[Secure-testing-commits] r9901 - data/CVE
thijs at alioth.debian.org
thijs at alioth.debian.org
Mon Sep 29 18:09:07 UTC 2008
Author: thijs
Date: 2008-09-29 18:09:06 +0000 (Mon, 29 Sep 2008)
New Revision: 9901
Modified:
data/CVE/list
Log:
wordpress fiX0rR3d
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-09-29 16:12:54 UTC (rev 9900)
+++ data/CVE/list 2008-09-29 18:09:06 UTC (rev 9901)
@@ -3,7 +3,7 @@
- ftpd <unfixed> (bug #500278)
CVE-2008-XXXX [possible script injection via /etc/wordpress/wp-config.php]
- wordpress <unfixed> (bug #500295; unimportant)
- NOTE: bigger problems, if attacker has access to /etch/wordpress/*
+ NOTE: bigger problems, if attacker has access to /etc/wordpress/*
CVE-2008-XXXX [Unexpected behavior of url.redirect / url.rewrite config options]
- lighttpd 1.4.19-5 (low)
NOTE: http://www.lighttpd.net/security/lighttpd_sa_2008_05.txt
@@ -200,7 +200,7 @@
CVE-2008-4107 (The (1) rand and (2) mt_rand functions in PHP 5.2.6 do not produce ...)
- php5 <unfixed> (bug #500087)
CVE-2008-4106 (WordPress before 2.6.2 does not properly handle MySQL warnings about ...)
- - wordpress <unfixed> (bug #500115)
+ - wordpress 2.5.1-8 (bug #500115)
CVE-2008-4105 (JRequest in Joomla! 1.5 before 1.5.7 does not sanitize variables that ...)
- joomla <itp> (bug #326398)
CVE-2008-4104 (Multiple open redirect vulnerabilities in Joomla! 1.5 before 1.5.7 ...)
More information about the Secure-testing-commits
mailing list