[Secure-testing-commits] r3997 - data/CVE
Stefan Fritsch
stef-guest at costa.debian.org
Sat May 20 09:34:15 UTC 2006
Author: stef-guest
Date: 2006-05-20 09:34:12 +0000 (Sat, 20 May 2006)
New Revision: 3997
Modified:
data/CVE/list
Log:
vnc issue is not in sarge and now has a CVE
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-05-20 09:14:23 UTC (rev 3996)
+++ data/CVE/list 2006-05-20 09:34:12 UTC (rev 3997)
@@ -242,7 +242,8 @@
CVE-2006-2370
RESERVED
CVE-2006-2369 (RealVNC 4.1.1, and other products that use RealVNC such as AdderLink ...)
- TODO: check
+ - vnc4 4.1.1+X4.3.0-10 (high)
+ [sarge] - vnc4 <not-affected> (vuln not in 4.0)
CVE-2006-2368 (Cross-site scripting (XSS) vulnerability in index.php in Clansys (aka ...)
TODO: check
CVE-2006-2367 (Cross-site scripting (XSS) vulnerability in index.php in Clansys (aka ...)
@@ -276,10 +277,6 @@
TODO: check
CVE-2005-4799 (Multiple cross-site scripting (XSS) vulnerabilities in Yet Another PHP ...)
TODO: check
-CVE-2006-XXXX [vnc server authentication bypass]
- - vnc4 4.1.1+X4.3.0-10 (high)
- NOTE: mail to bugtraq implies 4.0 is not vulnerable
- TODO: sarge needs to be checked
CVE-2006-2358 (Multiple cross-site scripting (XSS) vulnerabilities in various scripts ...)
NOT-FOR-US: Web Labs CMS
CVE-2006-2357 (Ipswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 ...)
More information about the Secure-testing-commits
mailing list