Author: joeyh Date: 2006-05-05 21:14:24 +0000 (Fri, 05 May 2006) New Revision: 3918 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-05-05 07:34:53 UTC (rev 3917) +++ data/CVE/list 2006-05-05 21:14:24 UTC (rev 3918) @@ -1,3 +1,109 @@ +CVE-2006-2214 (Multiple SQL injection vulnerabilities in 4images 1.7.1 and earlier ...) + TODO: check +CVE-2006-2213 (Hostapd 0.3.7-2 allows remote attackers to cause a denial of service ...) + TODO: check +CVE-2006-2212 (Buffer overflow in KarjaSoft Sami FTP Server 2.0.2 and earlier allows ...) + TODO: check +CVE-2006-2211 (Absolute path traversal vulnerability in index.php in 321soft ...) + TODO: check +CVE-2006-2210 (Cross-site scripting (XSS) vulnerability in index.php in 321soft ...) + TODO: check +CVE-2006-2209 (Multiple SQL injection vulnerabilities in index.php in PHP Arena ...) + TODO: check +CVE-2006-2208 (Multiple cross-site scripting (XSS) vulnerabilities in mynews.inc.php ...) + TODO: check +CVE-2006-2207 + RESERVED +CVE-2006-2206 (The MS-Logon authentication scheme in UltraVNC (aka Ultr@VNC) 1.0.1 ...) + TODO: check +CVE-2006-2205 (The audio_write function in NetBSD 3.0 allows local users to cause a ...) + TODO: check +CVE-2006-2204 (SQL injection vulnerability in the topic deletion functionality ...) + TODO: check +CVE-2006-2203 (Unspecified vulnerability in Kerio MailServer before 6.1.4 has unknown ...) + TODO: check +CVE-2006-2202 (SQL injection vulnerability in post.php in Invision Gallery 2.0.6 ...) + TODO: check +CVE-2006-2201 (Unspecified vulnerability in CA CAI Resource Initialization Manager ...) + TODO: check +CVE-2006-2200 + RESERVED +CVE-2006-2199 + RESERVED +CVE-2006-2198 + RESERVED +CVE-2006-2197 + RESERVED +CVE-2006-2196 + RESERVED +CVE-2006-2195 + RESERVED +CVE-2006-2194 + RESERVED +CVE-2006-2193 + RESERVED +CVE-2006-2192 + RESERVED +CVE-2006-2191 + RESERVED +CVE-2006-2190 (Cross-site scripting (XSS) vulnerability in ow-shared.pl in ...) + TODO: check +CVE-2006-2189 (SQL injection vulnerability in search.php in Servous sBLOG 0.7.2 ...) + TODO: check +CVE-2006-2188 (Multiple cross-site scripting (XSS) vulnerabilities in CMScout 1.10 ...) + TODO: check +CVE-2006-2187 (Multiple cross-site scripting (XSS) vulnerabilities in zenphoto 1.0.1 ...) + TODO: check +CVE-2006-2186 (zenphoto 1.0.1 beta and earlier allow remote attackers to obtain ...) + TODO: check +CVE-2006-2185 + RESERVED +CVE-2006-2184 (Cross-site scripting (XSS) vulnerability in search.php in PHPKB ...) + TODO: check +CVE-2006-2183 (Untrusted search path vulnerability in Truecrypt 4.1, when running ...) + TODO: check +CVE-2006-2182 (Multiple PHP remote file inclusion vulnerabilities in (1) eday.php, ...) + TODO: check +CVE-2006-2181 (Multiple cross-site scripting (XSS) vulnerabilities in albinator 2.0.8 ...) + TODO: check +CVE-2006-2180 (Buffer overflow in Golden FTP Server Pro 2.70 allows remote attackers ...) + TODO: check +CVE-2006-2179 (Multiple SQL injection vulnerabilities in CyberBuild allow remote ...) + TODO: check +CVE-2006-2178 (Mulitiple cross-site scripting (XSS) vulnerabilities in CyberBuild ...) + TODO: check +CVE-2006-2177 (Cross-site scripting (XSS) vulnerability in viewcat.php in geoBlog 1.0 ...) + TODO: check +CVE-2006-2176 (Multiple cross-site scripting (XSS) vulnerabilities in links.php in ...) + TODO: check +CVE-2006-2175 (PHP remote file inclusion vulnerability in FtrainSoft Fast Click 2.3.8 ...) + TODO: check +CVE-2006-2174 (Multiple cross-site scripting (XSS) vulnerabilities in ...) + TODO: check +CVE-2006-2173 (Buffer overflow in FileZilla FTP Server allows remote authenticated ...) + TODO: check +CVE-2006-2172 (Buffer overflow in Gene6 FTP Server 3.1.0 allows remote authenticated ...) + TODO: check +CVE-2006-2171 (Buffer overflow in WDM.exe in WarFTPD allows remote attackers to ...) + TODO: check +CVE-2006-2170 (Buffer overflow in ArgoSoft FTP Server allows remote attackers to ...) + TODO: check +CVE-2006-2169 (RT: Request Tracker 3.5.HEAD allows remote attackers to obtain ...) + TODO: check +CVE-2006-2168 (FileProtection Express 1.0.1 and earlier allows remote attackers to ...) + TODO: check +CVE-2006-2167 (Cross-site scripting (XSS) vulnerability in SloughFlash SF-Users 1.0, ...) + TODO: check +CVE-2006-2166 (Unspecified vulnerability in the HTTP management interface in Cisco ...) + TODO: check +CVE-2006-2165 (Multiple cross-site scripting (XSS) vulnerabilities in Avactis ...) + TODO: check +CVE-2006-2164 (Multiple SQL injection vulnerabilities in Avactis Shopping Cart 0.1.2 ...) + TODO: check +CVE-2006-2163 (Cross-site scripting (XSS) vulnerability in index.php in Pinnacle Cart ...) + TODO: check +CVE-2006-2162 (Buffer overflow in CGI scripts in Nagios 1.x before 1.4 and 2.x before ...) + TODO: check CVE-2006-2161 RESERVED CVE-2006-XXXX [MySQL COM_TABLE_DUMP Information Leakage and Arbitrary command execution] @@ -1569,10 +1675,9 @@ NOTE: default configuration. CVE-2006-1528 RESERVED -CVE-2006-1527 [SCTP conntrack: fix infinite loop] - RESERVED +CVE-2006-1527 (The SCTP-netfilter code in Linux kernel before 2.6.16.13 allows remote ...) - linux-2.6 2.6.16-12 (low) -CVE-2006-1526 (Buffer overflow in the Xrender extension in X.org X server 6.8.0 up to ...) +CVE-2006-1526 (Buffer overflow in the X render (Xrender) extension in X.org X server ...) - xorg-server 1:1.0.2-8 CVE-2006-1525 (ip_route_input in Linux kernel 2.6 before 2.6.16.8 allows local users ...) - linux-2.6 2.6.16-9 @@ -1589,12 +1694,12 @@ CVE-2006-1519 [quagga RIPD unauthenticated route injection] RESERVED - quagga 0.99.3-2 (bug #365940) -CVE-2006-1518 - RESERVED -CVE-2006-1517 - RESERVED -CVE-2006-1516 - RESERVED +CVE-2006-1518 (Buffer overflow in the open_table function in sql_base.cc in MySQL ...) + TODO: check +CVE-2006-1517 (sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and ...) + TODO: check +CVE-2006-1516 (The check_connection function in sql_parse.cc in MySQL 4.0.x up to ...) + TODO: check CVE-2006-1515 RESERVED CVE-2006-1514 (Multiple buffer overflows in the abcmidi-yaps translator in abcmidi ...) @@ -2643,8 +2748,8 @@ RESERVED CVE-2006-1053 RESERVED -CVE-2006-1052 - RESERVED +CVE-2006-1052 (The selinux_ptrace logic in hooks.c in SELinux for Linux 2.6.6 allows ...) + TODO: check CVE-2006-1051 (SQL injection vulnerability in Akarru Social BookMarking Engine before ...) NOT-FOR-US: Akurru Social BookMarking Engine CVE-2006-1050 (Kwik-Pay Payroll 4.2.20, and possibly other versions, stores the ...) @@ -10065,7 +10170,7 @@ NOT-FOR-US: Rediff BOL) CVE-2005-2857 (Free SMTP Server 2.2 allows remote attackers to use the server as an ...) NOT-FOR-US: Free SMTP Server -CVE-2005-2856 (Stack-based buffer overflow in UNACEV2.DLL for ALZip 5.51 through 6.11 ...) +CVE-2005-2856 (Stack-based buffer overflow in WinACE UNACEV2.DLL third-party ...) NOT-FOR-US: ALZip CVE-2005-2855 (Cross-site scripting (XSS) vulnerability in Unclassified NewsBoard ...) NOT-FOR-US: Unclassified Newsboard