diff options
author | Simon L. B. Nielsen <simon@FreeBSD.org> | 2006-07-14 10:57:17 +0000 |
---|---|---|
committer | Simon L. B. Nielsen <simon@FreeBSD.org> | 2006-07-14 10:57:17 +0000 |
commit | e5cbabe75921db57ad4540b97215641fb8a87967 (patch) | |
tree | 21de8c5d28cc0fd53a8e64eef5e7b842d6eaaacf /security | |
parent | 8496f97a7ce2451f42f02caa027806b89a91ad36 (diff) | |
download | ports-e5cbabe75921db57ad4540b97215641fb8a87967.tar.gz ports-e5cbabe75921db57ad4540b97215641fb8a87967.zip |
Notes
Diffstat (limited to 'security')
-rw-r--r-- | security/vuxml/vuln.xml | 17 |
1 files changed, 3 insertions, 14 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index db5b2dc694b5..f5ba61ad7c03 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -45,20 +45,6 @@ Note: Please add new entries to the beginning of this file. <description> <body xmlns="http://www.w3.org/1999/xhtml"> <p>The Drupal team reports:</p> - <blockquote cite="http://drupal.org/node/65357"> - <p>Vulnerability: SQL injection vulnerability.</p> - <p>A security vulnerability in the database layer allowed - certain queries to be submitted to the database without - going through Drupal's query sanitizer.</p> - </blockquote> - <blockquote cite="http://drupal.org/node/65409"> - <p>Vulnerability: Execution of arbitrary files in certain - Apache configurations</p> - <p>Certain -- alas, typical -- configurations of Apache allows - execution of carefully named arbitrary scripts in the files - directory. Drupal now will attempt to automatically create - a .htaccess file in your "files" directory to protect you.</p> - </blockquote> <blockquote cite="http://drupal.org/node/66767"> <p>Vulnerability: XSS Vulnerability in taxonomy module</p> <p>It is possible for a malicious user to insert and execute @@ -69,10 +55,13 @@ Note: Please add new entries to the beginning of this file. </body> </description> <references> + <cvename>CVE-2006-2833</cvename> + <url>http://drupal.org/node/66767</url> </references> <dates> <discovery>2006-05-18</discovery> <entry>2006-07-13</entry> + <modified>2006-07-14</modified> </dates> </vuln> |