Author: nion Date: 2007-11-16 09:19:30 +0000 (Fri, 16 Nov 2007) New Revision: 7320 Modified: data/CVE/list Log: CVE-2007-5626 is unimportant Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-11-16 08:35:51 UTC (rev 7319) +++ data/CVE/list 2007-11-16 09:19:30 UTC (rev 7320) @@ -1118,7 +1118,10 @@ CVE-2007-5627 (PHP remote file inclusion vulnerability in content/fnc-readmail3.php ...) NOT-FOR-US: Socketmail CVE-2007-5626 (make_catalog_backup in Bacula 2.2.5, and probably earlier, sends a ...) - - bacula <unfixed> (low; bug #446809) + - bacula <unfixed> (unimportant; bug #446809) + NOTE: this script needs the default database password and name needs to be set which + NOTE: would be a bigger problem in a non-trusted environment. Apart from + NOTE: this is documented in the bacula documentation CVE-2007-5625 (Cross-site scripting (XSS) vulnerability in filename.asp in ASP Site ...) NOT-FOR-US: Site Search SearchSimon Lite CVE-2007-5624 (Cross-site scripting (XSS) vulnerability in Nagios 2.x before 2.10 ...)