[Secure-testing-commits] r2770 - data/CVE
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Thu Nov 17 10:24:07 UTC 2005
Author: jmm-guest
Date: 2005-11-17 10:24:02 +0000 (Thu, 17 Nov 2005)
New Revision: 2770
Modified:
data/CVE/list
Log:
*sigh*
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2005-11-17 09:57:11 UTC (rev 2769)
+++ data/CVE/list 2005-11-17 10:24:02 UTC (rev 2770)
@@ -1891,9 +1891,11 @@
CVE-2005-2793 (PHP remote code injection vulnerability in welcome.php in phpLDAPadmin ...)
[sarge] - phpldapadmin <not-affected> (code not present in sarge)
- phpldapadmin 0.9.6c-7 (bug #325785; medium)
+ - egroupware <unfixed> (bug filed; medium)
CVE-2005-2792 (Directory traversal vulnerability in welcome.php in phpLDAPadmin 0.9.6 ...)
[sarge] - phpldapadmin <not-affected> (code not present in sarge)
- phpldapadmin 0.9.6c-7 (bug #325785; medium)
+ - egroupware <unfixed> (bug filed; medium)
CVE-2005-2791 (BFCommand & Control Server Manager BFCC 1.22_A and earlier, and BFVCC ...)
NOT-FOR-US: BFCC
CVE-2005-2790 (BFCommand & Control Server Manager BFCC 1.22_A and earlier, and BFVCC ...)
@@ -2243,6 +2245,7 @@
CVE-2005-2654 (phpldapadmin before 0.9.6c allows remote attackers to gain anonymous ...)
{DSA-790-1}
- phpldapadmin 0.9.6c-5 (medium)
+ - egroupware <unfixed> (bug filed; medium)
CVE-2005-XXXX [cplay - still unsafe temporary file handling vulnerable to symlink attacks]
- cplay 1.49-8 (bug #324913; low)
CVE-2005-XXXX [$servers[$i]['disable_anon_bind'] = true doesn't prevent anonymous to access ldap directory]
More information about the Secure-testing-commits
mailing list