[Secure-testing-commits] r4847 - data/CVE
Stefan Fritsch
stef-guest at costa.debian.org
Sat Oct 14 14:32:25 UTC 2006
Author: stef-guest
Date: 2006-10-14 14:32:24 +0000 (Sat, 14 Oct 2006)
New Revision: 4847
Modified:
data/CVE/list
Log:
CVE-2006-5170: new libpam-ldap issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-10-14 13:28:25 UTC (rev 4846)
+++ data/CVE/list 2006-10-14 14:32:24 UTC (rev 4847)
@@ -106,8 +106,8 @@
CVE-2006-5179 (Intoto iGateway VPN and iGateway SSL-VPN allow context-dependent ...)
NOT-FOR-US: Intoto iGateway
CVE-2006-5178 (Race condition in the symlink function in PHP 5.1.6 and earlier allows ...)
- - php5 <unfixed> (low)
- - php4 <unfixed> (low)
+ - php5 <unfixed> (bug #391281; low)
+ - php4 <unfixed> (bug #391282; low)
[sarge] - php4 <no-dsa> (openbasedir not supported)
CVE-2006-5177 (The NTLM authentication in MailEnable Professional 2.0 and Enterprise ...)
NOT-FOR-US: MailEnable Professional
@@ -125,7 +125,7 @@
CVE-2006-5171
RESERVED
CVE-2006-5170 (pam_ldap in nss_ldap on Red Hat Enterprise Linux 4, Fedora Core 3 and ...)
- TODO: check
+ - libpam-ldap <unfixed> (bug filed; medium)
CVE-2006-5169 (Cross-site scripting (XSS) vulnerability in John Himmelman (aka ...)
NOT-FOR-US: PowerPortal
CVE-2006-5168 (Cross-site scripting (XSS) vulnerability in the search functionality ...)
@@ -551,7 +551,8 @@
CVE-2006-4969 (Multiple PHP remote file inclusion vulnerabilities in WAHM E-Commerce ...)
NOT-FOR-US: Pie Cart Pro
CVE-2006-4968 (PHP remote file inclusion vulnerability in ...)
- TODO: check
+ NOT-FOR-US: PNphpBB
+ NOTE: code in phpBB is different and not affected
CVE-2006-4967 (Multiple cross-site scripting (XSS) vulnerabilities in NextAge Cart ...)
NOT-FOR-US: NextAge Cart
CVE-2006-4966 (PHP remote file inclusion vulnerability in inc/ifunctions.php in ...)
More information about the Secure-testing-commits
mailing list