Author: nion Date: 2008-05-24 20:50:17 +0000 (Sat, 24 May 2008) New Revision: 8891 Modified: data/CVE/list Log: new pam-pgsql issue leading to root access fixed in pam-pgsql 0.6.3-2 Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-05-24 14:26:59 UTC (rev 8890) +++ data/CVE/list 2008-05-24 20:50:17 UTC (rev 8891) @@ -1,3 +1,7 @@ +CVE-2008-XXXX [authentication bypass in libpam-pgsql] + - pam-pgsql 0.6.3-2 (medium; bug #481970) + [etch] - pam-pgsql <not-affected> (Vulnerable code not present) + NOTE: pam_pgsql is not configured as "sufficient" in Debian default configuration CVE-2008-2424 [Possible DoS attack through unspecified vulnerable] - interchange <unfixed> (low; bug #482636) CVE-2008-2423 [Unspecified DoS attack via crafted HTTP requests]