Author: stef-guest Date: 2006-09-26 21:32:14 +0000 (Tue, 26 Sep 2006) New Revision: 4769 Modified: data/CVE/list Log: a few NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-09-26 21:14:23 UTC (rev 4768) +++ data/CVE/list 2006-09-26 21:32:14 UTC (rev 4769) @@ -1,7 +1,7 @@ CVE-2006-5001 (Unspecified vulnerability in the log analyzer in WS_FTP Server 5.05 ...) - TODO: check + NOT-FOR-US: WS_FTP CVE-2006-5000 (Multiple buffer overflows in WS_FTP Server 5.05 before Hotfix 1, and ...) - TODO: check + NOT-FOR-US: WS_FTP CVE-2006-4999 RESERVED CVE-2006-4998 @@ -9,99 +9,99 @@ CVE-2006-4997 RESERVED CVE-2006-4996 (Unspecified vulnerability in JoomlaLib (com_joomlalib) before 1.2.2 ...) - TODO: check + NOT-FOR-US: JoomlaLib (com_joomlalib) for Joomla! CVE-2006-4995 (PHP remote file inclusion vulnerability in BSQ Sitestats ...) - TODO: check + NOT-FOR-US: BSQ Sitestats for Joomla! CVE-2006-4994 (Multiple unquoted Windows search path vulnerabilities in Apache ...) - TODO: check + NOT-FOR-US: XAMPP CVE-2006-4993 (Multiple PHP remote file inclusion vulnerabilities in AllMyGuests ...) - TODO: check + NOT-FOR-US: AllMyGuests CVE-2006-4992 (Multiple PHP remote file inclusion vulnerabilities in JD-WordPress for ...) - TODO: check + NOT-FOR-US: JD-WordPress for Joomla! CVE-2006-4991 (RSA Keon Certificate Authority (KeonCA) Manager 6.5.1 and 6.6 allows ...) - TODO: check + NOT-FOR-US: RSA Keon Certificate Authority (KeonCA) Manager CVE-2006-4990 (Multiple PHP remote file inclusion vulnerabilities in PhotoPost allow ...) - TODO: check + NOT-FOR-US: PhotoPost CVE-2006-4989 (Patrick Michaelis Wili-CMS allows remote attackers to obtain sensitive ...) - TODO: check + NOT-FOR-US: Wili-CMS CVE-2006-4988 (Multiple cross-site scripting (XSS) vulnerabilities in Patrick ...) - TODO: check + NOT-FOR-US: Wili-CMS CVE-2006-4987 (Multiple PHP remote file inclusion vulnerabilities in Patrick ...) - TODO: check + NOT-FOR-US: Wili-CMS CVE-2006-4986 (Grayscale BandSite CMS allows remote attackers to obtain sensitive ...) - TODO: check + NOT-FOR-US: BandSite CMS CVE-2006-4985 (Multiple cross-site scripting (XSS) vulnerabilities in Grayscale ...) - TODO: check + NOT-FOR-US: BandSite CMS CVE-2006-4984 (Multiple PHP remote file inclusion vulnerabilities in Grayscale ...) - TODO: check + NOT-FOR-US: BandSite CMS CVE-2006-4983 (Cisco NAC allows quarantined devices to communicate over the network ...) - TODO: check + NOT-FOR-US: Cisco CVE-2006-4982 (Cisco NAC maintains an exception list that does not record device ...) - TODO: check + NOT-FOR-US: Cisco CVE-2006-4981 (Symantec Sygate NAC allows physically proximate attackers to bypass ...) - TODO: check + NOT-FOR-US: Symantec CVE-2006-4980 RESERVED CVE-2006-4979 (Direct static code injection vulnerability in cfgphpquiz/install.php ...) - TODO: check + NOT-FOR-US: PhpQuiz CVE-2006-4978 (Multiple SQL injection vulnerabilities in Walter Beschmout PhpQuiz 1.2 ...) - TODO: check + NOT-FOR-US: PhpQuiz CVE-2006-4977 (Multiple unrestricted file upload vulnerabilities in (1) ...) - TODO: check + NOT-FOR-US: PhpQuiz CVE-2006-4976 (The Date Library in John Lim ADOdb Library for PHP allows remote ...) TODO: check CVE-2006-4975 (Yahoo! Messenger for WAP permits saving messages that contain ...) - TODO: check + NOT-FOR-US: Yahoo! Messenger CVE-2006-4974 (Buffer overflow in Ipswitch WS_FTP