[Secure-testing-commits] r11623 - data/CVE

Thijs Kinkhorst Tue, 14 Apr 2009 13:54:14 -0700

Author: thijs
Date: 2009-04-14 20:54:08 +0000 (Tue, 14 Apr 2009)
New Revision: 11623


Modified:
   data/CVE/list
Log:
new phpmyadmin issue. unimportant because setup dir is passwd protected in
debian, and script shouldn't be writable anyway, so exploitation chance is
very rare. etch&lenny not affected.


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2009-04-14 02:30:01 UTC (rev 11622)
+++ data/CVE/list       2009-04-14 20:54:08 UTC (rev 11623)
@@ -1,5 +1,8 @@
-CVE-2009-1285
+CVE-2009-1285 [phpMyAdmin PMASA-2009-4 insufficient escaping in setup script]
        RESERVED
+       - phpmyadmin 4:3.1.3.2-1 (unimportant)
+       [etch] - phpmyadmin <not-affected> (Vulnerable code not present)
+       [lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
 CVE-2008-6714 (admin.php in xeCMS 1.0.0 RC2 and earlier allows remote 
attackers to ...)
        NOT-FOR-US: xeCMS
 CVE-2008-6713 (World in Conflict (WIC) 1.008 and earlier allows remote 
attackers to ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r11623 - data/CVE

Reply via email to