automatic update

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@3710 e39458fd-73e7-0310-bf30-c45bca0a0e42

3 files changed, 202 insertions, 7 deletions

diff --git a/data/CVE/1999.list b/data/CVE/1999.list
index 5ed82a4364..cd3065604e 100644
--- a/data/CVE/1999.list
+++ b/data/CVE/1999.list
@@ -1,3 +1,5 @@
+CVE-1999-1587 (/usr/ucb/ps in Sun Microsystems Solaris 8 and 9, and certain earlier ...)
+	TODO: check
 CVE-1999-XXXX [Insecure access control on GNU Mach's IO ports]
 	- gnumach <unfixed> (bug #46709)
 	NOTE: Nearly six years old :-)
diff --git a/data/CVE/2005.list b/data/CVE/2005.list
index 2514e2bd2e..411ae726e1 100644
--- a/data/CVE/2005.list
+++ b/data/CVE/2005.list
@@ -1,3 +1,11 @@
+CVE-2005-4747 (Cross-site scripting (XSS) vulnerability in WebHost Automation Ltd ...)
+	TODO: check
+CVE-2005-4746 (Multiple buffer overflows in FreeRADIUS 1.0.3 and 1.0.4 allow remote ...)
+	TODO: check
+CVE-2005-4745 (SQL injection vulnerability in the rlm_sqlcounter module in FreeRADIUS ...)
+	TODO: check
+CVE-2005-4744 (Off-by-one error in the sql_error function in sql_unixodbc.c in ...)
+	TODO: check
 CVE-2005-4743 (Multiple SQL injection vulnerabilities in index.php in NeLogic Nephp ...)
 	NOT-FOR-US: NeLogic Nephp Publisher
 CVE-2005-4742 (Unspecified vulnerability in Echelog 0.6.2 allows attackers to ...)
@@ -5299,6 +5307,7 @@ CVE-2005-2473 (Multiple SQL injection vulnerabilities in ChurchInfo allow remote
 CVE-2005-2472 (Multiple buffer overflows in BusinessMail 4.60.00 allow remote ...)
 	NOT-FOR-US: BusinessMail
 CVE-2005-2471 (pstopnm in netpbm does not properly use the &quot;-dSAFER&quot; option when ...)
+	{DSA-1021-1}
 	- netpbm-free 2:10.0-9 (bug #319757; low)
 CVE-2005-2470 (Buffer overflow in a &quot;core application plug-in&quot; for Adobe Reader 5.1 ...)
 	NOT-FOR-US: Adobe
diff --git a/data/CVE/2006.list b/data/CVE/2006.list
index 0a34cf34e7..8000882e77 100644
--- a/data/CVE/2006.list
+++ b/data/CVE/2006.list
@@ -1,3 +1,187 @@
+CVE-2006-1488 (ActiveCampaign SupportTrio 2.5 allows remote attackers to obtain the ...)
+	TODO: check
+CVE-2006-1487 (Cross-site scripting (XSS) vulnerability in ActiveCampaign SupportTrio ...)
+	TODO: check
+CVE-2006-1486 (Multiple cross-site scripting (XSS) vulnerabilities in index.cfm in ...)
+	TODO: check
+CVE-2006-1485 (gm-upload.cgi in Greymatter 1.3.1 allows remote authenticated users ...)
+	TODO: check
+CVE-2006-1484 (Genius VideoCAM NB Driver does not drop privileges when saving files, ...)
+	TODO: check
+CVE-2006-1483 (Blazix Web Server before 1.2.6, when running on Windows, allows remote ...)
+	TODO: check
+CVE-2006-1482 (Cross-site scripting (XSS) vulnerability in index.php in ConfTool 1.1 ...)
+	TODO: check
+CVE-2006-1481 (SQL injection vulnerability in search.php in PHP Ticket 0.71 allows ...)
+	TODO: check
+CVE-2006-1480 (Directory traversal vulnerability in start.php in WebAlbum 2.02 allows ...)
+	TODO: check
+CVE-2006-1479 (Multiple cross-site scripting (XSS) vulnerabilities in Serge Rey ...)
+	TODO: check
+CVE-2006-1478 (Directory traversal vulnerability in (1) initiate.php and (2) possibly ...)
+	TODO: check
+CVE-2006-1477 (Multiple PHP remote file inclusion vulnerabilities in Turnkey Web ...)
+	TODO: check
+CVE-2006-1476 (Windows Firewall in Microsoft Windows XP SP2 produces incorrect ...)
