[Secure-testing-commits] r209 - sarge-checks/CAN
Joey Hess
joeyh@haydn.debian.org
Thu, 23 Dec 2004 15:21:21 -0700
Author: joeyh
Date: 2004-12-23 15:21:13 -0700 (Thu, 23 Dec 2004)
New Revision: 209
Modified:
sarge-checks/CAN/list
Log:
check recent CANs
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2004-12-23 16:14:40 UTC (rev 208)
+++ sarge-checks/CAN/list 2004-12-23 22:21:13 UTC (rev 209)
@@ -1,17 +1,17 @@
CAN-2004-1314 (Safari 1.x allows remote attackers to spoof arbitrary web sites by ...)
- TODO: check
+ NOTE: not-for-us (MacOS)
CAN-2004-1313 (The Smc.exe process in My Firewall Plus 5.0 build 1117, and possibly ...)
- TODO: check
+ NOTE: not-for-us (My Firewall Plus)
CAN-2004-1312
NOTE: reserved
CAN-2004-1311 (Integer overflow in the real_setup_and_get_header function in real.c ...)
- TODO: check
+ NOTE: not-for-us (mplayer)
CAN-2004-1310 (Stack-based buffer overflow in the asf_mmst_streaming.c functionality ...)
- TODO: check
+ NOTE: not-for-us (mplayer)
CAN-2004-1309 (Heap-based buffer overflow in the demux_open_bmp function in ...)
- TODO: check
+ NOTE: not-for-us (mplayer)
CAN-2004-1308 (Integer overflow in (1) tif_dirread.c and (2) tif_fax3.c for libtiff ...)
- - libtiff4 (unfixed; bug #286833)
+ - libtiff4 3.6.1-4
TODO: other packages containing libtiff code may be vulnerable (kfax?)
CAN-2004-1307
NOTE: reserved
@@ -20,108 +20,111 @@
CAN-2004-1305
NOTE: reserved
CAN-2004-1304 (Stack-based buffer overflow in the ELF header parsing code in file ...)
- - file (unfixed; bug #283316)
+ - file 4.12
CAN-2004-1303 (Buffer overflow in the get function in get.c for Yanf 0.4 allows ...)
- TODO: check
+ NOTE: not-for-us (Yanf)
CAN-2004-1302 (The id3tag_sort function in id3tag.c for YAMT 0.5 allows remote ...)
- TODO: check
+ NOTE: not-for-us (YAMT)
CAN-2004-1301 (Buffer overflow in the book_format_sql function in format.c for ...)
- TODO: check
+ NOTE: not-for-us (xlreader)
CAN-2004-1300 (Buffer overflow in the open_aiff_file function in demux_aiff.c for ...)
- - libxine1 (unfixed; bug #285899)
+ - xine-lib 1-rc8-1
CAN-2004-1299 (Buffer overflow in the get_attr function in html.c for vilistextum ...)
- TODO: check
+ NOTE: not-for-us (vilistextum)
CAN-2004-1298 (Buffer overflow in the parse function in vb2c.c for vb2c 0.02 allows ...)
- TODO: check
+ NOTE: not-for-us (vb2c)
CAN-2004-1297 (Buffer overflow in the process_font_table function in convert.c for ...)
- TODO: check
+ - unrtf (unfixed; bug #287038)
CAN-2004-1296
NOTE: reserved
- - pic2graph (unfixed; bug #286371)
+ - groff 1.18.1.1-5
CAN-2004-1295 (The slip_down function in slip.c for the uml_net program in ...)
- TODO: check
+ NOTE: uml_net is only executable by users in group uml-net in Debian
+ NOTE: uml-utilities-20040406 does not seem to be vulnerable, tried exploit
CAN-2004-1294 (The mget function in cmds.c for tnftp 20030825 allows remote FTP ...)
- tnftp (unfixed; bug #285902)
CAN-2004-1293 (Buffer overflow in the ReadFontTbl function in reader.c for ...)
- TODO: check
+ NOTE: not-for-us (rtf2latex2e)
CAN-2004-1292 (Buffer overflow in the parse_emelody function in parse_emelody.c for ...)
