[Secure-testing-commits] r7514 - data/CVE
stef-guest at alioth.debian.org
stef-guest at alioth.debian.org
Wed Dec 5 16:34:22 UTC 2007
Author: stef-guest
Date: 2007-12-05 16:34:22 +0000 (Wed, 05 Dec 2007)
New Revision: 7514
Modified:
data/CVE/list
Log:
new minor apache2 issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-12-05 16:12:47 UTC (rev 7513)
+++ data/CVE/list 2007-12-05 16:34:22 UTC (rev 7514)
@@ -28,7 +28,11 @@
CVE-2007-6204
RESERVED
CVE-2007-6203 (Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method ...)
- TODO: check
+ - apache2 <unfixed> (low)
+ [sarge] - apache2 <no-dsa> (minor issue)
+ [etch] - apache2 <no-dsa> (minor issue)
+ NOTE: There is no way known to exploit this, yet.
+ NOTE: apache 1.3 is not vulnerable
CVE-2007-6208 (sylprint.pl in claws mail tools (claws-mail-tools) allows local users ...)
- claws-mail 3.1.0-2 (low; bug #454089)
CVE-2007-6210 (zabbix_agentd 1.1.4 in ZABBIX runs "UserParameter" scripts with gid 0, ...)
More information about the Secure-testing-commits
mailing list