automatic update

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@3842 e39458fd-73e7-0310-bf30-c45bca0a0e42

4 files changed, 150 insertions, 4 deletions

diff --git a/data/CVE/1999.list b/data/CVE/1999.list
index 931d79424a..8030ef8f85 100644
--- a/data/CVE/1999.list
+++ b/data/CVE/1999.list
@@ -1,3 +1,5 @@
+CVE-1999-1588 (Buffer overflow in nlps_server in Sun Solaris x86 2.4, 2.5, and 2.5.1 ...)
+	TODO: check
 CVE-1999-1587 (/usr/ucb/ps in Sun Microsystems Solaris 8 and 9, and certain earlier ...)
 	NOT-FOR-US: Solaris
 CVE-1999-XXXX [Insecure access control on GNU Mach's IO ports]
diff --git a/data/CVE/2004.list b/data/CVE/2004.list
index a906f86448..49275aa231 100644
--- a/data/CVE/2004.list
+++ b/data/CVE/2004.list
@@ -1,3 +1,5 @@
+CVE-2004-2657 (** DISPUTED ** ...)
+	TODO: check
 CVE-2004-2656 (Multiple cross-site scripting (XSS) vulnerabilities in Slashdot Like ...)
 	- slash <unfixed> (medium)
 CVE-2004-2655 (rdesktop 1.3.1 with xscreensaver 4.14, and possibly other versions, ...)
diff --git a/data/CVE/2005.list b/data/CVE/2005.list
index 527f32aa08..d203f3c0ff 100644
--- a/data/CVE/2005.list
+++ b/data/CVE/2005.list
@@ -1,3 +1,5 @@
+CVE-2005-4787 (** DISPUTED ** ...)
+	TODO: check
 CVE-2005-4786 (Buffer overflow in the archive decompression library (vrAZMain.dll ...)
 	NOT-FOR-US: HAURI anti-virus
 CVE-2005-4785 (Cross-site scripting (XSS) vulnerability in QuickBlogger 1.4 and ...)
diff --git a/data/CVE/2006.list b/data/CVE/2006.list
index 8300376184..76459bd42a 100644
--- a/data/CVE/2006.list
+++ b/data/CVE/2006.list
@@ -1,6 +1,146 @@
+CVE-2006-1976 (Cross-site scripting (XSS) vulnerability in addRequest.php in Prayer ...)
+	TODO: check
+CVE-2006-1975 (Cross-site scripting (XSS) vulnerability in guestbook_newentry.php in ...)
+	TODO: check
+CVE-2006-1974 (SQL injection vulnerability in index.php in MyBB (MyBulletinBoard) ...)
+	TODO: check
+CVE-2006-1973 (Multiple unspecified vulnerabilities in Linksys RT31P2 VoIP router ...)
+	TODO: check
+CVE-2006-1972 (Cross-site scripting (XSS) vulnerability in EasyGallery.php in Wingnut ...)
+	TODO: check
+CVE-2006-1971 (Cross-site scripting (XSS) vulnerability in login.php in KRANKIKOM ...)
+	TODO: check
+CVE-2006-1970 (Cross-site scripting (XSS) vulnerability in classifieds/viewcat.cgi in ...)
+	TODO: check
+CVE-2006-1969 (Cross-site scripting (XSS) vulnerability in search/search.cgi in an ...)
+	TODO: check
+CVE-2006-1968 (Cross-site scripting (XSS) vulnerability in news/NsVisitor.cgi in ...)
+	TODO: check
+CVE-2006-1967 (Cross-site scripting (XSS) vulnerability in calendar/Visitor.cgi in ...)
+	TODO: check
+CVE-2006-1966 (An unspecified Fortinet product, possibly Fortinet28, allows remote ...)
+	TODO: check
+CVE-2006-1965 (Multiple cross-site scripting (XSS) vulnerabilities in aasi media Net ...)
+	TODO: check
+CVE-2006-1964 (SQL injection vulnerability in Haberler.asp in ASPSitem 1.83 and ...)
+	TODO: check
+CVE-2006-1963 (Directory traversal vulnerability in main.php in PCPIN Chat 5.0.4 and ...)
+	TODO: check
+CVE-2006-1962 (SQL injection vulnerability in PCPIN Chat 5.0.4 and earlier allows ...)
