[Secure-testing-commits] r5192 - data/CVE
Stefan Fritsch
stef-guest at alioth.debian.org
Thu Dec 28 00:49:44 CET 2006
Author: stef-guest
Date: 2006-12-28 00:49:42 +0100 (Thu, 28 Dec 2006)
New Revision: 5192
Modified:
data/CVE/list
Log:
CVE-2005-4816: proftpd issue fixed in etch/sid but not sarge
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-12-27 23:31:02 UTC (rev 5191)
+++ data/CVE/list 2006-12-27 23:49:42 UTC (rev 5192)
@@ -142,11 +142,12 @@
- gconf2 <unfixed> (low; bug #404743)
[sarge] - gconf2 <no-dsa> (Minor nuisance, not much of a security problem)
CVE-2005-4816 (Buffer overflow in mod_radius in ProFTPD before 1.3.0rc2 allows remote ...)
- TODO: check
+ - proftpd-dfsg 1.2.10+1.3.0rc5-1
+ [sarge] - proftpd <unfixed> (bug filed; medium)
CVE-2003-1314 (PHP remote file inclusion vulnerability in admin/auth.php in ...)
- TODO: check
+ NOT-FOR-US: EternalMart Guestbook (EMGB)
CVE-2003-1313 (Multiple PHP remote file inclusion vulnerabilities in EternalMart ...)
- TODO: check
+ NOT-FOR-US: EternalMart Mailing List Manager (EMLM)
CVE-2006-6749 (Buffer overflow in the parse_expression function in parse_config in ...)
- openser 1.1.0-8 (medium; bug #404591)
NOTE: OpenPKG-SA-2006.042
@@ -946,7 +947,7 @@
CVE-2006-6375 (Cross-site scripting (XSS) vulnerability in display.php in Simple ...)
NOT-FOR-US: Simple machines Forum
CVE-2006-6374 (Multiple CRLF injection vulnerabilities in PhpMyAdmin 2.7.0-pl2 allow ...)
- - phpmyadmin <unfixed> (low; bug filed)
+ - phpmyadmin <unfixed> (low; bug #404744)
[sarge] - phpmyadmin <no-dsa> (CRLF not backportable to Sarge)
CVE-2006-6373 (PhpMyAdmin 2.7.0-pl2 allows remote attackers to obtain sensitive ...)
- phpmyadmin <unfixed> (unimportant)
More information about the Secure-testing-commits
mailing list