automatic update

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@3916 e39458fd-73e7-0310-bf30-c45bca0a0e42
author: Joey Hess <joeyh@debian.org> 2006-05-03 21:14:23 +0000
committer: Joey Hess <joeyh@debian.org> 2006-05-03 21:14:23 +0000
commit: b2b1d68edb56ff732678c59f25e4de5a4276f91a (patch)
tree: c2448e967ce533dd5a959cb30c0449f34eb2292e /data/CVE
parent: a824fb5cfdfdcac8dab632d1c3e5c268a5797ff2 (diff)
3 files changed, 64 insertions, 8 deletions
diff --git a/data/CVE/1999.list b/data/CVE/1999.list
index a1697d7841..57ee4e7646 100644
--- a/data/CVE/1999.list
+++ b/data/CVE/1999.list
@@ -2183,7 +2183,7 @@ CVE-1999-1235 (Internet Explorer 5.0 records the username and password for FTP .
 	TODO: check
 CVE-1999-1234 (LSA (LSASS.EXE) in Windows NT 4.0 allows remote attackers to cause a ...)
 	TODO: check
-CVE-1999-1232 (day5datacopier in SGI IRIX 6.2 trusts the PATH environmental variable ...)
+CVE-1999-1232 (Untrusted search path vulnerability in day5datacopier in SGI IRIX 6.2 ...)
 	TODO: check
 CVE-1999-1231 (ssh 2.0.12, and possibly other versions, allows valid user names to ...)
 	TODO: check
diff --git a/data/CVE/2005.list b/data/CVE/2005.list
index e7e8374dd3..9304f1a20c 100644
--- a/data/CVE/2005.list
+++ b/data/CVE/2005.list
@@ -1,3 +1,5 @@
+CVE-2005-4794 (Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and ...)
+	TODO: check
 CVE-2005-4793 (Multiple unspecified vulnerabilities in the web utility function in ...)
 	TODO: check
 CVE-2005-4792 (SQL injection vulnerability in index.php in Appalachian State ...)
diff --git a/data/CVE/2006.list b/data/CVE/2006.list
index dd3c196e5b..4c18a787cc 100644
--- a/data/CVE/2006.list
+++ b/data/CVE/2006.list
@@ -1,4 +1,58 @@
-CVE-2006-2148 (Multiple buffer overflows in client.c in CGI:IRC before 0.5.8 ...)
+CVE-2006-2161
+	RESERVED
+CVE-2006-2160 (Cross-site scripting (XSS) vulnerability in Russcom Network Loginphp ...)
+	TODO: check
+CVE-2006-2159 (CRLF injection vulnerability in help.php in Russcom Network Loginphp ...)
+	TODO: check
+CVE-2006-2158 (Dynamic variable evaluation vulnerability in index.php in Stadtaus ...)
+	TODO: check
+CVE-2006-2157 (SQL injection vulnerability in gallery.php in Plogger Beta 2.1 and ...)
+	TODO: check
+CVE-2006-2156 (Directory traversal vulnerability in help/index.php in X7 Chat 2.0 and ...)
+	TODO: check
+CVE-2006-2155 (EMC Retrospect for Windows 6.5 before 6.5.382, 7.0 before 7.0.344, and ...)
+	TODO: check
+CVE-2006-2154 (EMC Retrospect for Windows 6.5 before 6.5.382, 7.0 before 7.0.344, and ...)
+	TODO: check
+CVE-2006-2153 (Cross-site scripting (XSS) vulnerability in HTM_PASSWD in DirectAdmin ...)
+	TODO: check
+CVE-2006-2152 (PHP remote file inclusion vulnerability in admin/addentry.php in phpBB ...)
+	TODO: check
+CVE-2006-2151 (PHP remote file inclusion vulnerability in toplist.php in phpBB ...)
+	TODO: check
+CVE-2006-2150 (PHP remote file inclusion vulnerability in top/list.php in phpBB ...)
+	TODO: check
+CVE-2006-2149 (PHP remote file inclusion vulnerability in sources/lostpw.php in ...)
+	TODO: check
+CVE-2006-2147 (resmgrd in resmgr for SUSE Linux and other distributions does not ...)
+	TODO: check
+CVE-2006-2146 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+	TODO: check
+CVE-2006-2145 (Multiple SQL injection vulnerabilities in index.php in HB-NS 1.1.6 ...)
+	TODO: check
+CVE-2006-2144 (PHP remote file inclusion vulnerability in kopf.php in DMCounter ...)
+	TODO: check
+CVE-2006-2143 (Multiple cross-site scripting (XSS) vulnerabilities in TextFileBB ...)
+	TODO: check
+CVE-2006-2142 (PHP remote file inclusion vulnerability in classes/adodbt/sql.php in ...)