+	TODO: check
+CVE-2006-1475 (Windows Firewall in Microsoft Windows XP SP2 does not produce ...)
+	TODO: check
+CVE-2006-1474 (Cross-site scripting (XSS) vulnerability in the &quot;failed&quot; functionality ...)
+	TODO: check
+CVE-2006-1473
+	RESERVED
+CVE-2006-1472
+	RESERVED
+CVE-2006-1471
+	RESERVED
+CVE-2006-1470
+	RESERVED
+CVE-2006-1469
+	RESERVED
+CVE-2006-1468
+	RESERVED
+CVE-2006-1467
+	RESERVED
+CVE-2006-1466
+	RESERVED
+CVE-2006-1465
+	RESERVED
+CVE-2006-1464
+	RESERVED
+CVE-2006-1463
+	RESERVED
+CVE-2006-1462
+	RESERVED
+CVE-2006-1461
+	RESERVED
+CVE-2006-1460
+	RESERVED
+CVE-2006-1459
+	RESERVED
+CVE-2006-1458
+	RESERVED
+CVE-2006-1457
+	RESERVED
+CVE-2006-1456
+	RESERVED
+CVE-2006-1455
+	RESERVED
+CVE-2006-1454
+	RESERVED
+CVE-2006-1453
+	RESERVED
+CVE-2006-1452
+	RESERVED
+CVE-2006-1451
+	RESERVED
+CVE-2006-1450
+	RESERVED
+CVE-2006-1449
+	RESERVED
+CVE-2006-1448
+	RESERVED
+CVE-2006-1447
+	RESERVED
+CVE-2006-1446
+	RESERVED
+CVE-2006-1445
+	RESERVED
+CVE-2006-1444
+	RESERVED
+CVE-2006-1443
+	RESERVED
+CVE-2006-1442
+	RESERVED
+CVE-2006-1441
+	RESERVED
+CVE-2006-1440
+	RESERVED
+CVE-2006-1439
+	RESERVED
+CVE-2006-1438
+	RESERVED
+CVE-2006-1437
+	RESERVED
+CVE-2006-1436
+	RESERVED
+CVE-2006-1435
+	RESERVED
+CVE-2006-1434
+	RESERVED
+CVE-2006-1433
+	RESERVED
+CVE-2006-1432 (fusionZONE couponZONE 4.2 allows remote attackers to obtain the full ...)
+	TODO: check
+CVE-2006-1431 (Cross-site scripting (XSS) vulnerability in local.cfm in fusionZONE ...)
+	TODO: check
+CVE-2006-1430 (Multiple cross-site scripting (XSS) vulnerabilities in CONTROLzx HMS ...)
+	TODO: check
+CVE-2006-1429 (Cross-site scripting (XSS) vulnerability in accountlogon.cfm in ...)
+	TODO: check
+CVE-2006-1428 (Multiple cross-site scripting (XSS) vulnerabilities in phpCOIN 1.2.2 ...)
+	TODO: check
+CVE-2006-1427 (Multiple cross-site scripting (XSS) vulnerabilities in WebAPP ...)
+	TODO: check
+CVE-2006-1426 (Multiple SQL injection vulnerabilities in Pixel Motion Blog allow ...)
+	TODO: check
+CVE-2006-1425 (Cross-site scripting (XSS) vulnerability in track.php in phpmyfamily ...)
+	TODO: check
+CVE-2006-1424 (Cross-site scripting (XSS) vulnerability in index.php in ConfTool 1.1 ...)
+	TODO: check
+CVE-2006-1423 (SQL injection vulnerability in showflat.php in UBB.threads 5.5.1, 6.0 ...)
+	TODO: check
+CVE-2006-1422 (SQL injection vulnerability in details_view.php in PHP Booking Calendar ...)
+	TODO: check
+CVE-2006-1421 (Multiple SQL injection vulnerabilities in akocomment.php in AkoComment ...)
+	TODO: check
+CVE-2006-1420 (SQL injection vulnerability in print.php in SaphpLesson 2.0 allows ...)
+	TODO: check
+CVE-2006-1419 (SQL injection vulnerability in the Calendar module in nuked-klan 1.7.5 ...)
+	TODO: check
+CVE-2006-1418 (Cross-site scripting (XSS) vulnerability in default.asp in E-School ...)
+	TODO: check
+CVE-2006-1417 (Multiple cross-site scripting (XSS) vulnerabilities in Web Quiz pro, ...)
