diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2006-08-27 20:10:47 +0000 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2006-08-27 20:10:47 +0000 |
commit | 94ae0db22cf5d4a936ed38926eb59511c3c002bf (patch) | |
tree | 52804946c582c1cf7d62d49f9d18f3e8719ef1c9 /data/CVE | |
parent | e861b28bf9410a2387e1a69f6fbb9e5050b41bc9 (diff) |
three new DSAs
no-dsa for slash and binutils as buffer overflows
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@4642 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'data/CVE')
-rw-r--r-- | data/CVE/2001.list | 1 | ||||
-rw-r--r-- | data/CVE/2002.list | 1 | ||||
-rw-r--r-- | data/CVE/2005.list | 2 |
3 files changed, 4 insertions, 0 deletions
diff --git a/data/CVE/2001.list b/data/CVE/2001.list index b3155bc5e4..27aed5deda 100644 --- a/data/CVE/2001.list +++ b/data/CVE/2001.list @@ -103,6 +103,7 @@ CVE-2001-1536 (Autogalaxy stores usernames and passwords in cleartext in cookies NOT-FOR-US: Autogalaxy CVE-2001-1535 (Slashcode 2.0 creates new accounts with an 8-character random ...) - slash <unfixed> (bug #328927; low) + [sarge] - slash <no-dsa> (Lack of a security feature, minor security problem) CVE-2001-1534 (mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's ...) - apache (bug #328919; unimportant) - apache2 <unfixed> (unimportant) diff --git a/data/CVE/2002.list b/data/CVE/2002.list index 6159e8d109..3b17a27b26 100644 --- a/data/CVE/2002.list +++ b/data/CVE/2002.list @@ -1175,6 +1175,7 @@ CVE-2002-1648 (Cross-site request forgery (CSRF) vulnerability in compose.php in - squirrelmail 1:1.2.3 CVE-2002-1647 (The quick login feature in Slash Slashcode does not redirect the user ...) - slash <unfixed> (bug #160579; low) + [sarge] - slash <no-dsa> (Minor security implications) CVE-2002-1646 (SSH Secure Shell for Servers 3.0.0 to 3.1.1 allows remote attackers to ...) NOT-FOR-US: commercial ssh CVE-2002-1645 (Buffer overflow in the URL catcher feature for SSH Secure Shell for ...) diff --git a/data/CVE/2005.list b/data/CVE/2005.list index 4f5fa44f05..4c608a5195 100644 --- a/data/CVE/2005.list +++ b/data/CVE/2005.list @@ -1,7 +1,9 @@ CVE-2005-4808 (Buffer overflow in reset_vars in config/tc-crx.c in the GNU as (gas) ...) - binutils 2.17-1 (low) + [sarge] - binutils <no-dsa> (Only a security-problems in far-fetched configurations) CVE-2005-4807 (Stack-based buffer overflow in messages.c in the GNU as (gas) ...) - binutils 2.17-1 (low) + [sarge] - binutils <no-dsa> (Only a security-problems in far-fetched configurations) CVE-2005-2468 (Multiple SQL injection vulnerabilities in MySQL Eventum 1.5.5 and ...) NOT-FOR-US: MySQL Eventum CVE-2005-2467 (Multiple cross-site scripting (XSS) vulnerabilities in MySQL Eventum ...) |