Author: joeyh Date: 2006-05-09 09:14:29 +0000 (Tue, 09 May 2006) New Revision: 3923 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-05-08 07:23:24 UTC (rev 3922) +++ data/CVE/list 2006-05-09 09:14:29 UTC (rev 3923) @@ -1,3 +1,121 @@ +CVE-2006-2270 (PHP remote file inclusion vulnerability in includes/config.php in ...) + TODO: check +CVE-2006-2269 (Cross-site scripting (XSS) vulnerability in myWebland MyBloggie 2.1.3 ...) + TODO: check +CVE-2006-2268 (SQL injection vulnerability in FlexCustomer 0.0.4 and earlier allows ...) + TODO: check +CVE-2006-2267 (Kerio WinRoute Firewall before 6.2.1 allows remote attackers to cause ...) + TODO: check +CVE-2006-2266 (SQL injection vulnerability in Chirpy! 0.1 allows remote attackers to ...) + TODO: check +CVE-2006-2265 (Cross-site scripting vulnerability in admin/main.asp in Ocean12 ...) + TODO: check +CVE-2006-2264 (Multiple SQL injection vulnerabilities in Ocean12 Calendar Manager Pro ...) + TODO: check +CVE-2006-2263 (SQL injection vulnerability in shopcurrency.asp in VP-ASP 6.00 allows ...) + TODO: check +CVE-2006-2262 (Cross-site scripting (XSS) vulnerability in index.php in singapore ...) + TODO: check +CVE-2006-2261 (PHP remote file inclusion vulnerability in day.php in ACal 2.2.6 ...) + TODO: check +CVE-2006-2260 (Cross-site scripting (XSS) vulnerability in the project module ...) + TODO: check +CVE-2006-2259 (SQL injection vulnerability in Logon.asp in MaxxSchedule 1.0 allows ...) + TODO: check +CVE-2006-2258 (Cross-site scripting (XSS) vulnerability in Logon.asp in MaxxSchedule ...) + TODO: check +CVE-2006-2257 (Cross-site scripting (XSS) vulnerability in index.php in easyEvent 1.2 ...) + TODO: check +CVE-2006-2256 (PHP remote file inclusion vulnerability in includes/dbal.php in EQdkp ...) + TODO: check +CVE-2006-2255 (Multiple SQL injection vulnerabilities in Creative Community Portal ...) + TODO: check +CVE-2006-2254 (Buffer overflow in filecpnt.exe in FileCOPA 1.01 allows remote ...) + TODO: check +CVE-2006-2253 (PHP remote file inclusion vulnerability in visible_count_inc.php in ...) + TODO: check +CVE-2006-2252 (Cross-site scripting vulnerability in submit.php in OpenFAQ 0.4.0 ...) + TODO: check +CVE-2006-2251 (SQL injection vulnerability in the do_mmod function in mod.php in ...) + TODO: check +CVE-2006-2250 (CuteNews 1.4.1 allows remote attackers to obtain sensitive information ...) + TODO: check +CVE-2006-2249 (Multiple cross-site scripting (XSS) vulnerabilities in search.php in ...) + TODO: check +CVE-2006-2248 (Xeneo Web Server 2.2.22.0 allows remote attackers to obtain the source ...) + TODO: check +CVE-2006-2247 (WebCalendar 1.0.1 to 1.0.3 generates different error messages ...) + TODO: check +CVE-2006-2246 (Cross-site scripting (XSS) vulnerability in UBlog 1.6 Access Edition ...) + TODO: check +CVE-2006-2245 (PHP remote file inclusion vulnerability in auction\auction_common.php ...) + TODO: check +CVE-2006-2244 (Multiple SQL injection vulnerabilities in Web4Future News Portal allow ...) + TODO: check +CVE-2006-2243 (Multiple cross-site scripting (XSS) vulnerabilities in Web4Future News ...) + TODO: check +CVE-2006-2242 (acFTP 1.4 allows remote attackers to cause a denial of service ...) + TODO: check +CVE-2006-2241 (PHP remote file inclusion vulnerability in show.php in Fast Click SQL ...) + TODO: check +CVE-2006-2240 (Unspecified vulnerability in the (1) web cache or (2) web proxy in ...) + TODO: check +CVE-2006-2239 (SQL injection vulnerability in readarticle.php in Newsadmin 1.1 allows ...) + TODO: check +CVE-2006-2238 + RESERVED +CVE-2006-2237 (The web interface for AWStats 6.4 and 6.5, when statistics updates are ...) + TODO: check +CVE-2006-2236 (Buffer overflow in the Quake 3 Engine, as used by (1) ET 2.60, (2) ...) + TODO: check +CVE-2006-2235 (CodeMunkyX (aka free-php.net) Simple Poll 1.0, when authentication is ...) + TODO: check +CVE-2006-2234 (Multiple cross-site scripting (XSS) vulnerabilities in TyroCMS beta ...) + TODO: check +CVE-2006-2233 (Buffer overflow in BankTown Client