Author: jmm-guest Date: 2005-07-25 08:19:25 +0000 (Mon, 25 Jul 2005) New Revision: 1465 Modified: data/CAN/list Log: Update on phpbb, 2261 has an exploit in the wild. Modified: data/CAN/list ==================================================================--- data/CAN/list 2005-07-25 08:04:06 UTC (rev 1464) +++ data/CAN/list 2005-07-25 08:19:25 UTC (rev 1465) @@ -1,3 +1,6 @@ +CAN-2005-XXXX [Further minor security issues in phpbb] + NOTE: Maintainers already preparing packages of 2.0.17 + - phpbb2 (unfixed; low) CAN-2005-XXXX [xgalaga score file segfault] - xgalaga 2.0.34-31 (low) CAN-2005-XXXX [xemeraldia games file overwrite] @@ -761,8 +764,7 @@ CAN-2005-2162 (PHP remote file inclusion vulnerability in form.inc.php3 in ...) NOTE: not-for-us (MyGuestbook) CAN-2005-2161 (Cross-site scripting (XSS) vulnerability in phpBB 2.0.16 allows remote ...) - NOTE: No bug for this, forwarded to maintainers - - phpbb2 (unfixed; bug #317739; low) + - phpbb2 (unfixed; bug #317739; high) CAN-2005-2160 (IMail stores usernames and passwords in cleartext in a cookie, which ...) NOTE: not-for-us (IMail) CAN-2005-2159 (mshftp.dll in PlanetDNS PlanetFileServer 2.0.1.3 allows remote ...)