[Secure-testing-commits] r7320 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Fri Nov 16 09:19:31 UTC 2007
Author: nion
Date: 2007-11-16 09:19:30 +0000 (Fri, 16 Nov 2007)
New Revision: 7320
Modified:
data/CVE/list
Log:
CVE-2007-5626 is unimportant
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-11-16 08:35:51 UTC (rev 7319)
+++ data/CVE/list 2007-11-16 09:19:30 UTC (rev 7320)
@@ -1118,7 +1118,10 @@
CVE-2007-5627 (PHP remote file inclusion vulnerability in content/fnc-readmail3.php ...)
NOT-FOR-US: Socketmail
CVE-2007-5626 (make_catalog_backup in Bacula 2.2.5, and probably earlier, sends a ...)
- - bacula <unfixed> (low; bug #446809)
+ - bacula <unfixed> (unimportant; bug #446809)
+ NOTE: this script needs the default database password and name needs to be set which
+ NOTE: would be a bigger problem in a non-trusted environment. Apart from
+ NOTE: this is documented in the bacula documentation
CVE-2007-5625 (Cross-site scripting (XSS) vulnerability in filename.asp in ASP Site ...)
NOT-FOR-US: Site Search SearchSimon Lite
CVE-2007-5624 (Cross-site scripting (XSS) vulnerability in Nagios 2.x before 2.10 ...)
More information about the Secure-testing-commits
mailing list