[Secure-testing-commits] r6324 - data/CVE
stef-guest at alioth.debian.org
stef-guest at alioth.debian.org
Wed Aug 15 20:03:56 UTC 2007
Author: stef-guest
Date: 2007-08-15 20:03:55 +0000 (Wed, 15 Aug 2007)
New Revision: 6324
Modified:
data/CVE/list
Log:
- fail2ban affected by CVE-2007-4321
- rsync fixed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-08-15 19:54:11 UTC (rev 6323)
+++ data/CVE/list 2007-08-15 20:03:55 UTC (rev 6324)
@@ -64,7 +64,7 @@
NOT-FOR-US: BlockHosts
CVE-2007-4321 (fail2ban 0.8 and earlier does not properly parse sshd log files, which ...)
- fail2ban <unfixed> (medium)
- NOTE: maybe fixed in 0.8.0-4, pinged maintainer (sf)
+ NOTE: only partially fixed in 0.8.0-4 according to maintainer
CVE-2007-4320 (PHP remote file inclusion vulnerability in ...)
NOT-FOR-US: Ncaster
CVE-2007-4319 (The management interface in ZyNOS firmware 3.62(WK.6) on the Zyxel ...)
@@ -543,7 +543,7 @@
CVE-2007-4092 (Directory traversal vulnerability in index.php in iFoto 1.0.1 and ...)
NOT-FOR-US: iFoto
CVE-2007-4091
- - rsync <unfixed> (bug #438125; medium)
+ - rsync 2.6.9-5 (bug #438125; medium)
CVE-2007-4090 (Multiple cross-site scripting (XSS) vulnerabilities in Vikingboard ...)
NOT-FOR-US: Vikingboard
CVE-2007-4089 (Vikingboard 0.1.2 allows remote attackers to obtain sensitive ...)
More information about the Secure-testing-commits
mailing list