thr3ads.net - Secure testing commits - [Secure-testing-commits] r2767

If this information is useful, please help other people find it:
Share via:

Moritz Muehlenhoff

2005-Nov-17 08:23 UTC

[Secure-testing-commits] r2767 - data/CVE

Author: jmm-guest
Date: 2005-11-17 08:22:56 +0000 (Thu, 17 Nov 2005)
New Revision: 2767

Modified:
   data/CVE/list
Log:
phpmyadmin CVEfied and fixed


Modified: data/CVE/list
==================================================================---
data/CVE/list	2005-11-16 23:34:39 UTC (rev 2766)
+++ data/CVE/list	2005-11-17 08:22:56 UTC (rev 2767)
@@ -1,5 +1,5 @@
-CVE-2005-XXXX [phpmyadmin HTTP response splitting]
-	- phpmyadmin <unfixed> (bug #339437; medium)
+CVE-2005-3621 [phpmyadmin HTTP response splitting]
+	- phpmyadmin 4:2.6.4-pl4-1 (bug #339437; medium)
 CVE-2005-XXXX [openswan isakmp dos]
 	- openswan 1:2.4.3-1 (bug #339082; medium)
 	TODO: Keep an eye on ipsec-tools''s upstream, it''s
potentially affected as well
@@ -8311,9 +8311,8 @@
 	- gaim 1:1.3.1-1 (bug #315356; low)
 CVE-2005-1268 (Off-by-one error in the mod_ssl Certificate Revocation List
(CRL) ...)
 	{DSA-805-1}
-	NOTE: This is from latest Trustix advisory, exploitation would require to
trick
-	NOTE: someone into using a maliciously crafted certificate revocation list
 	- apache2 2.0.54-5 (bug #320048; bug #320063; bug #322613; low)
+	- apache <not-affected> (Not affected, see #322613)
 CVE-2005-1267 (The bgp_update_print function in tcpdump 3.x does not properly
handle ...)
 	{DSA-854-1}
 	- tcpdump 3.9.0.cvs.20050614-1 (medium)

Secure testing commits - Nov 2005 - r2767 - data/CVE

[Secure-testing-commits] r2767 - data/CVE