+	TODO: check
+CVE-2006-1416 (Cross-site scripting (XSS) vulnerability in afmsearch.aspx in Absolute ...)
+	TODO: check
+CVE-2006-1415 (Cross-site scripting (XSS) vulnerability in iforget.aspx in dotNetBB ...)
+	TODO: check
+CVE-2006-1414 (Multiple cross-site scripting (XSS) vulnerabilities in toast.asp in ...)
+	TODO: check
+CVE-2006-1413 (Multiple cross-site scripting (XSS) vulnerabilities in EZHomepagePro ...)
+	TODO: check
+CVE-2006-1412 (TFT Gallery 0.10 stores sensitive information under the web root with ...)
+	TODO: check
+CVE-2006-1411 (Cross-site scripting (XSS) vulnerability in Absolute Image Gallery XE ...)
+	TODO: check
+CVE-2006-1410 (Multiple cross-site scripting (XSS) vulnerabilities in XIGLA Absolute ...)
+	TODO: check
+CVE-2006-1409 (Buffer overflow in Vavoom 1.19.1 and earlier allows remote attackers ...)
+	TODO: check
+CVE-2006-1408 (Vavoom 1.19.1 and earlier allows remote attackers to cause a denial of ...)
+	TODO: check
+CVE-2006-1407 (Multiple cross-site scripting (XSS) vulnerabilities in Helm Web ...)
+	TODO: check
+CVE-2006-1406 (Multiple cross-site scripting (XSS) vulnerabilities in wbadmlog.aspx ...)
+	TODO: check
+CVE-2006-1405 (Cross-site scripting (XSS) vulnerability in search.aspx in ssCMS 2.1.0 ...)
+	TODO: check
+CVE-2006-1404 (Multiple cross-site scripting (XSS) vulnerabilities in bol.cgi in ...)
+	TODO: check
+CVE-2006-1403 (Format string vulnerability in the PrintString function in ...)
+	TODO: check
+CVE-2006-1402 (Buffer overflow in client/server Doom (csDoom) 0.7 and earlier allows ...)
+	TODO: check
+CVE-2006-1401 (Multiple cross-site scripting (XSS) vulnerabilities in search.php in ...)
+	TODO: check
+CVE-2006-1400 (Cross-site scripting (XSS) vulnerability in ...)
+	TODO: check
+CVE-2006-1399 (Cross-site scripting (XSS) vulnerability in searchresult.php in ...)
+	TODO: check
+CVE-2006-1398 (Cross-site scripting (XSS) vulnerability in guestbook.php in G-Book ...)
+	TODO: check
+CVE-2006-1397 (Multiple cross-site scripting (XSS) vulnerabilities in (a) phpAdsNew ...)
+	TODO: check
 CVE-2006-XXXX [libimager-perl DoS]
 	- libimager-perl <unfixed> (bug #359661)
 	NOTE: requested ID from Joey
@@ -678,7 +862,7 @@ CVE-2006-1068 (Netgear 614 and 624 routers, possibly running VXWorks, allow remo
 	NOT-FOR-US: VXWorks
 CVE-2006-1067 (Linksys WRT54G routers version 5 (running VXWorks) allow remote ...)
 	NOT-FOR-US: VXWorks
-CVE-2006-1066 (Linux kernel 2.6.16-rc2 and earlier, when running on the IA64 ...)
+CVE-2006-1066 (Linux kernel 2.6.16-rc2 and earlier, when running on x86_64 systems ...)
 	{DSA-1017-1}
 CVE-2006-1065 (SQL injection vulnerability in search.php in MyBulletinBoard (MyBB) ...)
 	NOT-FOR-US: MyBulletinBoard
@@ -837,12 +1021,12 @@ CVE-2006-0993
 	RESERVED
 CVE-2006-0992
 	RESERVED
-CVE-2006-0991
-	RESERVED
-CVE-2006-0990
-	RESERVED
-CVE-2006-0989
-	RESERVED
+CVE-2006-0991 (Buffer overflow in the NetBackup Sharepoint Services server daemon ...)
+	TODO: check
+CVE-2006-0990 (Stack-based buffer overflow in the NetBackup Catalog daemon (bpdbm) in ...)
+	TODO: check
+CVE-2006-0989 (Stack-based buffer overflow in the volume manager daemon (vmd) in ...)
+	TODO: check
 CVE-2006-0988 (The default configuration of the DNS Server service on Windows Server ...)
 	NOT-FOR-US: MS Windows issue
 CVE-2006-0987 (The default configuration of ISC BIND, when configured as a caching ...)