[Secure-testing-commits] r11623 - data/CVE
Thijs Kinkhorst
thijs at alioth.debian.org
Tue Apr 14 20:54:08 UTC 2009
Author: thijs
Date: 2009-04-14 20:54:08 +0000 (Tue, 14 Apr 2009)
New Revision: 11623
Modified:
data/CVE/list
Log:
new phpmyadmin issue. unimportant because setup dir is passwd protected in
debian, and script shouldn't be writable anyway, so exploitation chance is
very rare. etch&lenny not affected.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-04-14 02:30:01 UTC (rev 11622)
+++ data/CVE/list 2009-04-14 20:54:08 UTC (rev 11623)
@@ -1,5 +1,8 @@
-CVE-2009-1285
+CVE-2009-1285 [phpMyAdmin PMASA-2009-4 insufficient escaping in setup script]
RESERVED
+ - phpmyadmin 4:3.1.3.2-1 (unimportant)
+ [etch] - phpmyadmin <not-affected> (Vulnerable code not present)
+ [lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
CVE-2008-6714 (admin.php in xeCMS 1.0.0 RC2 and earlier allows remote attackers to ...)
NOT-FOR-US: xeCMS
CVE-2008-6713 (World in Conflict (WIC) 1.008 and earlier allows remote attackers to ...)
More information about the Secure-testing-commits
mailing list