[Secure-testing-commits] r3222 - data/CVE

Moritz Muehlenhoff jmm-guest at costa.debian.org
Wed Jan 4 10:39:17 UTC 2006 

Author: jmm-guest
Date: 2006-01-04 10:39:12 +0000 (Wed, 04 Jan 2006)
New Revision: 3222

Modified:
   data/CVE/list
Log:
new b2evolution issue
bugnums


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-01-04 09:26:42 UTC (rev 3221)
+++ data/CVE/list	2006-01-04 10:39:12 UTC (rev 3222)
@@ -1,3 +1,5 @@
+CVE-2005-XXXX [World-readable config file with sensitive data in b2evolution]
+	- b2evolution 0.9.1b-4 (bug #344000)
 begin claimed by zobel
 CVE-2006-0081 (The ialmrnt5 display driver in Intel Graphics Accelerator Driver ...)
 	NOT-FOR-US: Intel
@@ -275,19 +277,19 @@
 CVE-2005-4525 (SmcGui.exe in Sygate Protection Agent 5.0 build 6144 allows local ...)
 	NOT-FOR-US: Sygate 
 CVE-2005-4524 (Mantis 1.0.0rc3 does not properly handle "Make note private" when a ...)
-	- mantis <unfixed> (bug filed)
+	- mantis <unfixed> (bug #345288)
 CVE-2005-4523 (Mantis 1.0.0rc3 and earlier discloses private bugs via public RSS ...)
-	- mantis <unfixed> (bug filed)
+	- mantis <unfixed> (bug #345288)
 CVE-2005-4522 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
-	- mantis <unfixed> (bug filed)
+	- mantis <unfixed> (bug #345288)
 CVE-2005-4521 (CRLF injection vulnerability in Mantis 1.0.0rc3 and earlier allows ...)
-	- mantis <unfixed> (bug filed)
+	- mantis <unfixed> (bug #345288)
 CVE-2005-4520 (Unspecified &quot;port injection&quot; vulnerabilities in filters in Mantis ...)
-	- mantis <unfixed> (bug filed)
+	- mantis <unfixed> (bug #345288)
 CVE-2005-4519 (Multiple SQL injection vulnerabilities in the manage user page ...)
-	- mantis <unfixed> (bug filed)
+	- mantis <unfixed> (bug #345288)
 CVE-2005-4518 (Mantis before 0.19.4 allows remote attackers to bypass the file upload ...)
-	- mantis <unfixed> (bug filed)
+	- mantis <unfixed> (bug #345288)
 CVE-2005-4517 (SQL injection vulnerability in PHP-Fusion 6.00.200 through 6.00.300 ...)
 	NOT-FOR-US: PHP-Fusion
 CVE-2005-4516 (Multiple cross-site scripting (XSS) vulnerabilities in PHP-Fusion ...)
@@ -9063,7 +9065,7 @@
 CVE-2005-1912
 	REJECTED
 CVE-2005-1911 (The fetchnews NNTP client in leafnode 1.11.2 and earlier can hang ...)
-	- leafnode 1.11.3.rel-1 (bug #33886; low)
+	- leafnode 1.11.3.rel-1 (bug #338886; low)
 CVE-2005-1910 (SQL injection vulnerability in login.asp for WWWeb Concepts Events ...)
 	NOT-FOR-US: WWWeb Concepts Events System
 CVE-2005-1909 (The web server control panel in 602LAN SUITE 2004 allows remote ...)

More information about the Secure-testing-commits mailing list