Author: sf Date: 2009-09-21 18:24:43 +0000 (Mon, 21 Sep 2009) New Revision: 12862 Modified: data/CVE/list Log: apache2 nodsa Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-09-21 17:55:39 UTC (rev 12861) +++ data/CVE/list 2009-09-21 18:24:43 UTC (rev 12862) @@ -451,12 +451,18 @@ NOT-FOR-US: HP Performance Insight CVE-2009-3095 (The mod_proxy_ftp module in the Apache HTTP Server allows remote ...) - apache2 2.2.13-2 (low; bug #545951) + [etch] - apache2 <no-dsa> (minor issue) + [lenny] - apache2 <no-dsa> (minor issue) + NOTE: The attacker needs to have valid credentials for the FTP server, which + NOTE: makes this irrelevant in most cases. TODO: check - NOTE: Disclosure has little information, verify that it is really fixed when - NOTE: more info is disclosed. + TODO: Disclosure has little information, verify that it is really fixed when + TODO: more info is disclosed. NOTE: based on a VulnDisco commercial 0day CVE-2009-3094 (The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the ...) - apache2 2.2.13-2 (low; bug #545951) + [etch] - apache2 <no-dsa> (minor issue) + [lenny] - apache2 <no-dsa> (minor issue) CVE-2009-3093 (Unspecified vulnerability on the ASUS WL-500W wireless router has ...) NOT-FOR-US: ASUS WL-500W CVE-2009-3092 (Buffer overflow on the ASUS WL-500W wireless router has unknown impact ...)