[Secure-testing-commits] r8454 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Mon Mar 31 11:57:01 UTC 2008
Author: nion
Date: 2008-03-31 11:57:00 +0000 (Mon, 31 Mar 2008)
New Revision: 8454
Modified:
data/CVE/list
Log:
CVE-2008-1501 does not affectect ircd-ircu in debian
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-03-31 11:29:05 UTC (rev 8453)
+++ data/CVE/list 2008-03-31 11:57:00 UTC (rev 8454)
@@ -45,7 +45,7 @@
RESERVED
CVE-2008-1514 (ptrace in Linux kernel 2.6.9 on Fedora 7 and 8 allows local users to ...)
TODO: check
- NOTE: s390 specific issue, counterpart for x86 not reproducable with 2.6.24 here
+ NOTE: s390 specific issue, counterpart for x86 not reproducible with 2.6.24 here
CVE-2008-1513 (SQL injection vulnerability in index.php in Danneo CMS 0.5.1 and ...)
NOT-FOR-US: Danneo CMS
CVE-2008-1512 (Directory traversal vulnerability in admin/admin_xs.php in phpBB ...)
@@ -69,7 +69,9 @@
CVE-2008-1503 (Cross-site scripting (XSS) vulnerability in the web management ...)
NOT-FOR-US: F5 BIG-IP
CVE-2008-1501 (The send_user_mode function in s_user.c in (1) Undernet ircu ...)
- TODO: check
+ - ircd-ircu <not-affected> (Vulnerable code not present)
+ NOTE: vulnerable code introduced later than 2.0.12.10, see: http://hg.quakenet.org/snircd/rev/1ee48bee2f20
+ NOTE: no other possible NULL ptr dereferences of p found and PoC not reproducible
CVE-2008-1500 (Cross-site scripting (XSS) vulnerability in index.php in TinyPortal ...)
TODO: check
CVE-2008-1499 (Cross-site scripting (XSS) vulnerability in frontend/x/manpage.html in ...)
More information about the Secure-testing-commits
mailing list