[Secure-testing-commits] r24007 - data/CVE

Michael Gilbert mgilbert at alioth.debian.org
Wed Oct 16 03:49:01 UTC 2013


Author: mgilbert
Date: 2013-10-16 03:49:01 +0000 (Wed, 16 Oct 2013)
New Revision: 24007

Modified:
   data/CVE/list
Log:
old dropbear issue has been fixed for a while

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-10-16 02:21:36 UTC (rev 24006)
+++ data/CVE/list	2013-10-16 03:49:01 UTC (rev 24007)
@@ -121678,9 +121678,7 @@
 CVE-2006-1207 (PHP Upload Center stores password hashes under the web root with ...)
 	NOT-FOR-US: PHP Upload Center
 CVE-2006-1206 (Matt Johnston Dropbear SSH server 0.47 and earlier, as used in ...)
-	- dropbear <unfixed> (unimportant)
-	NOTE: By design to protect against DoSing the complete machine, future versions
-	NOTE: will mitigate by introducing per-IP limits
+	- dropbear 0.48-1
 CVE-2006-1205 (Multiple cross-site scripting (XSS) vulnerabilities in myWebland ...)
 	NOT-FOR-US: myBloggie
 CVE-2006-1204 (Multiple cross-site scripting (XSS) vulnerabilities in txtForum ...)




More information about the Secure-testing-commits mailing list