Author: joeyh Date: 2006-04-03 21:14:26 +0000 (Mon, 03 Apr 2006) New Revision: 3738 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-04-03 17:03:46 UTC (rev 3737) +++ data/CVE/list 2006-04-03 21:14:26 UTC (rev 3738) @@ -1,8 +1,120 @@ -CVE-2006-1548 [struts xss] +CVE-2006-1586 (SQL injection vulnerability in admin_login.asp in ISP of Egypt SiteMan ...) + TODO: check +CVE-2006-1585 (Multiple SQL injection vulnerabilities in MonAlbum 0.8.7 allow remote ...) + TODO: check +CVE-2006-1584 (Unspecified vulnerability in index.php in Warcraft III Replay Parser ...) + TODO: check +CVE-2006-1583 (Cross-site scripting (XSS) vulnerability in index.php in Warcraft III ...) + TODO: check +CVE-2006-1582 (Cross-site scripting (XSS) vulnerability in index.php in Blank''N''Berg ...) + TODO: check +CVE-2006-1581 (Directory traversal vulnerability in index.php in Blank''N''Berg 0.2 ...) + TODO: check +CVE-2006-1580 (Multiple cross-site scripting (XSS) vulnerabilities in Bugzero 4.3.1 ...) + TODO: check +CVE-2006-1579 (SQL injection vulnerability in topics.php in Dynamic Bulletin Board ...) + TODO: check +CVE-2006-1578 (Multiple SQL injection vulnerabilities in Keystone Digital Library ...) + TODO: check +CVE-2006-1577 (Multiple cross-site scripting (XSS) vulnerabilities in ...) + TODO: check +CVE-2006-1576 (Direct static code injection vulnerability in QLnews 1.2 allows remote ...) + TODO: check +CVE-2006-1575 (Multiple cross-site scripting (XSS) vulnerabilities in news.php in ...) + TODO: check +CVE-2006-1574 (Cross-site scripting (XSS) vulnerability in Groupmax World Wide Web, ...) + TODO: check +CVE-2006-1573 (PHP remote file inclusion vulnerability in index.php in MediaSlash ...) + TODO: check +CVE-2006-1572 (SQL injection vulnerability in post.php in Oxygen 1.1.3 allows remote ...) + TODO: check +CVE-2006-1571 (Multiple SQL injection vulnerabilities in loginprocess.php in ...) + TODO: check +CVE-2006-1570 (Cross-site scripting (XSS) vulnerability in Esqlanelapse 2.0 and 2.2 ...) + TODO: check +CVE-2006-1569 (Multiple SQL injection vulnerabilities in RedCMS 0.1 allow remote ...) + TODO: check +CVE-2006-1568 (Multiple cross-site scripting (XSS) vulnerabilities in register.php in ...) + TODO: check +CVE-2006-1567 (Cross-site scripting (XSS) vulnerability in searchresults.asp in ...) + TODO: check +CVE-2006-1566 (Untrusted search path vulnerability in libtunepimp-perl 0.4.2-1 in ...) + TODO: check +CVE-2006-1565 (Untrusted search path vulnerability in libgpib-perl 3.2.06-2 in Debian ...) + TODO: check +CVE-2006-1564 (Untrusted search path vulnerability in libapache2-svn 1.3.0-4 for ...) + TODO: check +CVE-2006-1563 (Direct static code injection vulnerability in config.php in vscripts ...) + TODO: check +CVE-2006-1562 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...) + TODO: check +CVE-2006-1561 (SQL injection vulnerability in index.php in vscripts (aka Kuba ...) + TODO: check +CVE-2006-1560 (Multiple SQL injection vulnerabilities in SkinTech phpNewsManager 1.48 ...) + TODO: check +CVE-2006-1559 (SQL injection vulnerability in PHP Script Index allows remote ...) + TODO: check +CVE-2006-1558 (Cross-site scripting (XSS) vulnerability in search.php in PHP Script ...) + TODO: check +CVE-2006-1557 (Multiple SQL injection vulnerabilities in X-Changer 0.2 allow remote ...) + TODO: check +CVE-2006-1556 (Multiple cross-site scripting (XSS) vulnerabilities in ...) + TODO: check +CVE-2006-1555 (VSNS Lemon 3.2.0 allows remote attackers to bypass authentication and ...) + TODO: check +CVE-2006-1554 (Cross-site scripting (XSS) vulnerability in VSNS Lemon 3.2.0 allows ...) + TODO: check +CVE-2006-1553 (SQL injection vulnerability in functions/final_functions.php in VSNS ...) + TODO: check +CVE-2006-1552 (ImageIO in Apple Mac OS X 10.4 up to 10.4.5 allows remote attackers to ...) + TODO: check +CVE-2006-1551 + RESERVED +CVE-2006-1549 + RESERVED +CVE-2005-4767 (BEA WebLogic Server and WebLogic Express 8.1 SP5 and earlier, and 7.0 ...) + TODO: check +CVE-2005-4766 (BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, and 7.0 ...) + TODO: check +CVE-2005-4765 (BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier and 7.0 ...) + TODO: check +CVE-2005-4764 (BEA WebLogic Server and WebLogic Express 9.0, 8.1, and 7.0 lock out ...) + TODO: check +CVE-2005-4763 (BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, 7.0 SP6 ...) + TODO: check +CVE-2005-4762 (BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, 7.0 SP6 ...) + TODO: check +CVE-2005-4761 (BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, 7.0 SP5 ...) + TODO: check +CVE-2005-4760 (BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier, and 7.0 ...) + TODO: check +CVE-2005-4759 (BEA WebLogic Server and WebLogic Express 8.1 and 7.0, during a ...) + TODO: check +CVE-2005-4758 (Unspecified vulnerability in the Administration server in BEA WebLogic ...) + TODO: check +CVE-2005-4757 (BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier, and 7.0 ...) + TODO: check +CVE-2005-4756 (BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, and 7.0 ...) + TODO: check +CVE-2005-4755 (BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier (1) ...) + TODO: check +CVE-2005-4754 (BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier allow ...) + TODO: check +CVE-2005-4753 (BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, and 7.0 ...) + TODO: check +CVE-2005-4752 (BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, and 7.0 ...) + TODO: check +CVE-2005-4751 (Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic ...) + TODO: check +CVE-2005-4750 (BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, 7.0 SP5 ...) + TODO: check +CVE-2005-4749 (HTTP request smuggling vulnerability in BEA WebLogic Server and ...) + TODO: check +CVE-2006-1548 (Cross-site scripting (XSS) vulnerability in (1) LookupDispatchAction ...) - libstruts1.2-java <unfixed> (bug #360551) -CVE-2006-1547 [struts dos] +CVE-2006-1547 (ActionForm in Apache Software Foundation (ASF) Struts before 1.2.9 ...) - libstruts1.2-java <unfixed> (bug #360551) -CVE-2006-1546 [struts validation bypass] +CVE-2006-1546 (Apache Software Foundation (ASF) Struts before 1.2.9 allows remote ...) - libstruts1.2-java <unfixed> (bug #360551) CVE-2006-1545 (Direct static code injection vulnerability in admin/config.php in ...) TODO: check @@ -138,7 +250,7 @@ CVE-2006-XXXX [hamlib3-perl rpath set to user home] - hamlib <unfixed> (bug #358166; low) [sarge] - hamlib <no-dsa> (Only exploitable with strange user name) -CVE-2006-1550 [dia buffer overflow in xfig import] +CVE-2006-1550 (Multiple buffer overflows in the xfig import code (xfig-import.c) in ...) - dia 0.94.0-18 (bug #360566) CVE-2006-1498 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.5.8 and ...) - mediawiki 1.4.15-1 @@ -1086,8 +1198,7 @@ [sarge] - curl <not-affected> (Vulnerable code not present) CVE-2006-1060 RESERVED -CVE-2006-1059 [samba info leak in logging] - RESERVED +CVE-2006-1059 (The winbindd daemon in Samba 3.0.21 to 3.0.21c writes the machine ...) - samba 3.0.22-1 [woody] - samba <not-affected> [sarge] - samba <not-affected> @@ -3632,8 +3743,7 @@ CVE-2006-0053 [libimager-perl DoS] RESERVED - libimager-perl <unfixed> (bug #359661) -CVE-2006-0052 [Scrubber.py mailman dos] - RESERVED +CVE-2006-0052 (The attachment scrubber (Scrubber.py) in Mailman 2.1.5 and earlier, ...) - mailman <unfixed> (bug #358892) CVE-2006-0051 RESERVED