[Secure-testing-commits] r869 - sarge-checks/CAN
Joey Hess
joeyh@costa.debian.org
Wed, 20 Apr 2005 09:14:28 +0000
Author: joeyh
Date: 2005-04-20 09:14:24 +0000 (Wed, 20 Apr 2005)
New Revision: 869
Modified:
sarge-checks/CAN/list
Log:
automatic CAN database update
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-04-20 08:45:44 UTC (rev 868)
+++ sarge-checks/CAN/list 2005-04-20 09:14:24 UTC (rev 869)
@@ -1,3 +1,41 @@
+CAN-2005-1191 (The Web View DLL (webvw.dll), as used in Windows Explorer on Windows ...)
+ TODO: check
+CAN-2005-1190 (WebcamXP PRO v2.16.468 and earlier allows remote attackers to cause a ...)
+ TODO: check
+CAN-2005-1189 (Cross-site scripting (XSS) vulnerability in WebcamXP PRO v2.16.468 and ...)
+ TODO: check
+CAN-2005-1188 (Cross-site scripting (XSS) vulnerability in comersus_searchItem.asp in ...)
+ TODO: check
+CAN-2005-1187 (Heap-based buffer overflow in WinHex 12.05 SR-14, and possibly other ...)
+ TODO: check
+CAN-2005-1186 (Musicmatch Jukebox 10.00.2047 and earlier adds the musicmatch.com ...)
+ TODO: check
+CAN-2005-1185 (MMFWLaunch.exe in Musicmatch Jukebox 10.00.2047 and earlier does not ...)
+ TODO: check
+CAN-2005-1184 (The TCP/IP stack in multiple operating systems allows remote attackers ...)
+ TODO: check
+CAN-2005-1183 (Cross-site scripting (XSS) vulnerability in mvnForum 1.0 RC4 allows ...)
+ TODO: check
+CAN-2005-1182 (Unknown vulnerability in Incoming Remote Command (iSeries Access for ...)
+ TODO: check
+CAN-2005-1181 (PHP remote code injection vulnerability in loader.php for Ariadne CMS ...)
+ TODO: check
+CAN-2005-1180 (HTTP Response Splitting vulnerability in the Surveys module in ...)
+ TODO: check
+CAN-2005-1179 (Unknown vulnerability in Xerox MicroServer Web Server for various ...)
+ TODO: check
+CAN-2005-1178 (SQL injection vulnerability in Oracle Forms 10g allows remote ...)
+ TODO: check
+CAN-2005-1177 (Unknown vulnerability in (1) Webmin and (2) Usermin before 1.200 ...)
+ TODO: check
+CAN-2005-1176 (Race condition in JFS2 on AIX 5.2 and 5.3, when deleting a file while ...)
+ TODO: check
+CAN-2005-1175
+ NOTE: reserved
+CAN-2005-1174
+ NOTE: reserved
+CAN-2004-1774 (Buffer overflow in the SDO_CODE_SIZE peocedure of the MD2 package ...)
+ TODO: check
CAN-2005-XXXX [Heap overflow in xine-lib's RTSP streaming code]
- xine-lib (unfixed; bug #305343)
CAN-2005-1173 (Buffer overflow in PMSoftware Simple Web Server 1.0 allows remote ...)
@@ -4,9 +42,9 @@
NOTE: not-for-us (PMSoftware Simple Web Server)
CAN-2005-1172 (Cross-site scripting (XSS) vulnerability in init.inc.php in Coppermine ...)
NOTE: not-for-us (Coppermine Photo Gallery)
-CAN-2005-1171 (Cross-site scripting (XSS) vulnerability in datenbank module for phpBB ...)
+CAN-2005-1171 (Cross-site scripting (XSS) vulnerability in mod.php in the datenbank ...)
NOTE: not-for-us (moddb phpbb2 add-on)
-CAN-2005-1170 (SQL injection vulnerability in datenbank module for phpBB allows ...)
+CAN-2005-1170 (SQL injection vulnerability in mod.php in the datenbank module for ...)
NOTE: not-for-us (moddb phpbb2 add-on)
CAN-2005-1169 (Mafia Blog .4 BETA does not properly protect the admin directory, ...)
NOTE: not-for-us (Mafia Blog)
@@ -1330,7 +1368,7 @@
NOTE: not-for-us (Apple QuickTime/Darwin Streaming Server)
CAN-2003-1090 (Buffer overflow in AbsoluteTelnet before 2.12 RC10 allows remote ...)
NOTE: not-for-us (AbsoluteTelnet)
-CAN-2005-0703 (Unknown vulnerability in Xerox MicroServer Web Server for various ...)
+CAN-2005-0703 (Xerox MicroServer Web Server for various WorkCentre products including ...)
NOTE: not-for-us (Xerox MicroServer Web Server)
CAN-2005-0702 (SQL injection vulnerability in phpMyFAQ 1.4 and 1.5 allows remote ...)
NOTE: not-for-us (phpMyFAQ)
@@ -2574,8 +2612,7 @@
NOTE: reserved
CAN-2005-0392
NOTE: reserved
-CAN-2005-0391
- NOTE: reserved
+CAN-2005-0391 (geneweb 4.10 and earlier does not properly check file permissions and ...)
{DSA-712-1}
CAN-2005-0390 [axel buffer overflow in HTTP redirection handling in conn.c]
{DSA-706-1}
@@ -3775,8 +3812,7 @@
NOTE: reserved
CAN-2004-1342
NOTE: reserved
-CAN-2004-1341
- NOTE: reserved
+CAN-2004-1341 (Cross-site scripting (XSS) vulnerability in info2www before 1.2.2.9 ...)
{DSA-711-1}
CAN-2004-1340 (Debian GNU/Linux 3.0 installs the libpam-radius-auth package with the ...)
{DSA-659-1}