Author: stef-guest Date: 2007-01-06 17:02:56 +0100 (Sat, 06 Jan 2007) New Revision: 5212 Modified: data/CVE/list Log: - CVE-2006-6374 not exploitable with etch''s php versions - bugnum Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-01-06 15:59:30 UTC (rev 5211) +++ data/CVE/list 2007-01-06 16:02:56 UTC (rev 5212) @@ -177,7 +177,7 @@ CVE-2006-6812 (Multiple PHP remote file inclusion vulnerabilities in myPHPCalendar ...) NOT-FOR-US: myPHPCalendar CVE-2006-6811 (Buffer overflow in KsIRC 1.3.12 allows remote attackers to execute ...) - - kdenetwork <unfixed> (bug filed) + - kdenetwork <unfixed> (bug #405828) CVE-2006-6810 (Unspecified vulnerability in the clear_user_list function in ...) NOT-FOR-US: DB Hub CVE-2006-6809 (Multiple PHP remote file inclusion vulnerabilities in process.php in ...) @@ -1232,8 +1232,10 @@ CVE-2006-6375 (Cross-site scripting (XSS) vulnerability in display.php in Simple ...) NOT-FOR-US: Simple machines Forum CVE-2006-6374 (Multiple CRLF injection vulnerabilities in PhpMyAdmin 2.7.0-pl2 allow ...) - - phpmyadmin <unfixed> (low; bug #404744) + - phpmyadmin <unfixed> (unimportant; bug #404744) [sarge] - phpmyadmin <no-dsa> (CRLF not backportable to Sarge) + [etch] - phpmyadmin <no-dsa> (not exploitable with Etch''s php versions) + NOTE: not exploitable with PHP 5.1.2+ and 4.4.2+ CVE-2006-6373 (PhpMyAdmin 2.7.0-pl2 allows remote attackers to obtain sensitive ...) - phpmyadmin <unfixed> (unimportant) NOTE: path is known in Debian anyway