stef-guest at alioth.debian.org
2008-Jan-15 20:27 UTC
[Secure-testing-commits] r7930 - data/CVE
Author: stef-guest Date: 2008-01-15 20:27:39 +0000 (Tue, 15 Jan 2008) New Revision: 7930 Modified: data/CVE/list Log: more minor apache issues Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-01-15 12:38:57 UTC (rev 7929) +++ data/CVE/list 2008-01-15 20:27:39 UTC (rev 7930) @@ -1042,18 +1042,22 @@ RESERVED CVE-2007-6424 (registry.pl in Fonality Trixbox 2.0 PBX products, when running in ...) NOT-FOR-US: Fonality Trixbox -CVE-2007-6423 +CVE-2007-6423 [windows only Apache mod_proxy_balancer issue] RESERVED + - apache2 <not-affected> (disputed / only for Windows) CVE-2007-6422 (Unspecified vulnerability in mod_proxy_balancer in the Apache HTTP ...) - apache2 <unfixed> (low) [etch] - apache2 <no-dsa> (minor issue) - [sarge] - apache2 <not-affected> (vulnerable code introduced later) + [sarge] - apache2 <not-affected> (vulnerable code introduced in 2.2) CVE-2007-6421 (Cross-site scripting (XSS) vulnerability in mod_proxy_balancer in the ...) - apache2 <unfixed> (low) [etch] - apache2 <no-dsa> (minor issue) - [sarge] - apache2 <not-affected> (vulnerable code introduced later) -CVE-2007-6420 + [sarge] - apache2 <not-affected> (vulnerable code introduced in 2.2) +CVE-2007-6420 [Apache mod_proxy_balancer XSRF in balancer manager] RESERVED + - apache2 <unfixed> (low) + [etch] - apache2 <no-dsa> (minor issue) + [sarge] - apache2 <not-affected> (vulnerable code introduced in 2.2) CVE-2007-6419 (Unspecified vulnerability in rpc.yppasswdd in HP HP-UX B.11.11, ...) NOT-FOR-US: HP-UX CVE-2007-6417 (The shmem_getpage function (mm/shmem.c) in Linux kernel 2.6.11 through ...) @@ -1559,8 +1563,10 @@ RESERVED CVE-2008-0006 RESERVED -CVE-2008-0005 +CVE-2008-0005 [Apache mod_proxy_ftp Undefined Charset UTF-7 XSS Vulnerability] RESERVED + - apache2 <unfixed> (low) + - apache <unfixed> (low) CVE-2008-0004 RESERVED CVE-2008-0003 (Stack-based buffer overflow in the PAMBasicAuthenticator::PAMCallback ...)