diff options
author | Joey Hess <joeyh@debian.org> | 2006-05-03 21:14:23 +0000 |
---|---|---|
committer | Joey Hess <joeyh@debian.org> | 2006-05-03 21:14:23 +0000 |
commit | b2b1d68edb56ff732678c59f25e4de5a4276f91a (patch) | |
tree | c2448e967ce533dd5a959cb30c0449f34eb2292e /data | |
parent | a824fb5cfdfdcac8dab632d1c3e5c268a5797ff2 (diff) |
automatic update
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@3916 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/1999.list | 2 | ||||
-rw-r--r-- | data/CVE/2005.list | 2 | ||||
-rw-r--r-- | data/CVE/2006.list | 68 |
3 files changed, 64 insertions, 8 deletions
diff --git a/data/CVE/1999.list b/data/CVE/1999.list index a1697d7841..57ee4e7646 100644 --- a/data/CVE/1999.list +++ b/data/CVE/1999.list @@ -2183,7 +2183,7 @@ CVE-1999-1235 (Internet Explorer 5.0 records the username and password for FTP . TODO: check CVE-1999-1234 (LSA (LSASS.EXE) in Windows NT 4.0 allows remote attackers to cause a ...) TODO: check -CVE-1999-1232 (day5datacopier in SGI IRIX 6.2 trusts the PATH environmental variable ...) +CVE-1999-1232 (Untrusted search path vulnerability in day5datacopier in SGI IRIX 6.2 ...) TODO: check CVE-1999-1231 (ssh 2.0.12, and possibly other versions, allows valid user names to ...) TODO: check diff --git a/data/CVE/2005.list b/data/CVE/2005.list index e7e8374dd3..9304f1a20c 100644 --- a/data/CVE/2005.list +++ b/data/CVE/2005.list @@ -1,3 +1,5 @@ +CVE-2005-4794 (Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and ...) + TODO: check CVE-2005-4793 (Multiple unspecified vulnerabilities in the web utility function in ...) TODO: check CVE-2005-4792 (SQL injection vulnerability in index.php in Appalachian State ...) diff --git a/data/CVE/2006.list b/data/CVE/2006.list index dd3c196e5b..4c18a787cc 100644 --- a/data/CVE/2006.list +++ b/data/CVE/2006.list @@ -1,4 +1,58 @@ -CVE-2006-2148 (Multiple buffer overflows in client.c in CGI:IRC before 0.5.8 ...) +CVE-2006-2161 + RESERVED +CVE-2006-2160 (Cross-site scripting (XSS) vulnerability in Russcom Network Loginphp ...) + TODO: check +CVE-2006-2159 (CRLF injection vulnerability in help.php in Russcom Network Loginphp ...) + TODO: check +CVE-2006-2158 (Dynamic variable evaluation vulnerability in index.php in Stadtaus ...) + TODO: check +CVE-2006-2157 (SQL injection vulnerability in gallery.php in Plogger Beta 2.1 and ...) + TODO: check +CVE-2006-2156 (Directory traversal vulnerability in help/index.php in X7 Chat 2.0 and ...) + TODO: check +CVE-2006-2155 (EMC Retrospect for Windows 6.5 before 6.5.382, 7.0 before 7.0.344, and ...) + TODO: check +CVE-2006-2154 (EMC Retrospect for Windows 6.5 before 6.5.382, 7.0 before 7.0.344, and ...) + TODO: check +CVE-2006-2153 (Cross-site scripting (XSS) vulnerability in HTM_PASSWD in DirectAdmin ...) + TODO: check +CVE-2006-2152 (PHP remote file inclusion vulnerability in admin/addentry.php in phpBB ...) + TODO: check +CVE-2006-2151 (PHP remote file inclusion vulnerability in toplist.php in phpBB ...) + TODO: check +CVE-2006-2150 (PHP remote file inclusion vulnerability in top/list.php in phpBB ...) + TODO: check +CVE-2006-2149 (PHP remote file inclusion vulnerability in sources/lostpw.php in ...) + TODO: check +CVE-2006-2147 (resmgrd in resmgr for SUSE Linux and other distributions does not ...) + TODO: check +CVE-2006-2146 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...) + TODO: