diff options
author | William Desportes <williamdes@wdes.fr> | 2020-01-08 22:24:58 +0100 |
---|---|---|
committer | William Desportes <williamdes@wdes.fr> | 2020-01-08 22:28:34 +0100 |
commit | a4deb7891ee12a3ff08ab876b3e362562f29c863 (patch) | |
tree | bdabcda9f31bf82a3f387a5213df19ffc14f45ef /data | |
parent | ec39b61022fc0634cd6d156022a575fd0a3865c2 (diff) |
Update old CVEs for phpmyadmin
Does not exist in any of the following distributions (jessie, stretch, bullseye, sid)
- CVE-2005-3622
- CVE-2005-4349
- CVE-2006-6373
- CVE-2007-4306
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/2005.list | 6 | ||||
-rw-r--r-- | data/CVE/2006.list | 2 | ||||
-rw-r--r-- | data/CVE/2007.list | 3 |
3 files changed, 5 insertions, 6 deletions
diff --git a/data/CVE/2005.list b/data/CVE/2005.list index 1033c03948..3a51825bab 100644 --- a/data/CVE/2005.list +++ b/data/CVE/2005.list @@ -1251,8 +1251,8 @@ CVE-2005-4351 (The securelevels implementation in FreeBSD 7.0 and earlier, OpenB - linux-2.6 2.6.18-3 CVE-2005-4350 (Unspecified vulnerability in WBEM Services A.01.x before A.01.05.12 an ...) NOT-FOR-US: WBEM Services -CVE-2005-4349 - - phpmyadmin <unfixed> (unimportant) +CVE-2005-4349 (SQL injection vulnerability in server_privileges.php in phpMyAdmin 2.7 ...) + - phpmyadmin <not-affected> (vulnerable code is not present) NOTE: Only for authenticated used, will possibly be rejected CVE-2005-4348 (fetchmail before 6.3.1 and before 6.2.5.5, when configured for multidr ...) {DSA-939-1} @@ -2885,7 +2885,7 @@ CVE-2005-3623 (nfs2acl.c in the Linux kernel 2.6.14.4 does not check for MAY_SAT [sarge] - kernel-source-2.6.8 <not-affected> (Does not contain NFS ACLs) - linux-2.6 2.6.14-7 CVE-2005-3622 (phpMyAdmin 2.7.0-beta1 and earlier allows remote attackers to obtain t ...) - - phpmyadmin <unfixed> (unimportant) + - phpmyadmin <not-affected> (vulnerable code is not present) CVE-2005-3620 (The management interface for VMware ESX Server 2.0.x before 2.0.2 patc ...) NOT-FOR-US: VMware ESX CVE-2005-3619 (Cross-site scripting (XSS) vulnerability in the management interface f ...) diff --git a/data/CVE/2006.list b/data/CVE/2006.list index fc416f094f..ca4a78088e 100644 --- a/data/CVE/2006.list +++ b/data/CVE/2006.list @@ -2011,7 +2011,7 @@ CVE-2006-6374 (Multiple CRLF injection vulnerabilities in PhpMyAdmin 2.7.0-pl2 a [etch] - phpmyadmin <not-affected> (not exploitable with Etch's php versions) NOTE: not exploitable with PHP 5.1.2+ and 4.4.2+ CVE-2006-6373 (PhpMyAdmin 2.7.0-pl2 allows remote attackers to obtain sensitive infor ...) - - phpmyadmin <unfixed> (unimportant) + - phpmyadmin <not-affected> (vulnerable code is not present) NOTE: path is known in Debian anyway CVE-2006-6372 (Multiple cross-site scripting (XSS) vulnerabilities in pbguestbook.php ...) NOT-FOR-US: JAB Guest Book diff --git a/data/CVE/2007.list b/data/CVE/2007.list index fb3b5cee72..9006aafb51 100644 --- a/data/CVE/2007.list +++ b/data/CVE/2007.list @@ -5877,8 +5877,7 @@ CVE-2007-4308 (The (1) aac_cfg_open and (2) aac_compat_ioctl functions in the SC CVE-2007-4307 (Multiple cross-site scripting (XSS) vulnerabilities in Storesprite 7 a ...) NOT-FOR-US: Storesprite CVE-2007-4306 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.10 ...) - - phpmyadmin <unfixed> (unimportant) - [sarge] - phpmyadmin <not-affected> + - phpmyadmin <not-affected> (vulnerable code is not present) NOTE: It seems that this requires knowledge of a unguessable session token. NOTE: Confirmed by upstream. Sarge is not affected at all. CVE-2007-4305 (Multiple race conditions in the (1) Sudo monitor mode and (2) Sysjail ...) |