[Secure-testing-commits] r11259 - data/CVE
gilbert-guest at alioth.debian.org
gilbert-guest at alioth.debian.org
Wed Feb 25 05:24:29 UTC 2009
Author: gilbert-guest
Date: 2009-02-25 05:24:29 +0000 (Wed, 25 Feb 2009)
New Revision: 11259
Modified:
data/CVE/list
Log:
adding no-root issue to tracker
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-02-24 00:13:00 UTC (rev 11258)
+++ data/CVE/list 2009-02-25 05:24:29 UTC (rev 11259)
@@ -1,3 +1,6 @@
+CVE-2009-XXXX [debian-installer: no-root option in expert installer exposes locally exploitable security flaw]
+ - debian-installer <unfixed> (bug #517018; low)
+ NOTE: should a CVE be requested for this problem?
CVE-2009-XXXX [Http double slash request arbitrary file access vulnerability in mldonkey]
- mldonkey <unfixed> (bug #516829; medium)
NOTE: daemon is run as non-root and can only be exploited via localhost
More information about the Secure-testing-commits
mailing list