Author: alec-guest Date: 2006-05-23 23:49:14 +0000 (Tue, 23 May 2006) New Revision: 4065 Modified: data/CVE/list Log: * xmcd (medium) * need to check for packages (if any?) shipping FCKeditor Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-05-23 23:45:04 UTC (rev 4064) +++ data/CVE/list 2006-05-23 23:49:14 UTC (rev 4065) @@ -15,7 +15,8 @@ CVE-2006-2543 (Xtreme Topsites 1.1 allows remote attackers to trigger MySQL errors ...) NOT-FOR-US: Xtreme Topsites CVE-2006-2542 (xmcdconfig in Debian GNU/Linux 2.6-17.1 creates /var/lib/cddb and ...) - TODO: check + TODO: check sarge and woody + - xmcd <unfixed> (bug #366816; medium) CVE-2006-2541 (SQL injection vulnerability in settings.asp in Zixforum 1.12 allows ...) NOT-FOR-US: Zixforum CVE-2006-2540 (Privacy leak in install.php for Diesel PHP Job Site sends sensitive ...) @@ -41,7 +42,7 @@ CVE-2006-2530 (avatar_upload.asp in Avatar MOD 1.3 for Snitz Forums 3.4, and possibly ...) NOT-FOR-US: Snitz mod CVE-2006-2529 (editor/filemanager/upload/php/upload.php in FCKeditor before 2.3 Beta, ...) - TODO: check + TODO: check packages that include FCKeditor (if any?) CVE-2006-2528 (PHP remote file inclusion vulnerability in classified_right.php in ...) NOT-FOR-US: phpBazar CVE-2006-2527 (Admin/admin.php in phpBazar 2.1.0 and earlier allows remote attackers ...)