[Secure-testing-commits] r871 - sarge-checks/CAN

Moritz Muehlenhoff jmm-guest@costa.debian.org
Wed, 20 Apr 2005 09:36:15 +0000 

Author: jmm-guest
Date: 2005-04-20 09:36:12 +0000 (Wed, 20 Apr 2005)
New Revision: 871

Modified:
   sarge-checks/CAN/list
Log:
Checked the new ones.


Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list	2005-04-20 09:27:05 UTC (rev 870)
+++ sarge-checks/CAN/list	2005-04-20 09:36:12 UTC (rev 871)
@@ -1,43 +1,42 @@
-begin claimed by jmm
 CAN-2005-1191 (The Web View DLL (webvw.dll), as used in Windows Explorer on Windows ...)
-	TODO: check
+	NOTE: not-for-us (Windows)
 CAN-2005-1190 (WebcamXP PRO v2.16.468 and earlier allows remote attackers to cause a ...)
-	TODO: check
+	NOTE: not-for-us (WebcamXP)
 CAN-2005-1189 (Cross-site scripting (XSS) vulnerability in WebcamXP PRO v2.16.468 and ...)
-	TODO: check
+	NOTE: not-for-us (WebcamXP)
 CAN-2005-1188 (Cross-site scripting (XSS) vulnerability in comersus_searchItem.asp in ...)
-	TODO: check
+	NOTE: not-for-us (ComersusCart)
 CAN-2005-1187 (Heap-based buffer overflow in WinHex 12.05 SR-14, and possibly other ...)
-	TODO: check
+	NOTE: not-for-us (WinHex)
 CAN-2005-1186 (Musicmatch Jukebox 10.00.2047 and earlier adds the musicmatch.com ...)
-	TODO: check
+	NOTE: not-for-us (Musicmatch)
 CAN-2005-1185 (MMFWLaunch.exe in Musicmatch Jukebox 10.00.2047 and earlier does not ...)
-	TODO: check
+	NOTE: not-for-us (Musicmatch)
 CAN-2005-1184 (The TCP/IP stack in multiple operating systems allows remote attackers ...)
 	TODO: check
 CAN-2005-1183 (Cross-site scripting (XSS) vulnerability in mvnForum 1.0 RC4 allows ...)
-	TODO: check
+	NOTE: not-for-us (mvnForum)
 CAN-2005-1182 (Unknown vulnerability in Incoming Remote Command (iSeries Access for ...)
-	TODO: check
+	NOTE: not-for-us (iSeries OS)
 CAN-2005-1181 (PHP remote code injection vulnerability in loader.php for Ariadne CMS ...)
-	TODO: check
+	NOTE: not-for-us (Ariadne CMS)
 CAN-2005-1180 (HTTP Response Splitting vulnerability in the Surveys module in ...)
-	TODO: check
+	NOTE: not-for-us (PHP-Nuke)
 CAN-2005-1179 (Unknown vulnerability in Xerox MicroServer Web Server for various ...)
-	TODO: check
+	NOTE: not-for-us (Xerox)
 CAN-2005-1178 (SQL injection vulnerability in Oracle Forms 10g allows remote ...)
-	TODO: check
+	NOTE: not-for-us (Oracle)
 CAN-2005-1177 (Unknown vulnerability in (1) Webmin and (2) Usermin before 1.200 ...)
-	TODO: check
+	NOTE: According to maintainer posting in debian-release this does only affect 1.190
+	NOTE: and not the version in Sarge
 CAN-2005-1176 (Race condition in JFS2 on AIX 5.2 and 5.3, when deleting a file while ...)
-	TODO: check
+	NOTE: not-for-us (AIX)
 CAN-2005-1175
 	NOTE: reserved
 CAN-2005-1174
 	NOTE: reserved
 CAN-2004-1774 (Buffer overflow in the SDO_CODE_SIZE peocedure of the MD2 package ...)
-	TODO: check
-end claimed by jmm	
+	NOTE: not-for-us (Oracle)
 CAN-2005-XXXX [Heap overflow in xine-lib's RTSP streaming code]
 	- xine-lib (unfixed; bug #305343)
 CAN-2005-1173 (Buffer overflow in PMSoftware Simple Web Server 1.0 allows remote ...)