Author: stef-guest Date: 2006-10-25 18:18:59 +0000 (Wed, 25 Oct 2006) New Revision: 4884 Modified: data/CVE/list Log: - asterisk fixed - new postgresql DoSs already fixed (low) - CVE-2006-4573: new screen issue (medium) - new diffmon issue fixed Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-10-25 02:55:21 UTC (rev 4883) +++ data/CVE/list 2006-10-25 18:18:59 UTC (rev 4884) @@ -1,3 +1,9 @@ +CVE-2006-XXXX [diffmon information leakage] + - diffmon 20020222-2.2 (bug #382132) +CVE-2006-XXXX [postgres DoSs] + - postgresql-7.4 1:7.4.14-1 + - postgresql-8.1 8.1.5-1 + [sarge] - postgresql <unfixed> (low) CVE-2006-XXXX [serendipity XSS for registered authors] - serendipity 1.0.2-1 (low) CVE-2006-XXXX [drupal XSS and XSRF http://secunia.com/advisories/22486/] @@ -34,9 +40,9 @@ CVE-2006-5446 (SQL injection vulnerability in lobby/config.php in Casinosoft Casino ...) NOT-FOR-US: Casinosoft Casino Script (aka Masvet) CVE-2006-5445 (Unspecified vulnerability in the SIP channel driver ...) - - asterisk <unfixed> (medium; bug #395080) + - asterisk 1:1.2.13~dfsg-1 (medium; bug #395080) CVE-2006-5444 (Integer overflow in the get_input function in the Skinny channel ...) - - asterisk <unfixed> (medium; bug #395080) + - asterisk 1:1.2.13~dfsg-1 (medium; bug #395080) CVE-2006-5443 (Unspecified vulnerability in XIAO Gang WWW Interactive Mathematics ...) - wims <unfixed> (bug #395102) CVE-2006-5442 (ViewVC 1.0.2 and earlier does not specify a charset in its HTTP ...) @@ -1874,8 +1880,9 @@ RESERVED CVE-2006-4574 RESERVED -CVE-2006-4573 +CVE-2006-4573 [GNU Screen UTF-8 Character Handling Vulnerabilities] RESERVED + - screen <unfixed> (bug filed; medium) CVE-2006-4572 RESERVED CVE-2006-4571 (Multiple unspecified vulnerabilities in Firefox before 1.5.0.7, ...)