thr3ads.net - Secure testing commits - [Secure-testing-commits] r3838

If this information is useful, please help other people find it:
Share via:
Joey Hess
2006-Apr-20 21:15 UTC
[Secure-testing-commits] r3838 - data/CVE

Author: joeyh
Date: 2006-04-20 21:14:24 +0000 (Thu, 20 Apr 2006)
New Revision: 3838

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2006-04-20 21:10:32 UTC (rev 3837)
+++ data/CVE/list	2006-04-20 21:14:24 UTC (rev 3838)
@@ -1,3 +1,165 @@
+CVE-2006-1906 (Cross-site scripting (XSS) vulnerability in index.php in
phpLister ...)
+	TODO: check
+CVE-2006-1905 (Multiple format string vulnerabilities in xiTK (xitk/main.c) in
xine ...)
+	TODO: check
+CVE-2006-1904 (Cross-site scripting (XSS) vulnerability in index.php in
AnimeGenesis ...)
+	TODO: check
+CVE-2006-1903 (Multiple cross-site scripting (XSS) vulnerabilities in UserLand
Manila ...)
+	TODO: check
+CVE-2006-1902 (fold_binary in fold-const.c in GNU Compiler Collection (gcc) 4.1
...)
+	TODO: check
+CVE-2006-1901 (Mozilla Camino 1.0 and earlier allow remote attackers to cause a
...)
+	TODO: check
+CVE-2006-1900 (Multiple buffer overflows in World Wide Web Consortium (W3C)
Amaya ...)
+	TODO: check
+CVE-2006-1899 (Multiple cross-site scripting (XSS) vulnerabilities in dev
Neuron Blog ...)
+	TODO: check
+CVE-2006-1898 (Multiple cross-site scripting (XSS) vulnerabilities in Ralph
Capper ...)
+	TODO: check
+CVE-2006-1897 (Webplus (aka talentsoft) Web+Shop 5.3.6, when Redirect URL for
&quot;Script ...)
+	TODO: check
+CVE-2006-1896 (Unspecified vulnerability in phpBB allows remote authenticated
users ...)
+	TODO: check
+CVE-2006-1895 (Direct static code injection vulnerability in
includes/template.php in ...)
+	TODO: check
+CVE-2006-1894 (Cross-site scripting (XSS) vulnerability in RevoBoard 1.8, as
derived ...)
+	TODO: check
+CVE-2006-1893 (Cross-site scripting (XSS) vulnerability in print.php in ar-blog
5.2 ...)
+	TODO: check
+CVE-2006-1892 (avast! 4 Linux Home Edition 1.0.5 allows local users to modify
...)
+	TODO: check
+CVE-2006-1891 (Cross-site scripting (XSS) vulnerability in Martin Scheffler
betaboard ...)
+	TODO: check
+CVE-2006-1890 (Multiple PHP remote file inclusion vulnerabilities in myWebland
...)
+	TODO: check
+CVE-2006-1889 (Cross-site scripting (XSS) vulnerability in the search action
handler ...)
+	TODO: check
+CVE-2006-1888 (phpGraphy 0.9.11 and earlier allows remote attackers to bypass
...)
+	TODO: check
+CVE-2006-1887 (Unspecified vulnerability in Oracle JD Edwards EnterpriseOne
Security ...)
+	TODO: check
+CVE-2006-1886 (Unspecified vulnerability in the PeopleTools component in Oracle
...)
+	TODO: check
+CVE-2006-1885 (Multiple unspecified vulnerabilities in the Reporting Framework
...)
+	TODO: check
+CVE-2006-1884 (Unspecified vulnerability in the Oracle Thesaurus Management
System ...)
+	TODO: check
+CVE-2006-1883 (Unspecified vulnerability in the Oracle Application Object
Library ...)
+	TODO: check
+CVE-2006-1882 (Multiple unspecified vulnerabilities in Oracle E-Business Suite
and ...)
+	TODO: check
+CVE-2006-1881 (Unspecified vulnerability in the Financials for Asia/Pacific
component ...)
+	TODO: check
+CVE-2006-1880 (Multiple unspecified vulnerabilities in Oracle E-Business Suite
and ...)
+	TODO: check
+CVE-2006-1879 (Multiple unspecified vulnerabilities in the Email Server
component in ...)
+	TODO: check
+CVE-2006-1878 (Cross-site scripting (XSS) vulnerability in index.php in
phpFaber ...)
+	TODO: check
+CVE-2006-1877 (Unspecified vulnerability in Oracle Database Server 8.1.7.4,
9.0.1.5, ...)
+	TODO: check
+CVE-2006-1876 (Unspecified vulnerability in Oracle Database Server 9.2.0.7 and
...)
+	TODO: check
+CVE-2006-1875 (Unspecified vulnerability in Oracle Database Server 9.0.1.5,
9.2.0.7, ...)
+	TODO: check
+CVE-2006-1874 (Unspecified vulnerability in Oracle Database Server 8.1.7.4,
9.0.1.5, ...)