check +CVE-2006-2145 (Multiple SQL injection vulnerabilities in index.php in HB-NS 1.1.6 ...) + TODO: check +CVE-2006-2144 (PHP remote file inclusion vulnerability in kopf.php in DMCounter ...) + TODO: check +CVE-2006-2143 (Multiple cross-site scripting (XSS) vulnerabilities in TextFileBB ...) + TODO: check +CVE-2006-2142 (PHP remote file inclusion vulnerability in classes/adodbt/sql.php in ...) + TODO: check +CVE-2006-2141 (Cross-site scripting (XSS) vulnerability in popup_image in ...) + TODO: check +CVE-2006-2140 (Multiple cross-site scripting (XSS) vulnerabilities in OrbitHYIP 2.0 ...) + TODO: check +CVE-2006-2139 (Multiple SQL injection vulnerabilities in PHP Newsfeed 20040723 allow ...) + TODO: check +CVE-2006-2138 (Cross-site scripting (XSS) vulnerability in neomail.pl in NeoMail 1.29 ...) + TODO: check +CVE-2006-2137 (PHP remote file inclusion vulnerability in master.php in OpenPHPNuke ...) + TODO: check +CVE-2006-2136 (SQL injection vulnerability in news.php in AZNEWS allows remote ...) + TODO: check +CVE-2006-2135 (SQL injection vulnerability in login.php in Ruperts News allows remote ...) + TODO: check +CVE-2006-2134 (PHP remote file inclusion vulnerability in /includes/kb_constants.php ...) + TODO: check +CVE-2006-2148 (Multiple buffer overflows in client.c in CGI:IRC (CGIIRC) before 0.5.8 ...) - cgiirc <unfixed> (bug #365680; medium) [sarge] - cgiirc <unfixed> (bug #365680; medium) CVE-2006-2133 (SQL injection vulnerability in index.php in BoonEx Barracuda 1.1 and ...) @@ -17,7 +71,8 @@ CVE-2006-2127 (SQL injection vulnerability in weblog_posting.php in Blog Mod 0.2 TODO: check CVE-2006-2126 (SQL injection vulnerability in pocategories.php in MaxTrade 1.0.1 and ...) TODO: check -CVE-2006-2125 (Unspecified vulnerability in xterm in HP-UX B.11.00, B.11.11, and ...) +CVE-2006-2125 + REJECTED TODO: check CVE-2006-2124 (Multiple cross-site scripting (XSS) vulnerabilities in SunShop 3.5 and ...) TODO: check @@ -49,8 +104,8 @@ CVE-2006-2111 (Microsoft Internet Explorer 6.0 on Windows XP SP2, and possibly o TODO: check CVE-2006-2110 (Virtual Private Server (Vserver) 2.0.x before 2.0.2-rc18 and 2.1.x ...) TODO: check -CVE-2006-2109 - RESERVED +CVE-2006-2109 (Cross-site scripting (XSS) vulnerability in the parse_query_str ...) + TODO: check CVE-2006-2108 (parser.exe in Océ (OCE) 3121/3122 Printer allows remote attackers to ...) TODO: check CVE-2006-2107 (Buffer overflow in BL4 SMTP Server 0.1.4 and earlier allows remote ...) @@ -322,7 +377,7 @@ CVE-2006-1978 (SQL injection vulnerability in inc/start.php in FlexBB 0.5.5 and NOT-FOR-US: FlexBB CVE-2006-1977 (Cross-site scripting (XSS) vulnerability in FlexBB 0.5.7 BETA and ...) NOT-FOR-US: FlexBB -CVE-2006-1993 (Mozilla Firefox 1.5.0.2 allows remote attackers to cause a denial of ...) +CVE-2006-1993 (Mozilla Firefox 1.5.0.2, when designMode is enabled, allows remote ...) - firefox 1.5.dfsg+1.5.0.2-2 [sarge] - mozilla-firefox <not-affected> CVE-2006-XXXX [typo3 mailforms can be abused to send spam] @@ -1402,8 +1457,7 @@ CVE-2006-1528 RESERVED CVE-2006-1527 RESERVED -CVE-2006-1526 [Buffer overflow in the Xrender extension] - RESERVED +CVE-2006-1526 (Buffer overflow in the Xrender extension in X.org X server 6.8.0 up to ...) - xorg-server 1:1.0.2-8 CVE-2006-1525 (ip_route_input in Linux kernel 2.6 before 2.6.16.8 allows local users ...) - linux-2.6 2.6.16-9 |