[Openvas-commits] r6064 - in trunk/openvas-plugins: . scripts

scm-commit@wald.intevation.org scm-commit at wald.intevation.org
Fri Dec 4 16:58:12 CET 2009


Author: reinke
Date: 2009-12-04 16:58:10 +0100 (Fri, 04 Dec 2009)
New Revision: 6064

Modified:
   trunk/openvas-plugins/ChangeLog
   trunk/openvas-plugins/scripts/ubuntu_862_1.nasl
Log:


Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog	2009-12-04 13:17:59 UTC (rev 6063)
+++ trunk/openvas-plugins/ChangeLog	2009-12-04 15:58:10 UTC (rev 6064)
@@ -1,3 +1,7 @@
+2009-12-04  Thomas Reinke <reinke at securityspace.com>
+	* scripts/ubuntu_862_1.nasl:
+	Shortened description
+
 2009-12-04  Chandrashekhar B <bchandra at secpod.com>
 
 	* scripts/gb_ms_ie_style_object_remote_code_exec_vuln.nasl,

Modified: trunk/openvas-plugins/scripts/ubuntu_862_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ubuntu_862_1.nasl	2009-12-04 13:17:59 UTC (rev 6063)
+++ trunk/openvas-plugins/scripts/ubuntu_862_1.nasl	2009-12-04 15:58:10 UTC (rev 6064)
@@ -46,8 +46,7 @@
 It was discovered that PHP's php_openssl_apply_verification_policy
 function did not correctly handle SSL certificates with zero bytes in the
 Common Name. A remote attacker could exploit this to perform a man in the
-middle attack to view sensitive information or alter encrypted
-communications. (CVE-2009-3291)
+middle attack. (CVE-2009-3291)
 
 It was discovered that PHP did not properly handle certain malformed images
 when being parsed by the Exif module. A remote attacker could exploit this
@@ -69,7 +68,7 @@
 
 ATTENTION: This update changes previous PHP behaviour by limiting the
 number of files in a POST request to 50. This may be increased by adding a
-max_file_uploads directive to the php.ini configuration file.
+max_file_uploads directive to php.ini.
 
 It was discovered that PHP did not properly enforce restrictions in the
 proc_open function. An attacker could exploit this issue to bypass



More information about the Openvas-commits mailing list