[Secure-testing-commits] r11332 - data/CVE
white at alioth.debian.org
white at alioth.debian.org
Fri Mar 6 10:50:05 UTC 2009
Author: white
Date: 2009-03-06 10:50:04 +0000 (Fri, 06 Mar 2009)
New Revision: 11332
Modified:
data/CVE/list
Log:
mldonkey CVEified
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-03-06 09:42:31 UTC (rev 11331)
+++ data/CVE/list 2009-03-06 10:50:04 UTC (rev 11332)
@@ -132,8 +132,6 @@
TODO: check
CVE-2009-0754 (PHP 4.4.4, 5.1.6, and other versions, when running on Apache, allows ...)
TODO: check
-CVE-2009-0753 (Absolute path traversal vulnerability in MLDonkey 2.8.4 through 2.9.7 ...)
- TODO: check
CVE-2008-6398 (sng_regress in SNG 1.0.2 allows local users to overwrite arbitrary ...)
TODO: check
CVE-2008-6397 (rlatex in AlcoveBook sgml2x 1.0.0 allows local users to overwrite ...)
@@ -753,7 +751,7 @@
CVE-2009-XXXX [debian-installer: no-root option in expert installer exposes locally exploitable security flaw]
- debian-installer <unfixed> (bug #517018; low)
NOTE: should a CVE be requested for this problem?
-CVE-2009-XXXX [Http double slash request arbitrary file access vulnerability in mldonkey]
+CVE-2009-0753 [Http double slash request arbitrary file access vulnerability in mldonkey]
- mldonkey <unfixed> (bug #516829; medium)
NOTE: daemon is run as non-root and can only be exploited via localhost
CVE-2009-0648 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
More information about the Secure-testing-commits
mailing list