Limited Edition (LE) 5.08 allows ...) - TODO: check + NOT-FOR-US: WS_FTP CVE-2006-4973 (Cross-site scripting (XSS) vulnerability in Default.aspx in Perpetual ...) - TODO: check + NOT-FOR-US: DotNetNuke CVE-2006-4972 (Cross-site scripting (XSS) vulnerability in ...) - TODO: check + NOT-FOR-US: MyBB CVE-2006-4971 (MyBB (aka MyBulletinBoard) allows remote attackers to obtain sensitive ...) - TODO: check + NOT-FOR-US: MyBB CVE-2006-4970 (PHP remote file inclusion vulnerability in enc/content.php in WAHM ...) - TODO: check + NOT-FOR-US: Pie Cart Pro CVE-2006-4969 (Multiple PHP remote file inclusion vulnerabilities in WAHM E-Commerce ...) - TODO: check + NOT-FOR-US: Pie Cart Pro CVE-2006-4968 (PHP remote file inclusion vulnerability in ...) TODO: check CVE-2006-4967 (Multiple cross-site scripting (XSS) vulnerabilities in NextAge Cart ...) - TODO: check + NOT-FOR-US: NextAge Cart CVE-2006-4966 (PHP remote file inclusion vulnerability in inc/ifunctions.php in ...) - TODO: check + NOT-FOR-US: phpQuestionnaire CVE-2006-4965 (Apple QuickTime 7.1.3 Player and Plug-In allows remote attackers to ...) - TODO: check + NOT-FOR-US: Apple CVE-2006-4964 (Cross-site scripting (XSS) vulnerability in MAXdev MDPro 1.0.76 before ...) - TODO: check + NOT-FOR-US: MAXdev MDPro CVE-2006-4963 (Directory traversal vulnerability in index.php in Exponent CMS 0.96.3 ...) - TODO: check + NOT-FOR-US: Exponent CMS CVE-2006-4962 (Directory traversal vulnerability in pbd_engine.php in Php Blue Dragon ...) - TODO: check + NOT-FOR-US: Php Blue Dragon CVE-2006-4961 (SQL injection vulnerability in the GetModuleConfig function in ...) - TODO: check + NOT-FOR-US: Php Blue Dragon CVE-2006-4960 (Cross-site scripting (XSS) vulnerability in index.php Php Blue Dragon ...) - TODO: check + NOT-FOR-US: Php Blue Dragon CVE-2006-4959 (Sun Secure Global Desktop (SSGD, aka Tarantella) before 4.3 allows ...) - TODO: check + NOT-FOR-US: Sun Secure Global Desktop CVE-2006-4958 (Cross-site scripting (XSS) vulnerability in Sun Secure Global Desktop ...) - TODO: check + NOT-FOR-US: Sun Secure Global Desktop CVE-2006-4957 (SQL injection vulnerability in the GetMember function in functions.php ...) - TODO: check + NOT-FOR-US: MyReview CVE-2006-4956 (Cross-site scripting (XSS) vulnerability in the updateuser servlet in ...) - TODO: check + NOT-FOR-US: Neon WebMail for Java CVE-2006-4955 (Directory traversal vulnerability in the downloadfile servlet in Neon ...) - TODO: check + NOT-FOR-US: Neon WebMail for Java CVE-2006-4954 (The updateuser servlet in Neon WebMail for Java before 5.08 does not ...) - TODO: check + NOT-FOR-US: Neon WebMail for Java CVE-2006-4953 (Multiple SQL injection vulnerabilities in Neon WebMail for Java before ...) - TODO: check + NOT-FOR-US: Neon WebMail for Java CVE-2006-4952 (The updatemail servlet in Neon WebMail for Java before 5.08 allows ...) - TODO: check + NOT-FOR-US: Neon WebMail for Java CVE-2006-4951 (Neon WebMail for Java before 5.08 allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Neon WebMail for Java CVE-2006-4950 (Cisco IOS 12.2 through 12.4 before 20060920, as used by Cisco IAD2430, ...) - TODO: check + NOT-FOR-US: Cisco CVE-2006-4949 (Cross-site scripting (XSS) vulnerability in the Drupal 4.6 Site ...) TODO: check CVE-2006-4948 (Stack-based buffer overflow in tftpd.exe in ProSysInfo TFTP Server ...)