstopnm in netpbm does not properly use the
"-dSAFER" option when ...)
+ {DSA-1021-1}
- netpbm-free 2:10.0-9 (bug #319757; low)
CVE-2005-2470 (Buffer overflow in a "core application
plug-in" for Adobe Reader 5.1 ...)
NOT-FOR-US: Adobe