[Secure-testing-commits] r1329 - data/CAN
Moritz Muehlenhoff
jmm-guest@costa.debian.org
Tue, 05 Jul 2005 08:01:30 +0000
Author: jmm-guest
Date: 2005-07-05 08:01:28 +0000 (Tue, 05 Jul 2005)
New Revision: 1329
Modified:
data/CAN/list
Log:
xmlrpc affects phpwiki as well (exploit available)
Modified: data/CAN/list
===================================================================
--- data/CAN/list 2005-07-04 10:09:43 UTC (rev 1328)
+++ data/CAN/list 2005-07-05 08:01:28 UTC (rev 1329)
@@ -1,3 +1,5 @@
+CAN-2005-XXXX [Missing input sanitization due in phpwiki's xmlrpc code allow execution of arb. php code]
+ - phpwiki 1.3.7-4 (high)
CAN-2005-XXXX [cacti: Multiple further SQL injection, auth bypass and remote command execution issues]
- cacti 0.8.6f-1 (high)
CAN-2005-2116 (Unknown vulnerability in the third-party XML-RPC library in Drupal ...)