[Secure-testing-commits] r14382 - data/CVE
Moritz Muehlenhoff
jmm-guest at alioth.debian.org
Fri Apr 2 20:30:20 UTC 2010
Author: jmm-guest
Date: 2010-04-02 20:30:18 +0000 (Fri, 02 Apr 2010)
New Revision: 14382
Modified:
data/CVE/list
Log:
new couchdb issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-04-02 20:15:40 UTC (rev 14381)
+++ data/CVE/list 2010-04-02 20:30:18 UTC (rev 14382)
@@ -4096,8 +4096,10 @@
NOTE: Exploitability is fairly limited: Can only be exploited by a malicious server,
NOTE: not by a client. No sane person uses apache 1.3 as forward proxy and in reverse
NOTE: proxy situations, the backend server is usually trusted, anyway.
-CVE-2010-0009
+CVE-2010-0009 [Apache CouchDB Timing Attack Vulnerability]
RESERVED
+ - couchdb <unfixed> (bug filed)
+ NOTE: I don't really see the security implications?
CVE-2010-0008 (The SCTP implementation in the Linux kernel before 2.6.23 allows ...)
- linux-2.6 2.6.23-1
CVE-2010-0007 (net/bridge/netfilter/ebtables.c in the ebtables module in the ...)
More information about the Secure-testing-commits
mailing list