nion at alioth.debian.org
2008-Dec-23 15:03 UTC
[Secure-testing-commits] r10783 - data/CVE
Author: nion Date: 2008-12-23 15:03:49 +0000 (Tue, 23 Dec 2008) New Revision: 10783 Modified: data/CVE/list Log: cveified phppgadmin Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-12-23 14:19:21 UTC (rev 10782) +++ data/CVE/list 2008-12-23 15:03:49 UTC (rev 10783) @@ -166,7 +166,9 @@ CVE-2008-5588 (SQL injection vulnerability in rankup.asp in Katy Whitton RankEm ...) NOT-FOR-US: Katy Whitton RankEm CVE-2008-5587 (Directory traversal vulnerability in libraries/lib.inc.php in ...) - NOT-FOR-US: Check Up New Generation + - phppgadmin 4.2.1-1.1 (low; bug #508026) + NOTE: register_globals=on is required + NOTE: http://www.milw0rm.com/exploits/7363 CVE-2008-5586 (SQL injection vulnerability in findoffice.php in Check Up New ...) NOT-FOR-US: Check Up New Generation CVE-2008-5585 (Multiple PHP remote file inclusion vulnerabilities in lcxBBportal 0.1 ...) @@ -777,10 +779,6 @@ TODO: check CVE-2008-5617 (The ACL handling in rsyslog 3.12.1 to 3.20.0, 4.1.0, and 4.1.1 does ...) - rsyslog 3.18.6-1 (bug #508027) -CVE-2008-XXXX [phpPgAdmin: Local File Inclusion Vulnerability] - - phppgadmin 4.2.1-1.1 (low; bug #508026) - NOTE: register_globals=on is required - NOTE: http://www.milw0rm.com/exploits/7363 CVE-2008-5624 (PHP 5 before 5.2.7 does not properly initialize the page_uid and ...) - php5 <unfixed> (bug #508021) NOTE: Fixed in php 5.2.7, not yet in the archive