+	TODO: check
+CVE-2006-1873 (Unspecified vulnerability in Oracle Database Server 9.2.0.7,
10.1.0.4, ...)
+	TODO: check
+CVE-2006-1872 (Unspecified vulnerability in Oracle Database Server 9.0.1.5 and
...)
+	TODO: check
+CVE-2006-1871 (SQL injection vulnerability in Oracle Database Server 9.2.0.7
and ...)
+	TODO: check
+CVE-2006-1870 (Unspecified vulnerability in Oracle Database Server 8.1.7.4,
9.0.1.5, ...)
+	TODO: check
+CVE-2006-1869 (Unspecified vulnerability in Oracle Database Server 8.1.7.4 and
...)
+	TODO: check
+CVE-2006-1868 (Unspecified vulnerability in Oracle Database Server 10.1.0.4 has
...)
+	TODO: check
+CVE-2006-1867 (Unspecified vulnerability in Oracle Database Server 9.2.0.6 has
...)
+	TODO: check
+CVE-2006-1866 (Multiple unspecified vulnerabilities in Oracle Database Server
...)
+	TODO: check
+CVE-2006-1865
+	RESERVED
+CVE-2006-1864
+	RESERVED
+CVE-2006-1863
+	RESERVED
+CVE-2006-1862
+	RESERVED
+CVE-2006-1861
+	RESERVED
+CVE-2006-1860
+	RESERVED
+CVE-2006-1859
+	RESERVED
+CVE-2006-1858
+	RESERVED
+CVE-2006-1857
+	RESERVED
+CVE-2006-1856
+	RESERVED
+CVE-2006-1855
+	RESERVED
+CVE-2006-1854 (Multiple cross-site scripting (XSS) vulnerabilities in BluePay
Manager ...)
+	TODO: check
+CVE-2006-1853 (Multiple SQL injection vulnerabilities in ModernBill 4.3.2 and
earlier ...)
+	TODO: check
+CVE-2006-1852 (SQL injection vulnerability in category.php in Article Publisher
Pro ...)
+	TODO: check
+CVE-2006-1851 (xFlow 5.46.11 and earlier allows remote attackers to determine
the ...)
+	TODO: check
+CVE-2006-1850 (Multiple cross-site scripting (XSS) vulnerabilities in xFlow
5.46.11 ...)
+	TODO: check
+CVE-2006-1849 (Multiple SQL injection vulnerabilities in members_only/index.cgi
in ...)
+	TODO: check
+CVE-2006-1848 (Multiple cross-site scripting (XSS) vulnerabilities in
stats_view.php ...)
+	TODO: check
+CVE-2006-1847 (SQL injection vulnerability in the Your_Account module in
PHP-Nuke 7.8 ...)
+	TODO: check
+CVE-2006-1846 (Cross-site scripting (XSS) vulnerability in the Your_Account
module in ...)
+	TODO: check
+CVE-2006-1845 (Buffer overflow in the POP3 server in Kinesphere Corporation
EXchange ...)
+	TODO: check
+CVE-2006-1844 (The Debian installer for the (1) shadow 4.0.14 and (2)
base-config ...)
+	TODO: check
+CVE-2006-1843 (Cross-site scripting (XSS) vulnerability in global.php in
ShoutBOOK ...)
+	TODO: check
+CVE-2006-1842 (Cross-site scripting (XSS) vulnerability in global.php in
ShoutBOOK ...)
+	TODO: check
+CVE-2006-1841 (Cross-site scripting (XSS) vulnerability in search.php in
boastMachine ...)
+	TODO: check
+CVE-2006-1840 (Multiple unspecified vulnerabilities in Empire Server before
4.3.1 ...)
+	TODO: check
+CVE-2006-1839 (PHP remote file inclusion vulnerability in language.php in PHP
Album ...)
+	TODO: check
+CVE-2006-1838 (edit_kategorie.php in Fuju News 1.0 allows remote attackers to
bypass ...)
+	TODO: check
+CVE-2006-1837 (SQL injection vulnerability in archiv2.php in Fuju News 1.0
allows ...)
+	TODO: check
+CVE-2006-1836 (Untrusted search path vulnerability in unspecified components in
...)
+	TODO: check
+CVE-2006-1835 (Cross-site scripting (XSS) vulnerability in yearcal.php in
Calendarix ...)
+	TODO: check
+CVE-2006-1834 (Integer signedness error in Opera before 8.54 allows remote
attackers ...)
+	TODO: check
+CVE-2006-1833 (Intel RNG Driver in NetBSD 1.6 through 3.0 may incorrectly
detect the ...)
+	TODO: check
+CVE-2006-1832 (sysinfo.cgi in sysinfo 1.21 allows remote attackers to obtain
the ...)
+	TODO: check
+CVE-2006-1831 (Direct static code injection vulnerability in sysinfo.cgi in
sysinfo ...)
+	TODO: check
+CVE-2006-1830 (Sun Java Studio Enterprise 8, when installed as root, creates
certain ...)
+	TODO: check
+CVE-2006-1829 (EAServer Manager in Sybase EAServer 5.2 and 5.3 allows remote
...)
