[Secure-testing-commits] r8891 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Sat May 24 20:50:21 UTC 2008
Author: nion
Date: 2008-05-24 20:50:17 +0000 (Sat, 24 May 2008)
New Revision: 8891
Modified:
data/CVE/list
Log:
new pam-pgsql issue leading to root access fixed in pam-pgsql 0.6.3-2
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-05-24 14:26:59 UTC (rev 8890)
+++ data/CVE/list 2008-05-24 20:50:17 UTC (rev 8891)
@@ -1,3 +1,7 @@
+CVE-2008-XXXX [authentication bypass in libpam-pgsql]
+ - pam-pgsql 0.6.3-2 (medium; bug #481970)
+ [etch] - pam-pgsql <not-affected> (Vulnerable code not present)
+ NOTE: pam_pgsql is not configured as "sufficient" in Debian default configuration
CVE-2008-2424 [Possible DoS attack through unspecified vulnerable]
- interchange <unfixed> (low; bug #482636)
CVE-2008-2423 [Unspecified DoS attack via crafted HTTP requests]
More information about the Secure-testing-commits
mailing list