thr3ads.net - Secure testing commits - [Secure-testing-commits] r10993

If this information is useful, please help other people find it:
Share via:

nion at alioth.debian.org

2009-Jan-19 22:15 UTC

[Secure-testing-commits] r10993 - data/CVE

Author: nion
Date: 2009-01-19 22:15:36 +0000 (Mon, 19 Jan 2009)
New Revision: 10993

Modified:
   data/CVE/list
Log:
update information on CVE-2008-5695

Modified: data/CVE/list
==================================================================---
data/CVE/list	2009-01-19 21:14:09 UTC (rev 10992)
+++ data/CVE/list	2009-01-19 22:15:36 UTC (rev 10993)
@@ -664,7 +664,10 @@
 CVE-2008-5696 (Novell NetWare 6.5 before Support Pack 8, when an OES2 Linux
server is ...)
 	NOT-FOR-US: Novell NetWare
 CVE-2008-5695 (wp-admin/options.php in WordPress MU before 1.3.2, and WordPress
2.3.2 ...)
-	- wordpress <unfixed>
+	- wordpress <unfixed> (low)
+	TODO: report bug
+	NOTE: only the admin has manage_options capabilities by default and only
editors
+	NOTE: have upload_files capabilities
 CVE-2008-5694 (PHP remote file inclusion vulnerability in ...)
 	NOT-FOR-US: Sandbox
 CVE-2008-5693 (Ipswitch WS_FTP Server Manager 6.1.0.0 and earlier, and possibly
other ...)

Secure testing commits - Jan 2009 - r10993 - data/CVE

[Secure-testing-commits] r10993 - data/CVE