Author: stef-guest Date: 2006-11-28 18:22:00 +0100 (Tue, 28 Nov 2006) New Revision: 5018 Modified: data/CVE/list Log: - new (different) proftpd issue (medium) - CVE-2006-6097: new tar issue (high) Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-11-28 17:01:33 UTC (rev 5017) +++ data/CVE/list 2006-11-28 17:22:00 UTC (rev 5018) @@ -1,6 +1,9 @@ +CVE-2006-XXXX [proftpd buffer overflow in mod_tls] + - proftpd-dfsg <unfixed> (medium; bug filed) + - proftpd <removed> (medium) CVE-2006-XXXX [gnupg buffer overflow in ask_outfile_name] - gnupg 1.4.5-3 (medium) - - gnupg2 <unfixed> (medium) + - gnupg2 <unfixed> (medium; bug filed) CVE-2006-XXXX [tikiwiki script insertion vulnerability] - tikiwiki 1.9.7+dfsg-1 (low) CVE-2006-XXXX [several security issues in phpmyadmin] @@ -77,7 +80,7 @@ CVE-2006-6098 RESERVED CVE-2006-6097 (GNU tar 1.16 and 1.15.1, and possibly other versions, allows ...) - TODO: check + - tar <unfixed> (high; bug #399845) CVE-2006-6096 (Cross-site scripting (XSS) vulnerability in activenews_search.asp in ...) TODO: check CVE-2006-6095 (Multiple SQL injection vulnerabilities in ActiveNews Manager allow ...)