stef-guest at alioth.debian.org
2007-Dec-05 16:44 UTC
[Secure-testing-commits] r7515 - data/CVE
Author: stef-guest Date: 2007-12-05 16:44:51 +0000 (Wed, 05 Dec 2007) New Revision: 7515 Modified: data/CVE/list Log: more info about apache issue Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-12-05 16:34:22 UTC (rev 7514) +++ data/CVE/list 2007-12-05 16:44:51 UTC (rev 7515) @@ -31,7 +31,7 @@ - apache2 <unfixed> (low) [sarge] - apache2 <no-dsa> (minor issue) [etch] - apache2 <no-dsa> (minor issue) - NOTE: There is no way known to exploit this, yet. + NOTE: Might be exploitable with older flash plugins via HTTP Request Splitting NOTE: apache 1.3 is not vulnerable CVE-2007-6208 (sylprint.pl in claws mail tools (claws-mail-tools) allows local users ...) - claws-mail 3.1.0-2 (low; bug #454089)