diff options
author | Joey Hess <joeyh@debian.org> | 2006-04-21 21:14:40 +0000 |
---|---|---|
committer | Joey Hess <joeyh@debian.org> | 2006-04-21 21:14:40 +0000 |
commit | d4bd70c65c655593cae0b2fd7b00970d7b6b8468 (patch) | |
tree | a8fe7d19fc10f3696a45ff5d8d0b753a74dad027 /data/CVE | |
parent | a0c97964f67296588e3c32413b7e9c17e2bf273d (diff) |
automatic update
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@3842 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'data/CVE')
-rw-r--r-- | data/CVE/1999.list | 2 | ||||
-rw-r--r-- | data/CVE/2004.list | 2 | ||||
-rw-r--r-- | data/CVE/2005.list | 2 | ||||
-rw-r--r-- | data/CVE/2006.list | 148 |
4 files changed, 150 insertions, 4 deletions
diff --git a/data/CVE/1999.list b/data/CVE/1999.list index 931d79424a..8030ef8f85 100644 --- a/data/CVE/1999.list +++ b/data/CVE/1999.list @@ -1,3 +1,5 @@ +CVE-1999-1588 (Buffer overflow in nlps_server in Sun Solaris x86 2.4, 2.5, and 2.5.1 ...) + TODO: check CVE-1999-1587 (/usr/ucb/ps in Sun Microsystems Solaris 8 and 9, and certain earlier ...) NOT-FOR-US: Solaris CVE-1999-XXXX [Insecure access control on GNU Mach's IO ports] diff --git a/data/CVE/2004.list b/data/CVE/2004.list index a906f86448..49275aa231 100644 --- a/data/CVE/2004.list +++ b/data/CVE/2004.list @@ -1,3 +1,5 @@ +CVE-2004-2657 (** DISPUTED ** ...) + TODO: check CVE-2004-2656 (Multiple cross-site scripting (XSS) vulnerabilities in Slashdot Like ...) - slash <unfixed> (medium) CVE-2004-2655 (rdesktop 1.3.1 with xscreensaver 4.14, and possibly other versions, ...) diff --git a/data/CVE/2005.list b/data/CVE/2005.list index 527f32aa08..d203f3c0ff 100644 --- a/data/CVE/2005.list +++ b/data/CVE/2005.list @@ -1,3 +1,5 @@ +CVE-2005-4787 (** DISPUTED ** ...) + TODO: check CVE-2005-4786 (Buffer overflow in the archive decompression library (vrAZMain.dll ...) NOT-FOR-US: HAURI anti-virus CVE-2005-4785 (Cross-site scripting (XSS) vulnerability in QuickBlogger 1.4 and ...) diff --git a/data/CVE/2006.list b/data/CVE/2006.list index 8300376184..76459bd42a 100644 --- a/data/CVE/2006.list +++ b/data/CVE/2006.list @@ -1,6 +1,146 @@ +CVE-2006-1976 (Cross-site scripting (XSS) vulnerability in addRequest.php in Prayer ...) + TODO: check +CVE-2006-1975 (Cross-site scripting (XSS) vulnerability in guestbook_newentry.php in ...) + TODO: check +CVE-2006-1974 (SQL injection vulnerability in index.php in MyBB (MyBulletinBoard) ...) + TODO: check +CVE-2006-1973 (Multiple unspecified vulnerabilities in Linksys RT31P2 VoIP router ...) + TODO: check +CVE-2006-1972 (Cross-site scripting (XSS) vulnerability in EasyGallery.php in Wingnut ...) + TODO: check +CVE-2006-1971 (Cross-site scripting (XSS) vulnerability in login.php in KRANKIKOM ...) + TODO: check +CVE-2006-1970 (Cross-site scripting (XSS) vulnerability in classifieds/viewcat.cgi in ...) + TODO: check +CVE-2006-1969 (Cross-site scripting (XSS) vulnerability in search/search.cgi in an ...) + TODO: check +CVE-2006-1968 (Cross-site scripting (XSS) vulnerability in news/NsVisitor.cgi in ...) + TODO: check +CVE-2006-1967 (Cross-site scripting (XSS) vulnerability in calendar/Visitor.cgi in ...) + TODO: check +CVE-2006-1966 (An unspecified Fortinet product, possibly Fortinet28, allows remote ...) + TODO: check +CVE-2006-1965 (Multiple cross-site scripting (XSS) vulnerabilities in aasi media Net ...) + TODO: check +CVE-2006-1964 (SQL injection vulnerability in Haberler.asp in ASPSitem 1.83 and ...) + TODO: check +CVE-2006-1963 (Directory traversal vulnerability in main.php in PCPIN Chat 5.0.4 and ...) + TODO: check +CVE-2006-1962 (SQL injection vulnerability in PCPIN Chat 5.0.4 and earlier allows ...) + TODO: check +CVE-2006-1961 (Cisco CiscoWorks Wireless LAN Solution Engine (WLSE) and WLSE Express ...) + TODO: check +CVE-2006-1960 (Cross-site scripting (XSS) vulnerability in the appliance web user ...) + TODO: check +CVE-2006-1959 (PHP remote file inclusion vulnerability in direct.php in ActualScripts ...) + TODO: check +CVE-2006-1958 (Multiple SQL injection vulnerabilities in WWWThreads RC 3 allow remote ...) + TODO: check +CVE-2006-1957 (The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows ...) + TODO: check +CVE-2006-1956 (The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows ...) + TODO: check +CVE-2006-1955 (PHP remote file inclusion vulnerability in authent.php4 in Nicolas ...) + TODO: check +CVE-2006-1954 (SQL injection vulnerability in authent.php4 in Nicolas Fischer (aka ...) + TODO: check +CVE-2006-1953 + RESERVED +CVE-2006-1952 + RESERVED +CVE-2006-1951 + RESERVED +CVE-2006-1950 (Multiple cross-site scripting (XSS) vulnerabilities in banners.cgi in ...) + TODO: check +CVE-2006-1949 (SQL injection vulnerability in plexcart.pl in NicPlex PlexCart X3 and ...) + TODO: check +CVE-2006-1948 (The "Add Sender to Address Book" operation ...) + TODO: check +CVE-2006-1947 (Multiple SQL injection vulnerabilities in plexum.php in NicPlex Plexum ...) + TODO: check +CVE-2006-1946 (Multiple cross-site scripting (XSS) vulnerabilities in Visale 1.0 and ...) + TODO: check +CVE-2006-1945 (Cross-site scripting (XSS) vulnerability in awstats.pl in AWStats 6.5 ...) + TODO: check +CVE-2006-1944 (Multiple cross-site scripting (XSS) vulnerabilities in SibSoft ...) + TODO: check +CVE-2006-1943 (Multiple cross-site scripting (XSS) vulnerabilities in Smarter Scripts ...) + TODO: check +CVE-2006-1942 (Mozilla Firefox 1.5.0.2 allows user-complicit remote attackers to open ...) + TODO: check +CVE-2006-1941 (Neon Responder 5.4 for LANsurveyor allows remote attackers to cause a ...) + TODO: check +CVE-2006-1940 + RESERVED +CVE-2006-1939 + RESERVED +CVE-2006-1938 + RESERVED +CVE-2006-1937 + RESERVED +CVE-2006-1936 + RESERVED +CVE-2006-1935 + RESERVED +CVE-2006-1934 + RESERVED +CVE-2006-1933 + RESERVED +CVE-2006-1932 + RESERVED +CVE-2006-1931 (The HTTP/XMLRPC server in Ruby before 1.8.2 uses blocking sockets, ...) + TODO: check +CVE-2006-1930 (Multiple SQL injection vulnerabilities in userscript.php in Green ...) + TODO: check +CVE-2006-1929 (PHP remote file inclusion vulnerability in include/common.php in ...) + TODO: check +CVE-2006-1928 (Cisco IOS XR, when configured for Multi Protocol Label Switching ...) + TODO: check +CVE-2006-1927 (Cisco IOS XR, when configured for Multi Protocol Label Switching ...) + TODO: check +CVE-2006-1926 (SQL injection vulnerability in showtopic.php in ThWboard 2.84 beta 3 ...) + TODO: check +CVE-2006-1925 (Directory traversal vulnerability in the editnews module ...) + TODO: check +CVE-2006-1924 (SQL injection vulnerability in functions/db_api.php in LinPHA 1.1.1 ...) + TODO: