Author: sf
Date: 2009-09-16 19:56:27 +0000 (Wed, 16 Sep 2009)
New Revision: 12829
Modified:
data/CVE/list
Log:
apache2 to be fixed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-09-16 17:41:04 UTC (rev 12828)
+++ data/CVE/list 2009-09-16 19:56:27 UTC (rev 12829)
@@ -319,15 +319,13 @@
CVE-2009-3096 (Multiple unspecified vulnerabilities in HP Performance Insight
5.3 ...)
NOT-FOR-US: HP Performance Insight
CVE-2009-3095 (The mod_proxy_ftp module in the Apache HTTP Server allows
remote ...)
- - apache2 <unfixed> (unknown; bug #545951)
+ - apache2 2.2.13-2 (low; bug #545951)
TODO: check
- NOTE: as of 20090910 this disclosure has no actionable information
+ NOTE: Disclosure has little information, verify that it is really fixed
when
+ NOTE: more info is disclosed.
NOTE: based on a VulnDisco commercial 0day
CVE-2009-3094 (The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c
in the ...)
- - apache2 <unfixed> (low; bug #545951)
- NOTE: no-dsa candidate.
- NOTE: mod_proxy_ftp should be enabled. with -mpm-prefork only a child
crashes, not a really DoS
- NOTE: when doing reverse proxy, servers to which requests are proxied
are usually trusted
+ - apache2 2.2.13-2 (low; bug #545951)
CVE-2009-3093 (Unspecified vulnerability on the ASUS WL-500W wireless router
has ...)
NOT-FOR-US: ASUS WL-500W
CVE-2009-3092 (Buffer overflow on the ASUS WL-500W wireless router has unknown
impact ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
