[Secure-testing-commits] r2887 - data/CVE

Moritz Muehlenhoff Tue, 29 Nov 2005 00:59:04 -0800

Author: jmm-guest
Date: 2005-11-29 08:58:35 +0000 (Tue, 29 Nov 2005)
New Revision: 2887


Modified:
   data/CVE/list
Log:
egroupware update; three not-affected, one fixed


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2005-11-29 08:45:53 UTC (rev 2886)
+++ data/CVE/list       2005-11-29 08:58:35 UTC (rev 2887)
@@ -2877,11 +2877,11 @@
 CVE-2005-2793 (PHP remote code injection vulnerability in welcome.php in 
phpLDAPadmin ...)
        [sarge] - phpldapadmin <not-affected> (code not present in sarge)
        - phpldapadmin 0.9.6c-7 (bug #325785; medium)
-       - egroupware <unfixed> (bug #339583; medium)
+       - egroupware <not-affected> (copy included is older and not vulnerable; 
bug #339583)
 CVE-2005-2792 (Directory traversal vulnerability in welcome.php in 
phpLDAPadmin 0.9.6 ...)
        [sarge] - phpldapadmin <not-affected> (code not present in sarge)
        - phpldapadmin 0.9.6c-7 (bug #325785; medium)
-       - egroupware <unfixed> (bug #339583; medium)
+       - egroupware <not-affected> (copy included is older and not vulnerable; 
bug #339583)
 CVE-2005-2791 (BFCommand &amp; Control Server Manager BFCC 1.22_A and earlier, 
and BFVCC ...)
        NOT-FOR-US: BFCC
 CVE-2005-2790 (BFCommand &amp; Control Server Manager BFCC 1.22_A and earlier, 
and BFVCC ...)
@@ -2904,7 +2904,7 @@
        NOT-FOR-US: AutoLinks Pro
 CVE-2005-2781 (The Avatar upload feature in FUD Forum before 2.7.0 does not 
properly ...)
        - phpgroupware 0.9.16.009-1 (bug #340094; medium)
-       - egroupware <unfixed> (bug #340495; medium)
+       - egroupware 1.0.0.009.dfsg-3-4 (bug #340495; medium)
 CVE-2005-2780 (Cross-site scripting (XSS) vulnerability in Land Down Under 
(LDU) ...)
        NOT-FOR-US: Land Down Under
 CVE-2005-2779 (The iTAN Online-Banking Security System allows remote attackers 
to ...)
@@ -3230,7 +3230,7 @@
 CVE-2005-2654 (phpldapadmin before 0.9.6c allows remote attackers to gain 
anonymous ...)
        {DSA-790-1}
        - phpldapadmin 0.9.6c-5 (medium)
-       - egroupware <unfixed> (bug #339583; medium)
+       - egroupware <not-affected> (copy included is older and not vulnerable; 
bug #339583)
 CVE-2005-XXXX [cplay - still unsafe temporary file handling vulnerable to 
symlink attacks]
        - cplay 1.49-8 (bug #324913; low)
 CVE-2005-XXXX [$servers[$i]['disable_anon_bind'] = true doesn't prevent 
anonymous to access ldap directory]


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r2887 - data/CVE

Reply via email to