Author: stef-guest
Date: 2006-11-28 11:39:28 +0100 (Tue, 28 Nov 2006)
New Revision: 5016
Modified:
data/CVE/list
data/DSA/list
Log:
CVE-2006-5815: previous proftpd fix was wrong (high)
Modified: data/CVE/list
==================================================================---
data/CVE/list 2006-11-28 08:53:03 UTC (rev 5015)
+++ data/CVE/list 2006-11-28 10:39:28 UTC (rev 5016)
@@ -665,8 +665,11 @@
NOT-FOR-US: Business Card Web Builder
CVE-2006-5815 (Buffer overflow in ProFTPD 1.3.0 and earlier, when configured to
use ...)
{DSA-1218}
- - proftpd-dfsg 1.3.0-13 (bug #399070)
- - proftpd <removed>
+ - proftpd-dfsg <unfixed> (bug #399070; high)
+ - proftpd <removed> (high)
+ NOTE: Previous fix was wrong, see
+ NOTE: http://bugs.proftpd.org/show_bug.cgi?id=2858
+ NOTE: http://www.gleg.net/proftpd.txt
CVE-2006-5814 (Unspecified vulnerability in Novell eDirectory allows remote
attackers ...)
NOT-FOR-US: Novell eDirectory
CVE-2006-5813 (Unspecified vulnerability in Novell eDirectory 8.8 allows
attackers to ...)
Modified: data/DSA/list
==================================================================---
data/DSA/list 2006-11-28 08:53:03 UTC (rev 5015)
+++ data/DSA/list 2006-11-28 10:39:28 UTC (rev 5016)
@@ -1,6 +1,6 @@
[21 Nov 2006] DSA-1218 proftpd
{CVE-2006-5815}
- [sarge] - proftpd 1.2.10-15sarge2
+ [sarge] - proftpd <unfixed> (high)
[20 Nov 2006] DSA-1217 linux-ftpd
{CVE-2006-5778}
[sarge] - linux-ftpd 0.17-20sarge2