[Secure-testing-commits] r5389 - data/CVE
Alex de Oliveira Silva
enerv-guest at alioth.debian.org
Wed Jan 31 19:51:45 CET 2007
Author: enerv-guest
Date: 2007-01-31 19:51:43 +0100 (Wed, 31 Jan 2007)
New Revision: 5389
Modified:
data/CVE/list
Log:
CVE-2006-6893 tor unfixed and unimportant.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-01-30 21:00:21 UTC (rev 5388)
+++ data/CVE/list 2007-01-31 18:51:43 UTC (rev 5389)
@@ -1269,7 +1269,10 @@
CVE-2006-6894 (Multiple unspecified vulnerabilities in SPINE before 1.2 have unknown ...)
NOT-FOR-US: SPINE
CVE-2006-6893 (Tor allows remote attackers to discover the IP address of a hidden ...)
- TODO: check
+ - tor <unfixed> (unimportant)
+ NOTE: It could be argued that this is a laws-of-physics vulnerability
+ NOTE: that is a fundamental design limitation of certain hardware
+ NOTE: implementations.
CVE-2006-6892 (Cross-site scripting (XSS) vulnerability in the GetLocation function ...)
NOT-FOR-US: Jonathon J. Freeman OvBB
CVE-2006-6891 (Vz (Adp) Forum 2.0.3 stores sensitive information under the web root ...)
More information about the Secure-testing-commits
mailing list