- TODO: check
+ NOTE: not-for-us (ringtonetools)
CAN-2004-1291 (Buffer overflow in qwik-smtpd allows remote attackers to use the ...)
- TODO: check
+ NOTE: not-for-us (qwik-smtpd)
CAN-2004-1290 (Buffer overflow in the process_moves function in pgn2web.c for pgn2web ...)
- TODO: check
+ NOTE: not-for-us (pgn2web)
CAN-2004-1289 (Multiple buffer overflows in (1) the getline function in pcalutil.c ...)
- TODO: check
+ - pcal (unfixed; bug #287039)
CAN-2004-1288 (Buffer overflow in the parse_html function in o3read.c for o3read ...)
- TODO: check
+ NOTE: not-for-us (o3read)
CAN-2004-1287 (Buffer overflow in the error function in preproc.c for NASM 0.98.38 ...)
- TODO: check
+ - nasm (unfixed; bug #285889)
CAN-2004-1286 (Buffer overflow in the auto_filter_extern function in auto.c for ...)
- TODO: check
+ NOTE: not-for-us (NapShare)
CAN-2004-1285 (Buffer overflow in the get_header function in asf_mmst_streaming.c for ...)
- TODO: check
+ NOTE: not-for-us (mplayer)
CAN-2004-1284 (Buffer overflow in the find_next_file function in playlist.c for ...)
- TODO: check
+ - mpg123 (unfixed; bug filed)
CAN-2004-1283 (Buffer overflow in the Mesh::type method in mesh.c for the mview ...)
- TODO: check
+ NOTE: not-for-us (mview)
CAN-2004-1282 (Buffer overflow in the strexpand function in string.c for LinPopUp ...)
- TODO: check
+ - linpopup (unfixed; bug filed)
CAN-2004-1281 (The ftp_retr function in junkie 0.3.1 allows remote malicious FTP ...)
- TODO: check
+ NOTE: not-for-us (junkie)
CAN-2004-1280 (The gui_popup_view_fly function in gui_tview_popup.c for junkie 0.3.1 ...)
- TODO: check
+ NOTE: not-for-us (junkie)
CAN-2004-1279 (Buffer overflow in the get_file_list_stdin function in jpegtoavi 1.5 ...)
- TODO: check
+ NOTE: not-for-us (jpegtoavi)
CAN-2004-1278 (Buffer overflow in the switch_voice function in parse.c for jcabc2ps ...)
- TODO: check
+ NOTE: not-for-us (jcabc2ps)
CAN-2004-1277 (The download_selection_recursive() function in ftplist.c for IglooFTP ...)
- TODO: check
+ NOTE: not-for-us (IglooFTP)
CAN-2004-1276 (IglooFTP 0.6.1, when recursively uploading a directory, allows local ...)
- TODO: check
+ NOTE: not-for-us (IglooFTP)
CAN-2004-1275 (Buffer overflow in the remove_quote function in convert.c for ...)
- TODO: check
+ NOTE: not-for-us (html2hdml)
CAN-2004-1274 (The DownloadLoop function in main.c for greed 0.81p allows remote ...)
- TODO: check
+ NOTE: not-for-us (greed)
+ NOTE: not the game in debian, the file download tool
CAN-2004-1273 (Buffer overflow in the DownloadLoop function in main.c for greed 0.81p ...)
- TODO: check
+ NOTE: not-for-us (greed)
+ NOTE: not the game in debian, the file download tool
CAN-2004-1272 (Buffer overflow in the save_embedded_address function in filter.c for ...)
- TODO: check
+ - filter (unfixed; bug filed)
CAN-2004-1271 (Buffer overflow in the dxfin function in d.c for dxfscope 0.2 allows ...)
- TODO: check
+ NOTE: not-for-us (dxfscope)
CAN-2004-1270 (lppasswd in CUPS 1.1.22, when run in environments that do not ensure ...)
