Moritz Muehlenhoff
2011-Mar-07 18:34 UTC
[Secure-testing-commits] r16319 - in data: CVE DSA
Author: jmm
Date: 2011-03-07 18:34:28 +0000 (Mon, 07 Mar 2011)
New Revision: 16319
Modified:
data/CVE/list
data/DSA/list
Log:
proftpd DSA
dokuwiki no-dsa issue
Modified: data/CVE/list
==================================================================---
data/CVE/list 2011-03-07 09:15:02 UTC (rev 16318)
+++ data/CVE/list 2011-03-07 18:34:28 UTC (rev 16319)
@@ -1,3 +1,7 @@
+CVE-2011-XXXX [dokuwiki ACL bypass]
+ - dokuwiki <unfixed> (low)
+ [squeeze] - dokuwiki <no-dsa> (Minor issue)
+ [lenny] - dokuwiki <no-dsa> (Minor issue)
CVE-2011-1224
RESERVED
CVE-2011-1223
@@ -626,9 +630,9 @@
CVE-2011-1137 [proftpd mod_sftp DoS]
RESERVED
- proftpd-dfsg 1.3.3d-4
+ [lenny] - proftpd-dfsg <not-affected> (Vulnerable code not present)
NOTE: http://bugs.proftpd.org/show_bug.cgi?id=3586
NOTE: http://www.exploit-db.com/exploits/16129/
- NOTE: CVE ID requested
CVE-2011-XXXX [incorrect handling of {$smarty.template} and
{$smarty.current_dir}]
- smarty3 <unfixed>
- smarty <unfixed>
Modified: data/DSA/list
==================================================================---
data/DSA/list 2011-03-07 09:15:02 UTC (rev 16318)
+++ data/DSA/list 2011-03-07 18:34:28 UTC (rev 16319)
@@ -1,3 +1,6 @@
+[07 Mar 2011] DSA-2185-1 proftpd-dfsg - integer overflow
+ {CVE-2011-1137}
+ [squeeze] - proftpd-dfsg 1.3.3a-6squeeze1
[05 Mar 2011] DSA-2184-1 isc-dhcp - denial of service
{CVE-2011-0413}
[squeeze] - isc-dhcp 4.1.1-P1-15+squeeze1