Control (aka BtCxCtl20Com) ...) + TODO: check +CVE-2006-2232 (Cross-site scripting (XSS) vulnerability in Scriptsez Cute Guestbook ...) + TODO: check +CVE-2006-2231 (Multiple cross-site scripting (XSS) vulnerabilities in addguest.cgi in ...) + TODO: check +CVE-2006-2230 (Multiple format string vulnerabilities in xiTK (xitk/main.c) in xine ...) + TODO: check +CVE-2006-2229 (OpenVPN 2.0.7 and earlier, when configured to use the --management ...) + TODO: check +CVE-2006-2228 (Cross-site scripting (XSS) vulnerability in w-Agora (aka Web-Agora) ...) + TODO: check +CVE-2006-2227 (Cross-site scripting (XSS) vulnerability in misc.php in PunBB 1.2.11 ...) + TODO: check +CVE-2006-2226 (Buffer overflow in XM Easy Personal FTP Server 4.2 allows remote ...) + TODO: check +CVE-2006-2225 (Buffer overflow in XM Easy Personal FTP Server 4.3 and earlier allows ...) + TODO: check +CVE-2006-2224 (RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly enforce ...) + TODO: check +CVE-2006-2223 (RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly ...) + TODO: check +CVE-2006-2222 (Buffer overflow in zawhttpd 0.8.23, and possibly previous versions, ...) + TODO: check +CVE-2006-2221 (A third-party installer generation tool, possibly BitRock ...) + TODO: check +CVE-2006-2220 + RESERVED +CVE-2006-2219 + RESERVED +CVE-2006-2218 (Unspecified vulnerability in Internet Explorer 6.0 on Microsoft ...) + TODO: check +CVE-2006-2217 (SQL injection vulnerability in index.php in Invision Power Board ...) + TODO: check +CVE-2006-2216 (Open Bulletin Board (OpenBB) 1.0.8 allows remote attackers to obtain ...) + TODO: check +CVE-2006-2215 (Multiple cross-site scripting (XSS) vulnerabilities in Albinator 2.x ...) + TODO: check +CVE-2005-4797 (Directory traversal vulnerability in printd line printer daemon (lpd) ...) + TODO: check +CVE-2005-4796 (Unspecified vulnerability in the XView library (libxview.so) in ...) + TODO: check +CVE-2005-4795 (Unspecified vulnerability in the multi-language environment library ...) + TODO: check CVE-2006-XXXX [pstotext insufficient filename sanitizing] - pstotext 1.9-3 (bug #356988; medium) CVE-2006-XXXX [cyrus-imapd allows user probes] @@ -28,7 +146,7 @@ TODO: check CVE-2006-2202 (SQL injection vulnerability in post.php in Invision Gallery 2.0.6 ...) TODO: check -CVE-2006-2201 (Unspecified vulnerability in CA CAI Resource Initialization Manager ...) +CVE-2006-2201 (Unspecified vulnerability in CA Resource Initialization Manager ...) TODO: check CVE-2006-2200 RESERVED @@ -108,8 +226,8 @@ TODO: check CVE-2006-2162 (Buffer overflow in CGI scripts in Nagios 1.x before 1.4 and 2.x before ...) TODO: check -CVE-2006-2161 - RESERVED +CVE-2006-2161 (Buffer overflow in TZipBuilder 1.79.03.01 allows remote attackers to ...) + TODO: check CVE-2006-XXXX [MySQL COM_TABLE_DUMP Information Leakage and Arbitrary command execution] - mysql-dfsg-5.0 5.0.21-1 (bug #365939) - mysql-dfsg-4.1 <unfixed> (bug #365939) @@ -2492,8 +2610,8 @@ RESERVED CVE-2006-1173 RESERVED -CVE-2006-1172 - RESERVED +CVE-2006-1172 (Stack-based buffer overflow in the createPKCS10 function in ...) + TODO: check CVE-2006-1171 RESERVED CVE-2006-1170 @@ -3972,8 +4090,8 @@ NOTE: http://www.securityfocus.com/bid/16551 CVE-2006-0516 (Unspecified vulnerability in the kernel processing in Solaris 10 64 ...) NOT-FOR-US: Solaris -CVE-2006-0515 - RESERVED +CVE-2006-0515 (Cisco PIX 7.0.x before 7.0.x and 6.3.x before 6.3.5(112), and FWSM ...) + TODO: check CVE-2006-0514 RESERVED CVE-2006-0513 (Directory traversal vulnerability in pkmslogout in Tivoli Web Server ...) @@ -13315,7 +13433,7 @@ NOT-FOR-US: PHP-Fusion CVE-2005-2073 (Unknown vulnerability in IBM DB2 8.1.4 through 8.1.9 and 8.2.0 through ...) NOT-FOR-US: DB2 -CVE-2005-2072 (ld.so in Solaris 9 and 10 trusts the LD_AUDIT environment variable in ...) +CVE-2005-2072 (The runtime linker (ld.so) in Solaris 8, 9, and 10 trusts the LD_AUDIT ...) NOT-FOR-US: Solaris CVE-2005-2071 (traceroute in Sun Solaris 10 on x86 systems allows local users to ...) NOT-FOR-US: Solaris