[Secure-testing-commits] r7515 - data/CVE
stef-guest at alioth.debian.org
stef-guest at alioth.debian.org
Wed Dec 5 16:44:51 UTC 2007
Author: stef-guest
Date: 2007-12-05 16:44:51 +0000 (Wed, 05 Dec 2007)
New Revision: 7515
Modified:
data/CVE/list
Log:
more info about apache issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-12-05 16:34:22 UTC (rev 7514)
+++ data/CVE/list 2007-12-05 16:44:51 UTC (rev 7515)
@@ -31,7 +31,7 @@
- apache2 <unfixed> (low)
[sarge] - apache2 <no-dsa> (minor issue)
[etch] - apache2 <no-dsa> (minor issue)
- NOTE: There is no way known to exploit this, yet.
+ NOTE: Might be exploitable with older flash plugins via HTTP Request Splitting
NOTE: apache 1.3 is not vulnerable
CVE-2007-6208 (sylprint.pl in claws mail tools (claws-mail-tools) allows local users ...)
- claws-mail 3.1.0-2 (low; bug #454089)
More information about the Secure-testing-commits
mailing list