trac

• Author: Miklos Vajna
• Vulnerable: 0.10.5-1
• Unaffected: 0.11.2-1solaria1

Some vulnerabilities have been reported in Trac, which can be exploited by malicious people to cause a DoS (Denial of Service) or to conduct phishing attacks.

1. An unspecified error in the HTML sanitiser filter can be exploited to conduct phishing attacks.
2. An unspecified error when processing wiki markup can be exploited to cause a DoS.

• Bug Tracker URL: http://bugs.frugalware.org/task/3448

CVEs:

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5646
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5647