- TODO: check
+ - cupsys 1.1.22-2
CAN-2004-1269 (lppasswd in CUPS 1.1.22 does not remove the passwd.new file if it ...)
- TODO: check
+ - cupsys 1.1.22-2
CAN-2004-1268 (lppasswd in CUPS 1.1.22 ignores write errors when modifying the CUPS ...)
- TODO: check
+ - cupsys 1.1.22-2
CAN-2004-1267 (Buffer overflow in the ParseCommand function in hpgl-input.c in the ...)
- TODO: check
+ - cupsys 1.1.22-2
CAN-2004-1266 (Buffer overflow in the get_field_headers function in csv2xml.cpp for ...)
- TODO: check
+ NOTE: not-for-us (csv2xml)
CAN-2004-1265 (Buffer overflow in the readObjectChunk function in 3dsimp.cpp for the ...)
- TODO: check
+ NOTE: not-for-us (Convex)
CAN-2004-1264 (Buffer overflow in the simplify_path function in config.c for ChBg 1.5 ...)
- chbg (unfixed; bug #285904)
CAN-2004-1263 (changepassword.cgi in ChangePassword 0.8, when installed setuid, ...)
- TODO: check
+ NOTE: not-for-us (ChangePassword):w
CAN-2004-1262 (Buffer overflow in the bsb_open_header function in libbsb for bsb2ppm ...)
- TODO: check
+ NOTE: not-for-us (bsb2ppm)
CAN-2004-1261 (Multiple buffer overflows in the preparse function in asp2php 0.76.23 ...)
- TODO: check
+ NOTE: not-for-us (asp2php)
CAN-2004-1260 (Multiple buffer overflows in the (1) write_heading function in ...)
- TODO: check
+ NOTE: not-for-us (abctab2ps)
CAN-2004-1259 (Multiple buffer overflows in the handle_directive function in abcpp.c ...)
- TODO: check
+ NOTE: not-for-us (abcpp)
CAN-2004-1258 (Buffer overflow in the put_words function in subs.c for abcm2ps 3.7.20 ...)
- - abcm2ps (unfixed; bug #285903)
+ - abcm2ps 4.8.5-1
CAN-2004-1257 (Buffer overflow in the process_abc function in abc.c for abc2mtex ...)
- TODO: check
+ NOTE: not-for-us (abc2mtex)
CAN-2004-1256 (Multiple buffer overflows in the (1) event_text and (2) event_specific ...)
- TODO: check
+ - abcmidi (unfixed; bug filed)
CAN-2004-1255 (Buffer overflow in the expandtabs function in 2fax 3.04 allows remote ...)
- TODO: check
+ NOTE: not-for-us (2fax)
CAN-2004-1254 (WinRAR 3.40, and possibly earlier versions, allows remote attackers to ...)
- TODO: check
+ NOTE: not-for-us (WinRAR)
CAN-2004-1253
NOTE: reserved
CAN-2004-1252
@@ -256,9 +259,9 @@
CAN-2004-1189
NOTE: reserved
CAN-2004-1188 (The pnm_get_chunk function in xine 0.99.2 and earlier, and other ...)
- - libxine1 (unfixed; bug #286077)
+ - xine-lib 1-rc8-1
CAN-2004-1187 (Heap-based buffer overflow in the pnm_get_chunk function for xine ...)
- TODO: check
+ - xine-lib 1-rc8-1
CAN-2004-1186
NOTE: reserved
CAN-2004-1185
@@ -289,7 +292,7 @@
CAN-2004-1173 (Internet Explorer 6 allows remote attackers to bypass the popup ...)
NOTE: not-for-us (MSIE)
CAN-2004-1172 (Stack-based buffer overflow in the Agent Browser in Veritas Backup ...)
- TODO: check
+ NOTE: not-for-us (Veritas Backup Exec)
CAN-2004-1171 (KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are ...)
- kdelibs 4:3.3.1-2
- kdebase 4:3.3.1-3
@@ -330,18 +333,18 @@
CAN-2004-1155 (Internet Explorer 5.01 through 6 allows remote attackers to spoof ...)
