[Secure-testing-commits] r9898 - data/CVE

white at alioth.debian.org white at alioth.debian.org
Mon Sep 29 10:58:09 UTC 2008


Author: white
Date: 2008-09-29 10:58:07 +0000 (Mon, 29 Sep 2008)
New Revision: 9898

Modified:
   data/CVE/list
Log:
Add ftpd issue; Add imp4 to CVE id and report bug and patches to BTS

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-09-29 09:53:47 UTC (rev 9897)
+++ data/CVE/list	2008-09-29 10:58:07 UTC (rev 9898)
@@ -1,3 +1,7 @@
+CVE-2008-XXXX [Cross-site request forgery]
+	- ftpd-ssl <unfixed> (bug #500518)
+	- ftpd <unfixed> (bug #500278)
+	NOTE: CVE id requested
 CVE-2008-XXXX [possible script injection via /etc/wordpress/wp-config.php]
 	- wordpress <unfixed> (bug #500295; unimportant)
 	NOTE: bigger problems, if attacker has access to /etch/wordpress/*
@@ -30,7 +34,8 @@
 CVE-2008-4183 (IntegraMOD 1.4.x stores sensitive information under the web root with ...)
 	NOT-FOR-US: IntegraMOD
 CVE-2008-4182 (Cross-site scripting (XSS) vulnerability in imp/test.php in Horde ...)
-	- turba2 <unfixed> (bug #500114)
+	- turba2 <unfixed> (bug #500114; low)
+	- imp4 <unfixed> (bug #500553; low)
 CVE-2008-4181 (Directory traversal vulnerability in includes/xml.php in the Netenberg ...)
 	NOT-FOR-US: Netenberg Fantastico De Luxe module for cPanel
 CVE-2008-4180 (Unspecified vulnerability in db.php in NooMS 1.1 allows remote ...)




More information about the Secure-testing-commits mailing list