[Secure-testing-commits] r2894 - data/CVE

Moritz Muehlenhoff jmm-guest at costa.debian.org
Wed Nov 30 08:53:32 UTC 2005 

Author: jmm-guest
Date: 2005-11-30 08:53:28 +0000 (Wed, 30 Nov 2005)
New Revision: 2894

Modified:
   data/CVE/list
Log:
phpbb2 fixed


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2005-11-29 22:40:49 UTC (rev 2893)
+++ data/CVE/list	2005-11-30 08:53:28 UTC (rev 2894)
@@ -1429,21 +1429,21 @@
 CVE-2005-3421 (estcmd in Hyper Estraier 1.0.1 on Windows systems allows remote ...)
 	NOT-FOR-US: Hyper Estraier
 CVE-2005-3420 (usercp_register.php in phpBB 2.0.17 allows remote attackers to modify ...)
-	- phpbb2 <unfixed> (bug #336582; bug #336587; unknown)
+	- phpbb2 2.0.18-1 (bug #336582; bug #336587; unknown)
 	NOTE: http://www.hardened-php.net/advisory_172005.75.html
 	NOTE: http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=336756
 	NOTE: Remote code execution may be possible, especially in conjunction
 	NOTE: with PHP bugs.
 CVE-2005-3419 (SQL injection vulnerability in usercp_register.php in phpBB 2.0.17 ...)
-	- phpbb2 <unfixed> (bug #336582; bug #336587; unknown)
+	- phpbb2 2.0.18-1 (bug #336582; bug #336587; unknown)
 CVE-2005-3418 (Multiple cross-site scripting (XSS) vulnerabilities in phpBB 2.0.17 ...)
-	- phpbb2 <unfixed> (bug #336582; bug #336587; unknown)
+	- phpbb2 2.0.18-1 (bug #336582; bug #336587; unknown)
 CVE-2005-3417 (phpBB 2.0.17 and earlier, when the register_long_arrays directive is ...)
-	- phpbb2 <unfixed> (bug #336582; bug #336587; unknown)
+	- phpbb2 2.0.18-1 (bug #336582; bug #336587; unknown)
 CVE-2005-3416 (phpBB 2.0.17 and earlier, when register_globals is enabled and the ...)
-	- phpbb2 <unfixed> (bug #336582; bug #336587; unknown)
+	- phpbb2 2.0.18-1 (bug #336582; bug #336587; unknown)
 CVE-2005-3415 (phpBB 2.0.17 and earlier allows remote attackers to bypass protection ...)
-	- phpbb2 <unfixed> (bug #336582; bug #336587; unknown)
+	- phpbb2 2.0.18-1 (bug #336582; bug #336587; unknown)
 CVE-2005-3414 (eyeOS 0.8.4 stores usrinfo.xml under the web document root with ...)
 	NOT-FOR-US: eyeOS
 CVE-2005-3413 (Cross-site scripting (XSS) vulnerability in desktop.php in eyeOS 0.8.4 ...)
@@ -1714,7 +1714,7 @@
 CVE-2005-3311 (BMC Software Control-M 6.1.03 for Solaris, and possibly other ...)
 	NOT-FOR-US: BMC Software Control-M
 CVE-2005-3310 (Multiple interpretation error in phpBB 2.0.17, with remote avatars and ...)
-	- phpbb2 <unfixed> (bug #335662; low)
+	- phpbb2 2.0.18-1 (bug #335662; low)
 CVE-2005-3309 (Multiple SQL injection vulnerabilities in Zomplog 3.4 allow remote ...)
 	NOT-FOR-US: Zomplog
 CVE-2005-3308 (Multiple cross-site scripting (XSS) vulnerabilities in Zomplog 3.4 ...)

More information about the Secure-testing-commits mailing list