[Secure-testing-team] False positives from daily report

Julien Goodwin julien.goodwin at strategicdata.com.au
Sat Jun 24 18:29:20 UTC 2006

CVE-2006-0146 The server.php test script in ADOdb for PHP before...
  - cacti (remotely exploitable)

CVE-2006-0147 Dynamic code evaluation vulnerability in...
  - cacti (remotely exploitable)

(on a fully updated etch system)

This should be listed as fixed for etch and sid as well from version
0.8.6d-1 (First version where adodb code removed from source tarball).

That, or your daily report script fixed not to show this.

CVE-2006-0456 kernel: strlen_user() DoS on s390
  - linux-headers-2.6.15-1-686-smp, linux-image-2.6-686-smp,
    linux-image-2.6.15-1-686-smp, linux-headers-2.6.15-1,
Would be nice if arch-specific issues (rare as I'm sure they are) could
be hidden if appropriate.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 250 bytes
Desc: OpenPGP digital signature
Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20060625/95a5239f/signature.pgp

More information about the Secure-testing-team mailing list