diff options
author | Joey Hess <joeyh@debian.org> | 2006-06-09 21:14:25 +0000 |
---|---|---|
committer | Joey Hess <joeyh@debian.org> | 2006-06-09 21:14:25 +0000 |
commit | b0255b84051949efa04ad48ef39781134ef1f2e9 (patch) | |
tree | 39ebe2f63ac2796b823cd43a472e641c5924d2a6 | |
parent | fc5ba0e4813e75dd1b8b17ee190260a3250fdd65 (diff) |
automatic update
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@4167 e39458fd-73e7-0310-bf30-c45bca0a0e42
-rw-r--r-- | data/CVE/1999.list | 4 | ||||
-rw-r--r-- | data/CVE/2006.list | 73 |
2 files changed, 69 insertions, 8 deletions
diff --git a/data/CVE/1999.list b/data/CVE/1999.list index 21430ec44f..e20aad2d21 100644 --- a/data/CVE/1999.list +++ b/data/CVE/1999.list @@ -2625,7 +2625,7 @@ CVE-1999-0652 (A database service is running, e.g. a SQL server, Oracle, or mySQ TODO: check CVE-1999-0651 (The rsh/rlogin service is running. ...) TODO: check -CVE-1999-0650 (The netstat service is running. ...) +CVE-1999-0650 (The netstat service is running, which provides sensitive information ...) TODO: check CVE-1999-0649 (The FSP service is running. ...) TODO: check @@ -2701,7 +2701,7 @@ CVE-1999-0610 (An incorrect configuration of the Webcart CGI program ...) TODO: check CVE-1999-0609 (An incorrect configuration of the SoftCart CGI program ...) TODO: check -CVE-1999-0607 (An incorrect configuration of the QuikStore shopping cart ...) +CVE-1999-0607 (quikstore.cgi in QuikStore shopping cart stores quikstore.cfg under ...) TODO: check CVE-1999-0606 (An incorrect configuration of the EZMall 2000 shopping cart ...) TODO: check diff --git a/data/CVE/2006.list b/data/CVE/2006.list index 26852eed7a..5ecd665f5b 100644 --- a/data/CVE/2006.list +++ b/data/CVE/2006.list @@ -1,3 +1,65 @@ +CVE-2006-2930 (Unspecified vulnerability in Sun Grid Engine 5.3 and Sun N1 Grid ...) + TODO: check +CVE-2006-2929 (PHP remote file inclusion vulnerability in ...) + TODO: check +CVE-2006-2928 (Multiple PHP remote file inclusion vulnerabilities in CMS-Bandits 2.5 ...) + TODO: check +CVE-2006-2927 (Multiple cross-site scripting (XSS) vulnerabilities in post.asp in ...) + TODO: check +CVE-2006-2926 (Stack-based buffer overflow in the WWW Proxy Server of Qbik WinGate ...) + TODO: check +CVE-2006-2925 (Cross-site scripting (XSS) vulnerability in the web interface in ...) + TODO: check +CVE-2006-2924 (Ingate Firewall in the SIP module before 4.4.1 and SIParator before ...) + TODO: check +CVE-2006-2923 (Unspecified vulnerability in the iaxclient library LoudHush 1.3.6 has ...) + TODO: check +CVE-2006-2922 (Multiple PHP remote file inclusion vulnerabilities in MiraksGalerie ...) + TODO: check +CVE-2006-2921 (PHP remote file inclusion vulnerability in cmpro_header.inc.php in ...) + TODO: check +CVE-2006-2920 (Sylpheed-Claws before 2.2.2 allows remote attackers to bypass the URI ...) + TODO: check +CVE-2006-2919 (Unspecified vulnerability in Microsoft NetMeeting 3.01 allows remote ...) + TODO: check +CVE-2006-2918 + RESERVED +CVE-2006-2917 + RESERVED +CVE-2006-2916 + RESERVED +CVE-2006-2915 + RESERVED +CVE-2006-2914 + RESERVED +CVE-2006-2913 (Cross-site scripting (XSS) vulnerability in SelectaPix 1.31 allows ...) + TODO: check +CVE-2006-2912 (Multiple SQL injection vulnerabilities in SelectaPix 1.31 allow remote ...) + TODO: check +CVE-2006-2911 + RESERVED +CVE-2006-2910 + RESERVED +CVE-2006-2909 + RESERVED +CVE-2006-2908 + RESERVED +CVE-2006-2907 + RESERVED +CVE-2006-2906 (The LZW decoding in the gdImageCreateFromGifPtr function in the Thomas ...) + TODO: check +CVE-2006-2905 (Partial Links 1.2.2 allows remote attackers to obtain sensitive ...) + TODO: check +CVE-2006-2904 (SQL injection vulnerability in index.php in Partial Links 1.2.2 allows ...) + TODO: check +CVE-2006-2903 (Cross-site scripting (XSS) vulnerability in admin.php in Particle ...) + TODO: check +CVE-2006-2902 (Directory traversal vulnerability in Particle Links 1.2.2 might allow ...) + TODO: check +CVE-2006-2901 (The web server for D-Link Wireless Access-Point (DWL-2100ap) firmware ...) + TODO: check +CVE-2006-2900 (Internet Explorer 6 allows user-complicit remote attackers to read ...) + TODO: check CVE-2006-2899 (Unspecified vulnerability in ESTsoft InternetDISK versions before ...) NOT-FOR-US: ESTsoft InternetDISK CVE-2006-2898 (Unspecified vulnerability in the IAX2 channel driver (chan_iax2) for ...) @@ -998,8 +1060,8 @@ CVE-2006-2454 RESERVED CVE-2006-2453 (Multiple unspecified format string vulnerabilities in Dia have ...) - dia 0.95.0-4 (bug #368202; medium) -CVE-2006-2452 - RESERVED +CVE-2006-2452 (GNOME GDM 2.8, 2.12, 2.14, and 2.15, when the "face browser" feature ...) + TODO: check CVE-2006-2451 RESERVED CVE-2006-2450 @@ -1551,8 +1613,7 @@ CVE-2006-2195 RESERVED CVE-2006-2194 RESERVED -CVE-2006-2193 [tiff2pdf buffer overflow] - RESERVED +CVE-2006-2193 (Buffer overflow in the t2p_write_pdf_string function in tiff2pdf in libtiff ...) - tiff 3.8.2-4 (bug #371064; medium) CVE-2006-2191 RESERVED @@ -3921,8 +3982,8 @@ CVE-2006-1175 (The WeOnlyDo! SFTP (wodSFTP) ActiveX control is marked as safe fo TODO: check CVE-2006-1174 (useradd in shadow-utils before 4.0.3, and possibly other versions ...) - shadow 1:4.0.15-10 (low) -CVE-2006-1173 - RESERVED +CVE-2006-1173 (Unspecified vulnerability in HP Tru64 UNIX 4.0F PK8 up to 5.1B-3 and ...) + TODO: check CVE-2006-1172 (Stack-based buffer overflow in the createPKCS10 function in ...) NOT-FOR-US: ActiveX control CVE-2006-1171 |