[Secure-testing-commits] r8070 - data/CVE
stef-guest at alioth.debian.org
stef-guest at alioth.debian.org
Sat Feb 2 10:37:33 UTC 2008
Author: stef-guest
Date: 2008-02-02 10:37:32 +0000 (Sat, 02 Feb 2008)
New Revision: 8070
Modified:
data/CVE/list
Log:
deluge-torrent fixed, new apache issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-02-02 00:15:45 UTC (rev 8069)
+++ data/CVE/list 2008-02-02 10:37:32 UTC (rev 8070)
@@ -1,5 +1,5 @@
CVE-2008-XXXX [deluge-torrent unspecified remote issue]
- - deluge-torrent <unfixed> (unknown; bug #463357)
+ - deluge-torrent 0.5.8.3-1 (unknown; bug #463357)
CVE-2008-0501 (Directory traversal vulnerability in phpMyClub 0.0.1 allows remote ...)
NOT-FOR-US: phpMyClub
CVE-2008-0500 (Multiple unspecified vulnerabilities in Mambo LaiThai 4.5.5 have ...)
@@ -92,9 +92,23 @@
CVE-2008-0457
RESERVED
CVE-2008-0456 (CRLF injection vulnerability in the mod_negotiation module in the ...)
- TODO: check
+ - apache <unfixed> (low)
+ - apache2 <unfixed> (low)
+ [etch] - apache <no-dsa> (minor issue)
+ [etch] - apache2 <no-dsa> (minor issue)
+ [sarge] - apache <no-dsa> (minor issue)
+ [sarge] - apache2 <no-dsa> (minor issue)
+ NOTE: This is only relevant if an attacker can upload files with arbitrary names
+ NOTE: but not with arbitrary contents.
CVE-2008-0455 (Cross-site scripting (XSS) vulnerability in the mod_negotiation module ...)
- TODO: check
+ - apache <unfixed> (low)
+ - apache2 <unfixed> (low)
+ [etch] - apache <no-dsa> (minor issue)
+ [etch] - apache2 <no-dsa> (minor issue)
+ [sarge] - apache <no-dsa> (minor issue)
+ [sarge] - apache2 <no-dsa> (minor issue)
+ NOTE: This is only relevant if an attacker can upload files with arbitrary names
+ NOTE: but not with arbitrary contents.
CVE-2008-0454 (Cross-zone scripting vulnerability in the Internet Explorer web ...)
NOT-FOR-US: Skype
CVE-2008-0453 (SQL injection vulnerability in list.php in Easysitenetwork Recipe ...)
More information about the Secure-testing-commits
mailing list