[Secure-testing-commits] r2098 - data/CAN
Florian Weimer
fw at costa.debian.org
Thu Sep 22 18:10:00 UTC 2005
Author: fw
Date: 2005-09-22 18:09:56 +0000 (Thu, 22 Sep 2005)
New Revision: 2098
Modified:
data/CAN/list
Log:
New webmin/usermin hole (SNS Advisory 83).
Modified: data/CAN/list
===================================================================
--- data/CAN/list 2005-09-22 16:41:56 UTC (rev 2097)
+++ data/CAN/list 2005-09-22 18:09:56 UTC (rev 2098)
@@ -1,3 +1,7 @@
+CAN-2005-XXXX [miniserv.pl root shell command injection]
+ - webmin 1.220-1 (high)
+ - usermin 1.150-1 (high)
+ NOTE: SNS Advisory 83, http://marc.theaimsgroup.com/?m=112733083203821
CAN-2005-2992 [Another arc tempfile issue]
- arc 5.21m-1 (low)
CAN-2005-XXXX [Firefox passes URLs with backticks from external programs to the shell]
More information about the Secure-testing-commits
mailing list