[Secure-testing-commits] r4883 - data/CVE
Alec Berryman
alec-guest at costa.debian.org
Wed Oct 25 02:55:22 UTC 2006
Author: alec-guest
Date: 2006-10-25 02:55:21 +0000 (Wed, 25 Oct 2006)
New Revision: 4883
Modified:
data/CVE/list
Log:
CVE-2001-1535 and CVE-2002-1647: slash fix uploaded
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-10-24 21:24:32 UTC (rev 4882)
+++ data/CVE/list 2006-10-25 02:55:21 UTC (rev 4883)
@@ -20164,7 +20164,7 @@
CVE-2001-1536 (Autogalaxy stores usernames and passwords in cleartext in cookies, ...)
NOT-FOR-US: Autogalaxy
CVE-2001-1535 (Slashcode 2.0 creates new accounts with an 8-character random ...)
- - slash <unfixed> (bug #328927; low)
+ - slash 2.2.6-8 (bug #328927; low)
[sarge] - slash <no-dsa> (Lack of a security feature, minor security problem)
CVE-2001-1534 (mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's ...)
- apache (bug #328919; unimportant)
@@ -25360,7 +25360,7 @@
CVE-2002-1648 (Cross-site request forgery (CSRF) vulnerability in compose.php in ...)
- squirrelmail 1:1.2.3
CVE-2002-1647 (The quick login feature in Slash Slashcode does not redirect the user ...)
- - slash <unfixed> (bug #160579; low)
+ - slash 2.2.6-8 (bug #160579; low)
[sarge] - slash <no-dsa> (Minor security implications)
CVE-2002-1646 (SSH Secure Shell for Servers 3.0.0 to 3.1.1 allows remote attackers to ...)
NOT-FOR-US: commercial ssh
More information about the Secure-testing-commits
mailing list