+	TODO: check
+CVE-2006-1961 (Cisco CiscoWorks Wireless LAN Solution Engine (WLSE) and WLSE Express ...)
+	TODO: check
+CVE-2006-1960 (Cross-site scripting (XSS) vulnerability in the appliance web user ...)
+	TODO: check
+CVE-2006-1959 (PHP remote file inclusion vulnerability in direct.php in ActualScripts ...)
+	TODO: check
+CVE-2006-1958 (Multiple SQL injection vulnerabilities in WWWThreads RC 3 allow remote ...)
+	TODO: check
+CVE-2006-1957 (The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows ...)
+	TODO: check
+CVE-2006-1956 (The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows ...)
+	TODO: check
+CVE-2006-1955 (PHP remote file inclusion vulnerability in authent.php4 in Nicolas ...)
+	TODO: check
+CVE-2006-1954 (SQL injection vulnerability in authent.php4 in Nicolas Fischer (aka ...)
+	TODO: check
+CVE-2006-1953
+	RESERVED
+CVE-2006-1952
+	RESERVED
+CVE-2006-1951
+	RESERVED
+CVE-2006-1950 (Multiple cross-site scripting (XSS) vulnerabilities in banners.cgi in ...)
+	TODO: check
+CVE-2006-1949 (SQL injection vulnerability in plexcart.pl in NicPlex PlexCart X3 and ...)
+	TODO: check
+CVE-2006-1948 (The &quot;Add Sender to Address Book&quot; operation ...)
+	TODO: check
+CVE-2006-1947 (Multiple SQL injection vulnerabilities in plexum.php in NicPlex Plexum ...)
+	TODO: check
+CVE-2006-1946 (Multiple cross-site scripting (XSS) vulnerabilities in Visale 1.0 and ...)
+	TODO: check
+CVE-2006-1945 (Cross-site scripting (XSS) vulnerability in awstats.pl in AWStats 6.5 ...)
+	TODO: check
+CVE-2006-1944 (Multiple cross-site scripting (XSS) vulnerabilities in SibSoft ...)
+	TODO: check
+CVE-2006-1943 (Multiple cross-site scripting (XSS) vulnerabilities in Smarter Scripts ...)
+	TODO: check
+CVE-2006-1942 (Mozilla Firefox 1.5.0.2 allows user-complicit remote attackers to open ...)
+	TODO: check
+CVE-2006-1941 (Neon Responder 5.4 for LANsurveyor allows remote attackers to cause a ...)
+	TODO: check
+CVE-2006-1940
+	RESERVED
+CVE-2006-1939
+	RESERVED
+CVE-2006-1938
+	RESERVED
+CVE-2006-1937
+	RESERVED
+CVE-2006-1936
+	RESERVED
+CVE-2006-1935
+	RESERVED
+CVE-2006-1934
+	RESERVED
+CVE-2006-1933
+	RESERVED
+CVE-2006-1932
+	RESERVED
+CVE-2006-1931 (The HTTP/XMLRPC server in Ruby before 1.8.2 uses blocking sockets, ...)
+	TODO: check
+CVE-2006-1930 (Multiple SQL injection vulnerabilities in userscript.php in Green ...)
+	TODO: check
+CVE-2006-1929 (PHP remote file inclusion vulnerability in include/common.php in ...)
+	TODO: check
+CVE-2006-1928 (Cisco IOS XR, when configured for Multi Protocol Label Switching ...)
+	TODO: check
+CVE-2006-1927 (Cisco IOS XR, when configured for Multi Protocol Label Switching ...)
+	TODO: check
+CVE-2006-1926 (SQL injection vulnerability in showtopic.php in ThWboard 2.84 beta 3 ...)
+	TODO: check
+CVE-2006-1925 (Directory traversal vulnerability in the editnews module ...)
+	TODO: check
+CVE-2006-1924 (SQL injection vulnerability in functions/db_api.php in LinPHA 1.1.1 ...)
+	TODO: check
+CVE-2006-1923 (Multiple cross-site scripting (XSS) vulnerabilities in LinPHA before ...)
+	TODO: check
+CVE-2006-1922 (PHP remote file inclusion vulnerability in (1) about.php or (2) ...)
