Author: jmm-guest
Date: 2006-03-19 10:39:57 +0000 (Sun, 19 Mar 2006)
New Revision: 3642
Modified:
data/CVE/list
Log:
new teg dos
unimportant dropbear issue fixed
minor rssh issue fixed
Modified: data/CVE/list
==================================================================---
data/CVE/list 2006-03-17 21:14:25 UTC (rev 3641)
+++ data/CVE/list 2006-03-19 10:39:57 UTC (rev 3642)
@@ -206,7 +206,7 @@
CVE-2006-1151 (Cross-site scripting vulnerability in index.php in M-Phorum 0.2
allows ...)
NOT-FOR-US: M-Phorum
CVE-2006-1150 (Buffer overflow in Tenes Empanadas Graciela (TEG) 0.11.1, ...)
- TODO: check
+ - teg <unfixed> (bug #357645; low)
CVE-2006-1149 (PHP remote file inclusion vulnerability in lib/OWL_API.php in
OWL ...)
NOT-FOR-US: OWL Intranet Engine
CVE-2006-1148 (Multiple stack-based buffer overflows in the procConnectArgs
function ...)
@@ -662,7 +662,7 @@
CVE-2006-0938 (Cross-site scripting (XSS) vulnerability in eZ publish 3.7.3 and
...)
TODO: check
CVE-2006-XXXX [minor bypass of rssh sanitising]
- - rssh <unfixed> (bug #346322; low)
+ - rssh 2.3.0-1.1 (bug #346322; low)
[sarge] - rssh <not-affected> (Problem has been introduced in 2.3.0)
CVE-2006-XXXX [buffer overflow in netcat example]
- netcat 1.10-30 (bug #352369; unimportant)
@@ -2374,6 +2374,8 @@
NOT-FOR-US: freebsd kernel
CVE-2006-0225 (scp in OpenSSH 4.2p1 allows attackers to execute arbitrary
commands ...)
- openssh <unfixed> (low; bug #349645; bug #352254)
+ - dropbear 0.48-1 (unimportant)
+ NOTE: dropbear doesn''t include scp in binary package
CVE-2006-0224 (Buffer overflow in Library of Assorted Spiffy Things (LibAST)
0.6.1 ...)
{DSA-976-1}
- libast 0.7-1