Author: joeyh Date: 2006-05-12 21:14:39 +0000 (Fri, 12 May 2006) New Revision: 3948 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-05-12 19:52:44 UTC (rev 3947) +++ data/CVE/list 2006-05-12 21:14:39 UTC (rev 3948) @@ -1,3 +1,91 @@ +CVE-2006-2341 (The HTTP proxy in Symantec Gateway Security 5000 Series 2.0.1 and 3.0, ...) + TODO: check +CVE-2006-2340 (Cross-site scripting (XSS) vulnerability in PassMasterFlex and ...) + TODO: check +CVE-2006-2339 (SQL injection vulnerability in index.php in evoTopsites 2.x and ...) + TODO: check +CVE-2006-2338 (PlaNet Concept plaNetStat 20050127 allows remote attackers to gain ...) + TODO: check +CVE-2006-2337 (Directory traversal vulnerability in webcm in the D-Link DSL-G604T ...) + TODO: check +CVE-2006-2336 (SQL injection vulnerability in showthread.php in MyBB (aka ...) + TODO: check +CVE-2006-2335 (Jelsoft vBulletin accepts uploads of Cascading Style Sheets (CSS) and ...) + TODO: check +CVE-2006-2334 (The RtlDosPathNameToNtPathName_U API function in NTDLL.DLL in ...) + TODO: check +CVE-2006-2333 (Multiple SQL injection vulnerabilities in MyBB (aka MyBulletinBoard) ...) + TODO: check +CVE-2006-2332 (Mozilla Firefox 1.5.0.3 allows remote attackers to cause a denial of ...) + TODO: check +CVE-2006-2331 (Multiple directory traversal vulnerabilities in PHP-Fusion 6.00.306 ...) + TODO: check +CVE-2006-2330 (PHP-Fusion 6.00.306 and earlier, running under Apache HTTP Server ...) + TODO: check +CVE-2006-2329 (AngelineCMS 0.6.5 and earlier allow remote attackers to obtain ...) + TODO: check +CVE-2006-2328 (SQL injection vulnerability in lib/adodb/server.php in AngelineCMS ...) + TODO: check +CVE-2006-2327 (Integer overflow in the DPRPCNLM.NLM NDPS/iPrint module in Novell ...) + TODO: check +CVE-2006-2326 (Directory traversal vulnerability in index.php in OnlyScript.info ...) + TODO: check +CVE-2006-2325 (Cross-site scripting (XSS) vulnerability in index.php in ...) + TODO: check +CVE-2006-2324 (180solutions Zango downloads "required Adware components" without ...) + TODO: check +CVE-2006-2323 (Multiple PHP remote file inclusion vulnerabilities in SmartISoft ...) + TODO: check +CVE-2006-2322 (The transparent proxy feature of the Cisco Application Velocity System ...) + TODO: check +CVE-2006-2321 (Multiple cross-site scripting (XSS) vulnerabilities in Ideal Science ...) + TODO: check +CVE-2006-2320 (Multiple SQL injection vulnerabilities in Ideal Science Ideal BB ...) + TODO: check +CVE-2006-2319 (Ideal Science Ideal BB 1.5.4a and earlier does not properly check file ...) + TODO: check +CVE-2006-2318 (Incomplete blacklist vulnerability in Ideal Science Ideal BB 1.5.4a ...) + TODO: check +CVE-2006-2317 (Unspecified vulnerability in Ideal Science Ideal BB 1.5.4a and earlier ...) + TODO: check +CVE-2006-2316 (S24EvMon.exe in the Intel PROset/Wireless software, possibly ...) + TODO: check +CVE-2006-2315 (PHP remote file inclusion vulnerability in session.inc.php in ...) + TODO: check +CVE-2006-2314 + RESERVED +CVE-2006-2313 + RESERVED +CVE-2006-2312 + RESERVED +CVE-2006-2311 + RESERVED +CVE-2006-2310 + RESERVED +CVE-2006-2309 + RESERVED +CVE-2006-2308 + RESERVED +CVE-2006-2307 (Cross-site scripting (XSS) vulnerability in Website Baker CMS allows ...) + TODO: check +CVE-2006-2306 (Cross-site scripting (XSS) vulnerability in moreinfo.asp in ...) + TODO: check +CVE-2006-2305 (Multiple cross-site scripting (XSS) vulnerabilities in Jadu CMS allow ...) + TODO: check +CVE-2006-2304 (Buffer overflow in DPRPCW32.DLL in Novell Client 4.83 SP3, 4.90 SP2 ...) + TODO: check +CVE-2006-2303 (Cross-Application Scripting (XAS) vulnerability in ICQ Client 5.04 ...) + TODO: check +CVE-2006-2302 (SQL injection vulnerability in admin_default.asp in DUGallery 2.x ...) + TODO: check +CVE-2006-2301 (SQL injection vulnerability in admin_default.asp in OzzyWork Galeri ...) + TODO: check +CVE-2006-2300 (Multiple SQL injection vulnerabilities in EImagePro allow remote ...) + TODO: check +CVE-2006-2299 + RESERVED +CVE-2006-2298 (The Internet Key Exchange version 1 (IKEv1) implementation in the ...) + TODO: check CVE-2006-2297 (Heap-based buffer overflow in Microsoft Infotech Storage System ...) NOT-FOR-US: Microsoft Infotech Storage System CVE-2006-2296 (SQL injection vulnerability in search_result.asp in EDirectoryPro 2.0 ...) @@ -30,7 +118,7 @@ NOT-FOR-US: phpRaid CVE-2006-2282 (Cross-site scripting (XSS) vulnerability in X7 Chat 2.0.2 and earlier ...) NOT-FOR-US: X7 Chat -CVE-2006-2281 (X-Scripts X-Poll 2.30 allows remote attackers to execute arbitrary PHP ...) +CVE-2006-2281 (X-Scripts X-Poll (xpoll) 2.30 allows remote attackers to execute ...) NOT-FOR-US: X-Scripts X-Poll CVE-2006-2280 (Directory traversal vulnerability in website.php in openEngine 1.8 ...) NOT-FOR-US: openEngine @@ -46,8 +134,8 @@ TODO: check CVE-2006-2274 (Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a ...) TODO: check -CVE-2006-2273 - RESERVED +CVE-2006-2273 (The InstallProduct routine in the Verisign VUpdater.Install (aka ...) + TODO: check CVE-2006-2272 (Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a ...) TODO: check CVE-2006-2271 (The ECNE chunk handling in Linux SCTP (lksctp) before 2.6.17 allows ...) @@ -986,10 +1074,10 @@ RESERVED CVE-2006-1861 RESERVED -CVE-2006-1860 - RESERVED -CVE-2006-1859 - RESERVED +CVE-2006-1860 (lease_init in fs/locks.c in Linux kernel before 2.6.16.16 allows ...) + TODO: check +CVE-2006-1859 (Memory leak in __setlease in fs/locks.c in Linux kernel before ...) + TODO: check CVE-2006-1858 RESERVED CVE-2006-1857