+	TODO: check
+CVE-2006-1921 (nettools.php in PHP Net Tools 2.7.1 allows remote attackers to execute ...)
+	TODO: check
+CVE-2006-1920 (SQL injection vulnerability in index.php in PMTool 1.2.2 allows remote ...)
+	TODO: check
+CVE-2006-1919 (PHP remote file inclusion vulnerability in index.php in Internet ...)
+	TODO: check
+CVE-2006-1918 (Multiple cross-site scripting (XSS) vulnerabilities in Papoo 2.1.5 ...)
+	TODO: check
+CVE-2006-1917 (SQL injection vulnerability in member.php in Blackorpheus ...)
+	TODO: check
+CVE-2006-1916 (Multiple cross-site scripting (XSS) vulnerabilities in profile.php in ...)
+	TODO: check
+CVE-2006-1915 (SQL injection vulnerability in topics.php in DbbS 2.0-alpha and ...)
+	TODO: check
+CVE-2006-1914 (DbbS 2.0-alpha and earlier allows remote attackers to obtain sensitive ...)
+	TODO: check
+CVE-2006-1913 (Cross-site scripting (XSS) vulnerability in jax_guestbook.php in Jax ...)
+	TODO: check
+CVE-2006-1912 (MyBB (MyBulletinBoard) 1.1.0 does not set the constant KILL_GLOBAL ...)
+	TODO: check
+CVE-2006-1911 (Cross-site scripting (XSS) vulnerability in MyBB (MyBulletinBoard) 1.1 ...)
+	TODO: check
+CVE-2006-1910 (config.php in S9Y Serendipity 1.0 beta 2 allows remote attackers to ...)
+	TODO: check
+CVE-2006-1909 (Directory traversal vulnerability in index.php in Coppermine 1.4.4 ...)
+	TODO: check
+CVE-2006-1908 (Cross-site scripting vulnerability in addevent.php in myEvent 1.x ...)
+	TODO: check
+CVE-2006-1907 (Multiple SQL injection vulnerabilities in myEvent 1.x allow remote ...)
+	TODO: check
 CVE-2006-XXXX [wiki macro XSS vulnerability]
-        - trac 0.9.5-1
-CVE-2006-1906 (Cross-site scripting (XSS) vulnerability in index.php in phpLister ...)
+	- trac 0.9.5-1
+CVE-2006-1906 (Cross-site scripting (XSS) vulnerability in index.php in jjgan852 ...)
 	TODO: check
 CVE-2006-1905 (Multiple format string vulnerabilities in xiTK (xitk/main.c) in xine ...)
 	TODO: check
@@ -459,7 +599,7 @@ CVE-2006-1723 (Unspecified vulnerability in Firefox and Thunderbird before 1.5.0
 	NOTE: This is probably: https://bugzilla.mozilla.org/show_bug.cgi?id=320459
 CVE-2006-1722 (Cross-site scripting (XSS) vulnerability in suche.htm in ShopXS 4.0 ...)
 	NOT-FOR-US: ShopXS
-CVE-2006-1721 (Unspecified vulnerability in the CMU Cyrus Simple Authentication and ...)
+CVE-2006-1721 (Unspecified vulnerability in digestmd5.c in the CMU Cyrus Simple ...)
 	- cyrus-sasl2 <unfixed> (bug #361937; low)
 CVE-2006-1720 (Cross-site scripting (XSS) vulnerability in search.php in SaphpLesson ...)
 	NOT-FOR-US: SaphpLesson
@@ -1909,7 +2049,7 @@ CVE-2006-1050 (Kwik-Pay Payroll 4.2.20, and possibly other versions, stores the
 CVE-2006-1319 (chpst in runit 1.3.3-1 for Debian GNU/Linux, when compiled on little ...)
 	- runit <unfixed> (bug #356016; medium)
 	[sarge] - runit <not-affected>
-CVE-2006-1049 (Multiple SQL injection vulnerabilities in Joomla! 1.0.7 and earlier ...)
+CVE-2006-1049 (Multiple SQL injection vulnerabilities in the Admin functionality in ...)
 	NOT-FOR-US: Joomla!
 CVE-2006-1048 (Joomla! 1.0.7 and earlier allows attackers to bypass intended access ...)
 	NOT-FOR-US: Joomla!