Author: jmm-guest
Date: 2005-07-25 08:19:25 +0000 (Mon, 25 Jul 2005)
New Revision: 1465
Modified:
data/CAN/list
Log:
Update on phpbb, 2261 has an exploit in the wild.
Modified: data/CAN/list
===================================================================
--- data/CAN/list 2005-07-25 08:04:06 UTC (rev 1464)
+++ data/CAN/list 2005-07-25 08:19:25 UTC (rev 1465)
@@ -1,3 +1,6 @@
+CAN-2005-XXXX [Further minor security issues in phpbb]
+ NOTE: Maintainers already preparing packages of 2.0.17
+ - phpbb2 (unfixed; low)
CAN-2005-XXXX [xgalaga score file segfault]
- xgalaga 2.0.34-31 (low)
CAN-2005-XXXX [xemeraldia games file overwrite]
@@ -761,8 +764,7 @@
CAN-2005-2162 (PHP remote file inclusion vulnerability in form.inc.php3 in ...)
NOTE: not-for-us (MyGuestbook)
CAN-2005-2161 (Cross-site scripting (XSS) vulnerability in phpBB 2.0.16 allows
remote ...)
- NOTE: No bug for this, forwarded to maintainers
- - phpbb2 (unfixed; bug #317739; low)
+ - phpbb2 (unfixed; bug #317739; high)
CAN-2005-2160 (IMail stores usernames and passwords in cleartext in a cookie,
which ...)
NOTE: not-for-us (IMail)
CAN-2005-2159 (mshftp.dll in PlanetDNS PlanetFileServer 2.0.1.3 allows remote
...)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
