[Secure-testing-commits] r8323 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Wed Mar 12 22:50:14 UTC 2008
Author: nion
Date: 2008-03-12 22:50:13 +0000 (Wed, 12 Mar 2008)
New Revision: 8323
Modified:
data/CVE/list
Log:
phpmyadmin cveified
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-03-12 22:16:05 UTC (rev 8322)
+++ data/CVE/list 2008-03-12 22:50:13 UTC (rev 8323)
@@ -277,6 +277,11 @@
RESERVED
CVE-2008-1149 (phpMyAdmin before 2.11.5 accesses $_REQUEST to obtain some parameters ...)
- phpmyadmin 4:2.11.5-1 (low)
+ [etch] - phpmyadmin <no-dsa> (Minor issue)
+ [sarge] - phpmyadmin <not-affected> (Vulnerable code not present)
+ NOTE: PMASA-2008-1. SQL injection if you can set local cookies, which means
+ NOTE: you must be able to create pages in the same cookie domain, which seems
+ NOTE: rare and unwise. low priority.
CVE-2008-1148 (A certain pseudo-random number generator (PRNG) algorithm that uses ...)
TODO: check
CVE-2008-1147 (A certain pseudo-random number generator (PRNG) algorithm that uses ...)
@@ -516,13 +521,6 @@
CVE-2008-1142 [insecure default behaviour in rxvt for handling DISPLAY variable]
RESERVED
- rxvt <unfixed> (unimportant; bug #469296)
-CVE-2008-XXXX [phpMyAdmin SQL injection through cookie]
- - phpmyadmin 2.11.5-1 (low)
- [etch] - phpmyadmin <no-dsa> (Minor issue)
- [sarge] - phpmyadmin <not-affected> (Vulnerable code not present)
- NOTE: PMASA-2008-1. SQL injection if you can set local cookies, which means
- NOTE: you must be able to create pages in the same cookie domain, which seems
- NOTE: rare and unwise. low priority.
CVE-2008-1055 (Format string vulnerability in webmail.exe in NetWin SurgeMail 38k4 ...)
NOT-FOR-US: SurgeMail
CVE-2008-1054 (Stack-based buffer overflow in the _lib_spawn_user_getpid function in ...)
More information about the Secure-testing-commits
mailing list