[Secure-testing-commits] r9898 - data/CVE
white at alioth.debian.org
white at alioth.debian.org
Mon Sep 29 10:58:09 UTC 2008
Author: white
Date: 2008-09-29 10:58:07 +0000 (Mon, 29 Sep 2008)
New Revision: 9898
Modified:
data/CVE/list
Log:
Add ftpd issue; Add imp4 to CVE id and report bug and patches to BTS
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-09-29 09:53:47 UTC (rev 9897)
+++ data/CVE/list 2008-09-29 10:58:07 UTC (rev 9898)
@@ -1,3 +1,7 @@
+CVE-2008-XXXX [Cross-site request forgery]
+ - ftpd-ssl <unfixed> (bug #500518)
+ - ftpd <unfixed> (bug #500278)
+ NOTE: CVE id requested
CVE-2008-XXXX [possible script injection via /etc/wordpress/wp-config.php]
- wordpress <unfixed> (bug #500295; unimportant)
NOTE: bigger problems, if attacker has access to /etch/wordpress/*
@@ -30,7 +34,8 @@
CVE-2008-4183 (IntegraMOD 1.4.x stores sensitive information under the web root with ...)
NOT-FOR-US: IntegraMOD
CVE-2008-4182 (Cross-site scripting (XSS) vulnerability in imp/test.php in Horde ...)
- - turba2 <unfixed> (bug #500114)
+ - turba2 <unfixed> (bug #500114; low)
+ - imp4 <unfixed> (bug #500553; low)
CVE-2008-4181 (Directory traversal vulnerability in includes/xml.php in the Netenberg ...)
NOT-FOR-US: Netenberg Fantastico De Luxe module for cPanel
CVE-2008-4180 (Unspecified vulnerability in db.php in NooMS 1.1 allows remote ...)
More information about the Secure-testing-commits
mailing list