+	TODO: check
+CVE-2006-1828 (SQL injection vulnerability in php121language.php in PHP121 1.4
allows ...)
+	TODO: check
+CVE-2006-1827 (Integer signedness error in format_jpeg.c in Asterisk 1.2.6 and
...)
+	TODO: check
+CVE-2005-4786 (Buffer overflow in the archive decompression library
(vrAZMain.dll ...)
+	TODO: check
 CVE-2006-1826 (Multiple cross-site scripting (XSS) vulnerabilities in Snipe
Gallery ...)
 	NOT-FOR-US: Snipe Gallery
 CVE-2006-1825 (Cross-site scripting (XSS) vulnerability in index.php in
phpLinks ...)
@@ -154,8 +316,7 @@
 	NOT-FOR-US: MD News 1
 CVE-2006-1754 (SQL injection vulnerability in index.php in SWSoft Confixx
3.0.6, ...)
 	NOT-FOR-US: SWSoft Confixx
-CVE-2006-1753 [fcheck local arbitrary file truncate/create vuln]
-	RESERVED
+CVE-2006-1753 (A cron job in fcheck before 2.7.59 allows local users to
overwrite ...)
 	{DSA-1035-1}
 	- fcheck 2.7.59-8
 CVE-2006-1752 (Multiple cross-site scripting (XSS) vulnerabilities in the
backend in ...)
@@ -818,11 +979,9 @@
 	RESERVED
 CVE-2006-1526
 	RESERVED
-CVE-2006-1525 [ip_route_input panic]
-	RESERVED
+CVE-2006-1525 (ip_route_input in Linux kernel before 2.6.16.8 allows local
users to ...)
 	- linux-2.6 2.6.16-9
-CVE-2006-1524 [kernel: tmpfs local data destruction]
-	RESERVED
+CVE-2006-1524 (madvise_remove in Linux kernel 2.4.x and 2.6.x before 2.6.16.6
does ...)
 	- linux-2.6 2.6.16-8
 CVE-2006-1523 (The __group_complete_signal function in the RCU signal handling
...)
 	- linux-2.6 2.6.16-7
@@ -1426,8 +1585,8 @@
 	NOT-FOR-US: Apple Quicktime
 CVE-2006-1248 (Unspecified vulnerability in usermod in HP-UX B.11.00, B.11.11,
and ...)
 	NOT-FOR-US: HP-UX 
-CVE-2006-1247
-	RESERVED
+CVE-2006-1247 (Unspecified vulnerability in rm_mlcache_file command in ...)
+	TODO: check
 CVE-2006-1246 (Unspecified vulnerability in BOS.RTE.LVM in IBM AIX 5.3 has
unknown ...)
 	NOT-FOR-US: AIX 
 CVE-2006-1245 (Buffer overflow in mshtml.dll in Microsoft Internet Explorer
...)
@@ -1874,8 +2033,7 @@
 	- busybox <unfixed> (low; bug #360578)
 CVE-2006-1057
 	RESERVED
-CVE-2006-1056 [x87 information leak between processes]
-	RESERVED
+CVE-2006-1056 (The Linux kernel before 2.6.16.9 and the FreeBSD kernel, when
running ...)
 	- linux-2.6 2.6.16-9
 CVE-2006-1055 (The fill_write_buffer function in sysfs/file.c in Linux kernel
2.6.12 ...)
 	- linux-2.6 2.6.16-6
@@ -3350,7 +3508,7 @@
 	NOTE: Intended behaviour according to maintainer
 CVE-2006-0436 (Unspecified vulnerability in HP HP-UX B.11.00, B.11.04, and
B.11.11 ...)
 	NOT-FOR-US: HP-UX
-CVE-2006-0435 (Unspecified vulnerability in Oracle PL/SQL (PLSQL) allows
attackers to ...)
+CVE-2006-0435 (Unspecified vulnerability in Oracle PL/SQL (PLSQL), as used in
...)
 	NOT-FOR-US: Oracle
 CVE-2006-0434 (Directory traversal vulnerability in action.php in phpXplorer
allows ...)
 	NOT-FOR-US: phpXplorer
@@ -4189,7 +4347,7 @@
 	NOT-FOR-US: PostgreSQL on Windows
 CVE-2006-0104 (Directory traversal vulnerability in TinyPHPForum 3.6 and
earlier ...)
 	NOT-FOR-US: TinyPHPForum
-CVE-2006-0103 (TinyPHPForum 3.6 and earlier stores the (1) users/anyuser.hash
and (2) ...)
+CVE-2006-0103 (TinyPHPForum 3.6 and earlier stores the (1)
users/[USERNAME].hash and ...)
 	NOT-FOR-US: TinyPHPForum
 CVE-2006-0102 (Cross-site scripting (XSS) vulnerability in TinyPHPForum (TPF)
3.6 and ...)
 	NOT-FOR-US: TinyPHPForum
Secure testing commits - Apr 2006 - r3838 - data/CVE

[Secure-testing-commits] r3838 - data/CVE
