Author: sf
Date: 2009-09-21 18:24:43 +0000 (Mon, 21 Sep 2009)
New Revision: 12862
Modified:
data/CVE/list
Log:
apache2 nodsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-09-21 17:55:39 UTC (rev 12861)
+++ data/CVE/list 2009-09-21 18:24:43 UTC (rev 12862)
@@ -451,12 +451,18 @@
NOT-FOR-US: HP Performance Insight
CVE-2009-3095 (The mod_proxy_ftp module in the Apache HTTP Server allows
remote ...)
- apache2 2.2.13-2 (low; bug #545951)
+ [etch] - apache2 <no-dsa> (minor issue)
+ [lenny] - apache2 <no-dsa> (minor issue)
+ NOTE: The attacker needs to have valid credentials for the FTP server,
which
+ NOTE: makes this irrelevant in most cases.
TODO: check
- NOTE: Disclosure has little information, verify that it is really fixed
when
- NOTE: more info is disclosed.
+ TODO: Disclosure has little information, verify that it is really fixed
when
+ TODO: more info is disclosed.
NOTE: based on a VulnDisco commercial 0day
CVE-2009-3094 (The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c
in the ...)
- apache2 2.2.13-2 (low; bug #545951)
+ [etch] - apache2 <no-dsa> (minor issue)
+ [lenny] - apache2 <no-dsa> (minor issue)
CVE-2009-3093 (Unspecified vulnerability on the ASUS WL-500W wireless router
has ...)
NOT-FOR-US: ASUS WL-500W
CVE-2009-3092 (Buffer overflow on the ASUS WL-500W wireless router has unknown
impact ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