+	TODO: check
+CVE-2006-2141 (Cross-site scripting (XSS) vulnerability in popup_image in ...)
+	TODO: check
+CVE-2006-2140 (Multiple cross-site scripting (XSS) vulnerabilities in OrbitHYIP 2.0 ...)
+	TODO: check
+CVE-2006-2139 (Multiple SQL injection vulnerabilities in PHP Newsfeed 20040723 allow ...)
+	TODO: check
+CVE-2006-2138 (Cross-site scripting (XSS) vulnerability in neomail.pl in NeoMail 1.29 ...)
+	TODO: check
+CVE-2006-2137 (PHP remote file inclusion vulnerability in master.php in OpenPHPNuke ...)
+	TODO: check
+CVE-2006-2136 (SQL injection vulnerability in news.php in AZNEWS allows remote ...)
+	TODO: check
+CVE-2006-2135 (SQL injection vulnerability in login.php in Ruperts News allows remote ...)
+	TODO: check
+CVE-2006-2134 (PHP remote file inclusion vulnerability in /includes/kb_constants.php ...)
+	TODO: check
+CVE-2006-2148 (Multiple buffer overflows in client.c in CGI:IRC (CGIIRC) before 0.5.8 ...)
 	- cgiirc <unfixed> (bug #365680; medium)
 	[sarge] - cgiirc <unfixed> (bug #365680; medium)
 CVE-2006-2133 (SQL injection vulnerability in index.php in BoonEx Barracuda 1.1 and ...)
@@ -17,7 +71,8 @@ CVE-2006-2127 (SQL injection vulnerability in weblog_posting.php in Blog Mod 0.2
 	TODO: check
 CVE-2006-2126 (SQL injection vulnerability in pocategories.php in MaxTrade 1.0.1 and ...)
 	TODO: check
-CVE-2006-2125 (Unspecified vulnerability in xterm in HP-UX B.11.00, B.11.11, and ...)
+CVE-2006-2125
+	REJECTED
 	TODO: check
 CVE-2006-2124 (Multiple cross-site scripting (XSS) vulnerabilities in SunShop 3.5 and ...)
 	TODO: check
@@ -49,8 +104,8 @@ CVE-2006-2111 (Microsoft Internet Explorer 6.0 on Windows XP SP2, and possibly o
 	TODO: check
 CVE-2006-2110 (Virtual Private Server (Vserver) 2.0.x before 2.0.2-rc18 and 2.1.x ...)
 	TODO: check
-CVE-2006-2109
-	RESERVED
+CVE-2006-2109 (Cross-site scripting (XSS) vulnerability in the parse_query_str ...)
+	TODO: check
 CVE-2006-2108 (parser.exe in Oc&#233; (OCE) 3121/3122 Printer allows remote attackers to ...)
 	TODO: check
 CVE-2006-2107 (Buffer overflow in BL4 SMTP Server 0.1.4 and earlier allows remote ...)
@@ -322,7 +377,7 @@ CVE-2006-1978 (SQL injection vulnerability in inc/start.php in FlexBB 0.5.5 and
 	NOT-FOR-US: FlexBB
 CVE-2006-1977 (Cross-site scripting (XSS) vulnerability in FlexBB 0.5.7 BETA and ...)
 	NOT-FOR-US: FlexBB
-CVE-2006-1993 (Mozilla Firefox 1.5.0.2 allows remote attackers to cause a denial of ...)
+CVE-2006-1993 (Mozilla Firefox 1.5.0.2, when designMode is enabled, allows remote ...)
 	- firefox 1.5.dfsg+1.5.0.2-2
 	[sarge] - mozilla-firefox <not-affected>
 CVE-2006-XXXX [typo3 mailforms can be abused to send spam]
@@ -1402,8 +1457,7 @@ CVE-2006-1528
 	RESERVED
 CVE-2006-1527
 	RESERVED
-CVE-2006-1526 [Buffer overflow in the Xrender extension]
-	RESERVED
+CVE-2006-1526 (Buffer overflow in the Xrender extension in X.org X server 6.8.0 up to ...)
 	- xorg-server 1:1.0.2-8
 CVE-2006-1525 (ip_route_input in Linux kernel 2.6 before 2.6.16.8 allows local users ...)
 	- linux-2.6 2.6.16-9
author	Joey Hess <joeyh@debian.org>	2006-05-03 21:14:23 +0000
committer	Joey Hess <joeyh@debian.org>	2006-05-03 21:14:23 +0000
commit	b2b1d68edb56ff732678c59f25e4de5a4276f91a (patch)
tree	c2448e967ce533dd5a959cb30c0449f34eb2292e /data/CVE
parent	a824fb5cfdfdcac8dab632d1c3e5c268a5797ff2 (diff)