[Secure-testing-commits] r12862 - data/CVE
Stefan Fritsch
sf at alioth.debian.org
Mon Sep 21 18:24:43 UTC 2009
Author: sf
Date: 2009-09-21 18:24:43 +0000 (Mon, 21 Sep 2009)
New Revision: 12862
Modified:
data/CVE/list
Log:
apache2 nodsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-09-21 17:55:39 UTC (rev 12861)
+++ data/CVE/list 2009-09-21 18:24:43 UTC (rev 12862)
@@ -451,12 +451,18 @@
NOT-FOR-US: HP Performance Insight
CVE-2009-3095 (The mod_proxy_ftp module in the Apache HTTP Server allows remote ...)
- apache2 2.2.13-2 (low; bug #545951)
+ [etch] - apache2 <no-dsa> (minor issue)
+ [lenny] - apache2 <no-dsa> (minor issue)
+ NOTE: The attacker needs to have valid credentials for the FTP server, which
+ NOTE: makes this irrelevant in most cases.
TODO: check
- NOTE: Disclosure has little information, verify that it is really fixed when
- NOTE: more info is disclosed.
+ TODO: Disclosure has little information, verify that it is really fixed when
+ TODO: more info is disclosed.
NOTE: based on a VulnDisco commercial 0day
CVE-2009-3094 (The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the ...)
- apache2 2.2.13-2 (low; bug #545951)
+ [etch] - apache2 <no-dsa> (minor issue)
+ [lenny] - apache2 <no-dsa> (minor issue)
CVE-2009-3093 (Unspecified vulnerability on the ASUS WL-500W wireless router has ...)
NOT-FOR-US: ASUS WL-500W
CVE-2009-3092 (Buffer overflow on the ASUS WL-500W wireless router has unknown impact ...)
More information about the Secure-testing-commits
mailing list