[Secure-testing-commits] r7003 - data/CVE

nion at alioth.debian.org nion at alioth.debian.org
Thu Oct 18 12:36:45 UTC 2007


Author: nion
Date: 2007-10-18 12:36:44 +0000 (Thu, 18 Oct 2007)
New Revision: 7003

Modified:
   data/CVE/list
Log:
CVE-2007-5424 not an issue, contacted mitre


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-10-18 10:00:14 UTC (rev 7002)
+++ data/CVE/list	2007-10-18 12:36:44 UTC (rev 7003)
@@ -266,7 +266,10 @@
 CVE-2007-5425 (SQL injection vulnerability in admin/index.php in Interspire ActiveKB ...)
 	NOT-FOR-US: ActiveKB NX
 CVE-2007-5424 (The disable_functions feature in PHP 4 and 5 allows attackers to ...)
-	TODO: check
+	- php4 <unfixed> (unimportant)
+	- php5 <unfixed> (unimportant)
+	NOTE: if the function is blacklisted but not its alias it is a configuration
+	NOTE: issue of the site not a vulnerability in php
 CVE-2007-5423 (Eval injection vulnerability in tiki-graph_formula.php in TikiWiki ...)
 	- tikiwiki <removed>
 CVE-2007-5422 (Unspecified vulnerability in &quot;Solaris Auditing&quot; in the Basic Security ...)




More information about the Secure-testing-commits mailing list