[Secure-testing-commits] r856 - sarge-checks/CAN
Moritz Muehlenhoff
jmm-guest@costa.debian.org
Tue, 19 Apr 2005 10:04:19 +0000
Author: jmm-guest
Date: 2005-04-19 10:04:16 +0000 (Tue, 19 Apr 2005)
New Revision: 856
Modified:
sarge-checks/CAN/list
Log:
some more not-for-us
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-04-19 09:55:03 UTC (rev 855)
+++ sarge-checks/CAN/list 2005-04-19 10:04:16 UTC (rev 856)
@@ -1,29 +1,29 @@
CAN-2005-1173 (Buffer overflow in PMSoftware Simple Web Server 1.0 allows remote ...)
- TODO: check
+ NOTE: not-for-us (PMSoftware Simple Web Server)
CAN-2005-1172 (Cross-site scripting (XSS) vulnerability in init.inc.php in Coppermine ...)
- TODO: check
+ NOTE: not-for-us (Coppermine Photo Gallery)
CAN-2005-1171 (Cross-site scripting (XSS) vulnerability in datenbank module for phpBB ...)
- TODO: check
+ TODO: check, whether this is part of standard phpBB or an addon
CAN-2005-1170 (SQL injection vulnerability in datenbank module for phpBB allows ...)
- TODO: check
+ TODO: check, whether this is part of standard phpBB or an addon
CAN-2005-1169 (Mafia Blog .4 BETA does not properly protect the admin directory, ...)
- TODO: check
+ NOTE: not-for-us (Mafia Blog)
CAN-2005-1168 (DiagCollectionControl.dll in Musicmatch 10.00.2047 and earlier allows ...)
- TODO: check
+ NOTE: not-for-us (Musicmatch)
CAN-2005-1167 (Musicmatch 10.00.2047 and earlier store log files in the Program Files ...)
- TODO: check
+ NOTE: not-for-us (Musicmatch)
CAN-2005-1166 (The DNTUS26 process in Dameware NT Utilities and the DWRCS process in ...)
- TODO: check
+ NOTE: not-for-us (Dameware)
CAN-2005-1165 (Yager 5.24 and earlier allows remote attackers to cause a denial of ...)
- TODO: check
+ NOTE: not-for-us (Yager game)
CAN-2005-1164 (Yager 5.24 and earlier allows remote attackers to cause a denial of ...)
- TODO: check
+ NOTE: not-for-us (Yager game)
CAN-2005-1163 (Multiple buffer overflows in Yager 5.24 and earlier allow remote ...)
- TODO: check
+ NOTE: not-for-us (Yager game)
CAN-2005-1162 (Multiple cross-site scripting (XSS) vulnerabilities in OneWorldStore ...)
- TODO: check
+ NOTE: not-for-us (OneWorldStore)
CAN-2005-1161 (Multiple SQL injection vulnerabilities in OneWorldStore allow remote ...)
- TODO: check
+ NOTE: not-for-us (OneWorldStore)
CAN-2005-1160 (The privileged "chrome" UI code in Firefox before 1.0.3 and Mozilla ...)
- mozilla-firefox 1.0.3-1
- mozilla 1.7.7-1
@@ -41,7 +41,6 @@
CAN-2005-1155 (The favicon functionality in Firefox before 1.0.3 and Mozilla Suite ...)
- mozilla-firefox 1.0.3-1
- mozilla 1.7.7-1
- TODO: check
CAN-2005-1154 (Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote ...)
- mozilla-firefox 1.0.3-1
- mozilla 1.7.7-1
@@ -145,7 +144,7 @@
NOTE: only part of Woody, has been removed from Sarge and sid
NOTE: not-for-us (Junkbuster)
CAN-2005-1107 (McAfee Internet Security Suite 2005 uses insecure default ACLs for ...)
- TODO: check
+ NOTE: not-for-us (McAfee)
CAN-2005-XXXX [Remote DoS vulnerabilities in postgrey]
- postgrey 1.21-1
CAN-2005-1106 (PictureViewer in QuickTime for Windows 6.5.2 allows remote attackers ...)
@@ -434,7 +433,7 @@
CAN-2005-0977 (The shmem_nopage function in shmem.c for the tmpfs driver in Linux ...)
- kernel-source-2.6.8 2.6.8-16
CAN-2005-0976 (AppleWebKit (WebCore and WebKit), as used in multiple products such as ...)
- TODO: check
+ NOTE: not-for-us (Apple)
CAN-2005-0975
NOTE: reserved
CAN-2005-0974