Author: joeyh
Date: 2006-08-15 09:14:18 +0000 (Tue, 15 Aug 2006)
New Revision: 4568
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2006-08-15 08:17:24 UTC (rev 4567)
+++ data/CVE/list 2006-08-15 09:14:18 UTC (rev 4568)
@@ -94,6 +94,7 @@
- mysql-dfsg <unfixed> (low)
CVE-2006-4030 [gallery Missing input sanitising in the stats modules allows
information disclosure]
RESERVED
+ {DSA-1148-1}
- gallery 1.5.3-1
TODO: check gallery2
CVE-2006-4029 (Stack-based buffer overflow in sipd.dll in AGEphone 1.24 and
1.38.1 ...)
@@ -157,6 +158,7 @@
CVE-2006-4003 (The config method in Henrik Storner Hobbit monitor before
4.1.2p2 ...)
NOT-FOR-US: Henrik Storner Hobbit monitor
CVE-2006-4002 (Cross-site scripting (XSS) vulnerability in user.module in
Drupal 4.6 ...)
+ {DSA-1147-1}
- drupal 4.5.8-2 (bug #382087; medium)
CVE-2006-4001 (Login.pm in Barracuda Spam Firewall (BSF) 3.3.01.001 through
...)
NOT-FOR-US: Barracuda Spam Firewall
@@ -2106,6 +2108,7 @@
{DSA-1143-1}
CVE-2006-3121 [heartbeat insufficient bounds checking]
RESERVED
+ {DSA-1151-1}
- heartbeat-2 2.0.6-2
- heartbeat 1.2.4-14
CVE-2006-3120 (Format string vulnerability in Brian Wotring Osiris before 4.2.1
...)
@@ -8847,6 +8850,7 @@
CVE-2006-0331 (Buffer overflow in Change passwd 3.1 (chpasswd) SquirrelMail
plugin ...)
NOT-FOR-US: Squirrelmail plugin
CVE-2006-0330 (Cross-site scripting (XSS) vulnerability in Gallery before 1.5.2
...)
+ {DSA-1148-1}
- gallery 1.5.2-1
CVE-2006-0329 (SQL injection vulnerability in HITSENSER Data Mart Server BS,
BS-S, ...)
NOT-FOR-US: HITSENSER Data Mart Server BS
@@ -14844,6 +14848,7 @@
CVE-2005-2735 (Cross-site scripting (XSS) vulnerability in phpGraphy 0.9.9a and
...)
NOT-FOR-US: phpGraphy
CVE-2005-2734 (Cross-site scripting (XSS) vulnerability in Gallery 1.5.1-RC2
and ...)
+ {DSA-1148-1}
- gallery 1.5-2 (bug #325285; medium)
TODO: check gallery2
CVE-2005-2733 (upload_img_cgi.php in Simple PHP Blog (SPHPBlog) does not
properly ...)