[Secure-testing-commits] r822 - sarge-checks/CAN

Joey Hess joeyh@costa.debian.org
Thu, 14 Apr 2005 21:14:23 +0000 

Author: joeyh
Date: 2005-04-14 21:14:19 +0000 (Thu, 14 Apr 2005)
New Revision: 822

Modified:
   sarge-checks/CAN/list
Log:
automatic CAN database update

Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list	2005-04-14 18:38:02 UTC (rev 821)
+++ sarge-checks/CAN/list	2005-04-14 21:14:19 UTC (rev 822)
@@ -1,3 +1,19 @@
+CAN-2005-1106 (PictureViewer in QuickTime for Windows 6.5.2 allows remote attackers ...)
+	TODO: check
+CAN-2005-1105 (Directory traversal vulnerability in the MimeBodyPart.getFileName ...)
+	TODO: check
+CAN-2005-1104 (Multiple cross-site scripting (XSS) vulnerabilities in Centra 7 ...)
+	TODO: check
+CAN-2005-1103 (Sygate Security Agent (SSA) in Sygate Secure Enterprise 3.5 through ...)
+	TODO: check
+CAN-2005-1102 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+	TODO: check
+CAN-2005-1101 (Multiple buffer overflows in Lotus Domino Server 6.0.5 and 6.5.4 allow ...)
+	TODO: check
+CAN-2005-1100 (Format string vulnerability in the ErrorLog function in cnf.c in ...)
+	TODO: check
+CAN-2005-1099 (Multiple buffer overflows in the HandleChild function in server.c in ...)
+	TODO: check
 CAN-2005-1098 (GetDataBack for NTFS 2.31 stores the username and license key in ...)
 	NOTE: not-for-us (GetDataBack for NTFS (Windows))
 CAN-2005-1097 (Rebrand P2P Share Spy 2.2 stores the user password in plaintext in the ...)
@@ -1366,8 +1382,8 @@
 	NOTE: not-for-us (Cisco)
 CAN-2005-0611 (Heap-based buffer overflow in RealNetworks RealPlayer 10.5 ...)
 	NOTE: not-for-us (Real)
-CAN-2005-0610
-	NOTE: reserved
+CAN-2005-0610 (Multiple symlink vulnerabilities in portupgrade before 20041226_2 in ...)
+	TODO: check
 CAN-2005-0609
 	NOTE: reserved
 CAN-2005-0608 (Heap-based buffer overflow in server.cpp for WebMod 0.47 allows remote ...)
@@ -1474,26 +1490,26 @@
 	NOTE: reserved
 CAN-2005-0563
 	NOTE: reserved
-CAN-2005-0562
-	NOTE: reserved
+CAN-2005-0562 (GIF file validation error in MSN Messenger 6.2 allows remote attackers ...)
+	TODO: check
 CAN-2005-0561
 	NOTE: reserved
-CAN-2005-0560
-	NOTE: reserved
+CAN-2005-0560 (Heap-based buffer overflow in the SMTP service of Exchange Server 2000 ...)
+	TODO: check
 CAN-2005-0559
 	NOTE: reserved
-CAN-2005-0558
-	NOTE: reserved
+CAN-2005-0558 (Buffer overflow in Microsoft Word 2000, Word 2002, and Word 2003 ...)
+	TODO: check
 CAN-2005-0557
 	NOTE: reserved
 CAN-2005-0556
 	NOTE: reserved
-CAN-2005-0555
-	NOTE: reserved
-CAN-2005-0554
-	NOTE: reserved
-CAN-2005-0553
-	NOTE: reserved
+CAN-2005-0555 (Buffer overflow in the Content Advisor in Microsoft Internet Explorer ...)
+	TODO: check
+CAN-2005-0554 (Buffer overflow in the URL processor of Microsoft Internet Explorer ...)
+	TODO: check
+CAN-2005-0553 (Race condition in the memory management routines in the DHTML object ...)
+	TODO: check
 CAN-2005-0552
 	NOTE: reserved
 CAN-2005-0551 (The Client Server Runtime System (CSRSS) process of Microsoft Windows ...)
@@ -2371,7 +2387,6 @@
 CAN-2005-0405
 	NOTE: reserved
 CAN-2005-0404 [information leak in kmail]
-	NOTE: reserved
 	NOTE: see http://mail.kde.org/pipermail/kmail-devel/2005-February/015490.html
 	NOTE: see http://bugs.kde.org/show_bug.cgi?id=96020
 	NOTE: see http://www.securiteam.com/unixfocus/5GP0B0AFFE.html
@@ -3503,8 +3518,8 @@
 	NOTE: not-for-us (Microsoft)
 CAN-2005-0049 (Windows SharePoint Services and SharePoint Team Services for Windows ...)
 	NOTE: not-for-us (Microsoft)
-CAN-2005-0048
-	NOTE: reserved
+CAN-2005-0048 (Microsoft Windows XP SP2 and earlier, 2000 SP3 and SP4, Server 2003, ...)
+	TODO: check
 CAN-2005-0047 (Windows 2000, XP, and Server 2003 does not properly "validate the use ...)
 	NOTE: not-for-us (Microsoft)
 CAN-2005-0046
@@ -4331,8 +4346,8 @@
 	- viewcvs 0.9.2+cvs.1.0.dev.2004.07.28-1.3
 CAN-2004-1061 (Cross-site scripting (XSS) vulnerability in unknown versions of ...)
 	- bugzilla 2.16.7-2
-CAN-2004-1060
-	NOTE: reserved
+CAN-2004-1060 (Multiple TCP/IP and ICMP implementations, when using Path MTU (PMTU) ...)
+	TODO: check
 CAN-2004-1059 (Multiple cross-site scripting (XSS) vulnerabilities in mnoGoSearch ...)
 	- mnogosearch 3.2.18-2.2
 CAN-2004-1058 (Race condition in Linux kernel 2.6 allows local users to read the ...)
@@ -4586,7 +4601,7 @@
 	NOTE: not vulnerable according to http://www.debian.org/security/nonvulns-sarge
 	NOTE: DSA says zinf not vulnerable in sarge
 	- zinf 2.2.5
-CAN-2004-0963 (MS Word 2002 (10.6612.6714) SP3, and possibly other versions, allows ...)
+CAN-2004-0963 (Buffer overflow in Microsoft Word 2002 (10.6612.6714) SP3, and ...)
 	NOTE: not-for-us (windows)
 CAN-2004-0962 (Apple Remote Desktop Client 1.2.4 executes a GUI application as root ...)
 	NOTE: not-for-us (Apple Remote Desktop Client)
@@ -4989,10 +5004,10 @@
 	- bsdmainutils 6.0.15
 CAN-2004-0792 (Directory traversal vulnerability in the sanitize_path function in ...)
 	- rsync 2.6.3
-CAN-2004-0791
-	NOTE: reserved
-CAN-2004-0790
-	NOTE: reserved
+CAN-2004-0791 (Multiple TCP/IP and ICMP implementations allow remote attackers to ...)
+	TODO: check
+CAN-2004-0790 (Multiple TCP/IP and ICMP implementations allow remote attackers to ...)
+	TODO: check
 CAN-2004-0789
 	NOTE: reserved
 CAN-2004-0788 (Integer overflow in the ICO image decoder for (1) gdk-pixbuf before ...)