Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
db60257a by Salvatore Bonaccorso at 2023-01-12T20:38:30+01:00
Update information for ancient CVE-2006-3360/pypsysinfo
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -601078,9 +601078,10 @@ CVE-2006-3362 (Unrestricted file upload
vulnerability in connectors/php/connecto
CVE-2006-3361 (PHP remote file inclusion vulnerability in Stud.IP 1.3.0-2 and
earlier ...)
NOT-FOR-US: Stud.IP
CVE-2006-3360 (Directory traversal vulnerability in index.php in phpSysInfo
2.5.1 all ...)
- - phpsysinfo <unfixed> (unimportant)
+ - phpsysinfo 3.2.5-3 (unimportant)
- egroupware <unfixed> (unimportant)
- phpgroupware <unfixed> (unimportant)
+ NOTE:
https://github.com/phpsysinfo/phpsysinfo/commit/60b5bbb5d1cc17f44050e99a3e746f55a4fd4e18
(v3.2.5)
NOTE: Only the existence of files inside the WWW root is leaked. If
this is
NOTE: a threat to your setup you most probably shouldn't install a
script which
NOTE: exposes all your system data, either.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/db60257af5ba6985bdc6b9fcbbfd8c9993b01542
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/db60257af5ba6985bdc6b9fcbbfd8c9993b01542
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
