[Secure-testing-commits] r9492 - data/CVE

white at alioth.debian.org white at alioth.debian.org
Sat Aug 2 07:19:10 UTC 2008


Author: white
Date: 2008-08-02 07:19:09 +0000 (Sat, 02 Aug 2008)
New Revision: 9492

Modified:
   data/CVE/list
Log:
pixelpost not affected, needs register_globals to pass variable

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-08-02 04:02:31 UTC (rev 9491)
+++ data/CVE/list	2008-08-02 07:19:09 UTC (rev 9492)
@@ -111,7 +111,7 @@
 CVE-2008-3366 (SQL injection vulnerability in story.php in Pligg CMS Beta 9.9.0 ...)
 	NOT-FOR-US: Pligg CMS
 CVE-2008-3365 (Directory traversal vulnerability in index.php in Pixelpost 1.7.1 on ...)
-	TODO: check
+	- pixelpost <not-affected> (Exploit relies on register_globals to be on)
 CVE-2008-3364 (Buffer overflow in the ObjRemoveCtrl Class ActiveX control in ...)
 	NOT-FOR-US: Trend Micro OfficeScan Corp Edition Web-Deployment
 CVE-2008-3363 (Directory traversal vulnerability in user_portal.php in the Dokeos ...)




More information about the Secure-testing-commits mailing list