NOTE: not-for-us (Microsoft MSIE)
CAN-2004-1154 (Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x ...)
- TODO: check
+ - samba 3.0.10-1
CAN-2004-1153 (Format string vulnerability in Adobe Acrobat Reader 6.0.0 through ...)
- TODO: check
+ NOTE: not-for-us (Adobe Acrobat Reader)
CAN-2004-1152 (Buffer overflow in the mailListIsPd function in Adobe Acrobat Reader ...)
- TODO: check
+ NOTE: not-for-us (Adobe Acrobat Reader)
CAN-2004-1151 (Multiple buffer overflows in the (1) sys32_ni_syscall and (2) ...)
NOTE: fixed in kernel team svn
TODO: track fix
CAN-2004-1150
NOTE: reserved
CAN-2004-1149 (Computer Associates eTrust EZ Antivirus 7.0.0 to 7.0.4, including ...)
- TODO: check
+ NOTE: not-for-us (Computer Associates eTrust EZ Antivirus)
CAN-2004-1148 (phpMyAdmin before 2.6.1, when configured with UploadDir functionality, ...)
- phpmyadmin 2:2.6.1-rc1-1
CAN-2004-1147 (phpMyAdmin 2.6.0-pl2, and other versions before 2.6.1, with external ...)
@@ -365,7 +368,7 @@
CAN-2004-1139
NOTE: reserved
CAN-2004-1138 (Unknown vulnerability in Vim modeline options, such as (1) termcap, ...)
- TODO: check
+ - vim 1:6.3-046+1
CAN-2004-1137 (Multiple vulnerabilities in the IGMP functionality for Linux kernel ...)
NOTE: Fixed in kernel team svn
TODO: track fix
@@ -392,7 +395,7 @@
CAN-2004-1126
NOTE: reserved
CAN-2004-1125 (Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00 ...)
- TODO: check
+ - xpdf 3.0.0-11
CAN-2004-1124
NOTE: reserved
CAN-2004-1123 (Darwin Streaming Server 5.0.1, and possibly earlier versions, allows ...)
@@ -535,15 +538,15 @@
CAN-2004-1059
NOTE: reserved
CAN-2004-1058 (Race condition in Linux kernel 2.6 allows local users to read the ...)
- TODO: check
+ TODO: check with kernel team
CAN-2004-1057
NOTE: reserved
CAN-2004-1056 (Direct Rendering Manager (DRM) driver in Linux kernel 2.6 does not ...)
- TODO: check
+ TODO: check with kernel team
CAN-2004-1055 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
- phpmyadmin 2:2.6.0-pl3-1
CAN-2004-1054 (Untrusted execution path vulnerability in invscout in IBM AIX 5.1.0, ...)
- TODO: check
+ NOTE: not-for-us (AIX)
CAN-2004-1053 (Integer overflow in fetch on FreeBSD 4.1 through 5.3 allows remote ...)
NOTE: not-for-us (fetch on FreeBSD)
CAN-2004-1052 (Buffer overflow in the getnickuserhost function in BNC 2.8.9, and ...)
@@ -598,7 +601,7 @@
CAN-2004-1029 (The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) ...)
NOTE: not-for-us (Sun JRE)
CAN-2004-1028 (Untrusted execution path vulnerability in chcod on AIX IBM 5.1.0, ...)
- TODO: check
+ NOTE: not-for-us (AIX)
CAN-2004-1027 (The -x command line option in unarj allows remote attackers to ...)
NOTE: sarge's unarj is from a different code base, probably not vulnerable
CAN-2004-1026 (Multiple integer overflows in the image handler for imlib 1.9.14 and ...)
@@ -803,7 +806,7 @@
NOTE: see http://lwn.net/Alerts/110733/
NOTE: sarge's unarj is from a different code base, probably not vulnerable
CAN-2004-0946 (rquotad in nfs-utils (rquota_server.c) before 1.0.6-r6 on 64-bit ...)
- TODO: check
+ - nfs-utils (unfixed; bug filed)
CAN-2004-0945
NOTE: reserved
CAN-2004-0944