[Secure-testing-commits] r35275 - data/CVE
Santiago Ruano Rincón
santiago at moszumanska.debian.org
Thu Jul 2 12:18:00 UTC 2015
Author: santiago
Date: 2015-07-02 12:18:00 +0000 (Thu, 02 Jul 2015)
New Revision: 35275
Modified:
data/CVE/list
Log:
Triage CVE-2014-2886: gksu is vulnerable, but it's a minor issue.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-07-02 11:09:20 UTC (rev 35274)
+++ data/CVE/list 2015-07-02 12:18:00 UTC (rev 35275)
@@ -31761,9 +31761,9 @@
CVE-2014-2887
RESERVED
CVE-2014-2886 (GKSu 2.0.2, when sudo-mode is not enabled, uses " (double quote) ...)
- - gksu <undetermined>
+ - gksu <unfixed>
+ [squeeze] - gksu <no-dsa> (Minor issue)
NOTE: https://community.rapid7.com/community/metasploit/blog/2014/07/07/virtualbox-filename-command-execution-via-gksu
- TODO: check
CVE-2014-2883
RESERVED
CVE-2014-2882 (Unspecified vulnerability in the management GUI in Citrix NetScaler ...)
More information about the Secure-testing-commits
mailing list