check +CVE-2006-1923 (Multiple cross-site scripting (XSS) vulnerabilities in LinPHA before ...) + TODO: check +CVE-2006-1922 (PHP remote file inclusion vulnerability in (1) about.php or (2) ...) + TODO: check +CVE-2006-1921 (nettools.php in PHP Net Tools 2.7.1 allows remote attackers to execute ...) + TODO: check +CVE-2006-1920 (SQL injection vulnerability in index.php in PMTool 1.2.2 allows remote ...) + TODO: check +CVE-2006-1919 (PHP remote file inclusion vulnerability in index.php in Internet ...) + TODO: check +CVE-2006-1918 (Multiple cross-site scripting (XSS) vulnerabilities in Papoo 2.1.5 ...) + TODO: check +CVE-2006-1917 (SQL injection vulnerability in member.php in Blackorpheus ...) + TODO: check +CVE-2006-1916 (Multiple cross-site scripting (XSS) vulnerabilities in profile.php in ...) + TODO: check +CVE-2006-1915 (SQL injection vulnerability in topics.php in DbbS 2.0-alpha and ...) + TODO: check +CVE-2006-1914 (DbbS 2.0-alpha and earlier allows remote attackers to obtain sensitive ...) + TODO: check +CVE-2006-1913 (Cross-site scripting (XSS) vulnerability in jax_guestbook.php in Jax ...) + TODO: check +CVE-2006-1912 (MyBB (MyBulletinBoard) 1.1.0 does not set the constant KILL_GLOBAL ...) + TODO: check +CVE-2006-1911 (Cross-site scripting (XSS) vulnerability in MyBB (MyBulletinBoard) 1.1 ...) + TODO: check +CVE-2006-1910 (config.php in S9Y Serendipity 1.0 beta 2 allows remote attackers to ...) + TODO: check +CVE-2006-1909 (Directory traversal vulnerability in index.php in Coppermine 1.4.4 ...) + TODO: check +CVE-2006-1908 (Cross-site scripting vulnerability in addevent.php in myEvent 1.x ...) + TODO: check +CVE-2006-1907 (Multiple SQL injection vulnerabilities in myEvent 1.x allow remote ...) + TODO: check CVE-2006-XXXX [wiki macro XSS vulnerability] - - trac 0.9.5-1 -CVE-2006-1906 (Cross-site scripting (XSS) vulnerability in index.php in phpLister ...) + - trac 0.9.5-1 +CVE-2006-1906 (Cross-site scripting (XSS) vulnerability in index.php in jjgan852 ...) TODO: check CVE-2006-1905 (Multiple format string vulnerabilities in xiTK (xitk/main.c) in xine ...) TODO: check @@ -459,7 +599,7 @@ CVE-2006-1723 (Unspecified vulnerability in Firefox and Thunderbird before 1.5.0 NOTE: This is probably: https://bugzilla.mozilla.org/show_bug.cgi?id=320459 CVE-2006-1722 (Cross-site scripting (XSS) vulnerability in suche.htm in ShopXS 4.0 ...) NOT-FOR-US: ShopXS -CVE-2006-1721 (Unspecified vulnerability in the CMU Cyrus Simple Authentication and ...) +CVE-2006-1721 (Unspecified vulnerability in digestmd5.c in the CMU Cyrus Simple ...) - cyrus-sasl2 <unfixed> (bug #361937; low) CVE-2006-1720 (Cross-site scripting (XSS) vulnerability in search.php in SaphpLesson ...) NOT-FOR-US: SaphpLesson @@ -1909,7 +2049,7 @@ CVE-2006-1050 (Kwik-Pay Payroll 4.2.20, and possibly other versions, stores the CVE-2006-1319 (chpst in runit 1.3.3-1 for Debian GNU/Linux, when compiled on little ...) - runit <unfixed> (bug #356016; medium) [sarge] - runit <not-affected> -CVE-2006-1049 (Multiple SQL injection vulnerabilities in Joomla! 1.0.7 and earlier ...) +CVE-2006-1049 (Multiple SQL injection vulnerabilities in the Admin functionality in ...) NOT-FOR-US: Joomla! CVE-2006-1048 (Joomla! 1.0.7 and earlier allows attackers to bypass intended access ...) NOT-FOR-US: Joomla! |