[Secure-testing-commits] r888 - sarge-checks/CAN
Joey Hess
joeyh@costa.debian.org
Fri, 22 Apr 2005 09:14:21 +0000
Author: joeyh
Date: 2005-04-22 09:14:17 +0000 (Fri, 22 Apr 2005)
New Revision: 888
Modified:
sarge-checks/CAN/list
Log:
automatic CAN database update
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-04-21 21:14:19 UTC (rev 887)
+++ sarge-checks/CAN/list 2005-04-22 09:14:17 UTC (rev 888)
@@ -1,3 +1,161 @@
+CAN-2005-1204 (Desktop Rover 3.0, and possibly earlier versions, allows remote ...)
+ TODO: check
+CAN-2005-1203 (Multiple SQL injection vulnerabilities in index.php in eGroupware ...)
+ TODO: check
+CAN-2005-1202 (Multiple cross-site scripting (XSS) vulnerabilities in eGroupware ...)
+ TODO: check
+CAN-2005-1201 (Multiple directory traversal vulnerabilities in AZBB before 1.0.08 ...)
+ TODO: check
+CAN-2005-1200 (PHP remote code injection vulnerability in main_index.php in AZ ...)
+ TODO: check
+CAN-2005-1199 (SQL injection vulnerability in printthread.php in UBB.Threads allows ...)
+ TODO: check
+CAN-2005-1198 (Directory traversal vulnerability in apexec.pl for Anaconda Foundation ...)
+ TODO: check
+CAN-2005-1197 (SQL injection vulnerability in the ...)
+ TODO: check
+CAN-2005-1196 (SQL injection vulnerability in kb.php in the Knowledge Base module for ...)
+ TODO: check
+CAN-2005-1195 (Multiple heap-based buffer overflows in the code used to handle (1) ...)
+ TODO: check
+CAN-2005-1194
+ NOTE: reserved
+CAN-2005-1193
+ NOTE: reserved
+CAN-2005-1192
+ NOTE: reserved
+CAN-2004-1776 (Cisco IOS 12.1(3) and 12.1(3)T allows remote attackers to read and ...)
+ TODO: check
+CAN-2004-1775 (Cisco VACM (View-based Access Control MIB) for Catalyst Operating ...)
+ TODO: check
+CAN-2003-1132 (The DNS server for Cisco Content Service Switch (CSS) 11000 and 11500, ...)
+ TODO: check
+CAN-2001-1476 (SSH before 2.0, with RC4 encryption and the "disallow NULL passwords" ...)
+ TODO: check
+CAN-2001-1475 (SSH before 2.0, when using RC4 and password authentication, allows ...)
+ TODO: check
+CAN-2001-1474 (SSH before 2.0 disables host key checking when connecting to the ...)
+ TODO: check
+CAN-2001-1473 (The SSH-1 protocol allows remote servers conduct man-in-the-middle ...)
+ TODO: check
+CAN-2001-1472 (SQL injection vulnerability in prefs.php in phpBB 1.4.0 and 1.4.1 ...)
+ TODO: check
+CAN-2001-1471 (prefs.php in phpBB 1.4.0 and earlier allows remote authenticated users ...)
+ TODO: check
+CAN-2001-1470 (The IDEA cipher as implemented by SSH1 does not protect the final ...)
+ TODO: check
+CAN-2001-1469 (The RC4 stream cipher as used by SSH1 allows remote attackers to ...)
+ TODO: check
+CAN-2001-1468 (PHP remote code injection vulnerability in checklogin.php in ...)
+ TODO: check
+CAN-2001-1467 (mkpasswd in expect 5.2.8, as used by Red Hat Linux 6.2 through 7.0, ...)
+ TODO: check
+CAN-2001-1466 (Buffer overflow in VanDyke SecureCRT before 3.4.2, when using the ...)
+ TODO: check
+CAN-2001-1465 (SurfControl SuperScout only filters packets containing both an HTTP ...)
+ TODO: check
+CAN-2001-1464 (Crystal Reports, when displaying data for a password protected ...)
+ TODO: check
+CAN-2001-1463 (The remote admimnistration client for RhinoSoft Serv-U 3.0 sends the ...)
+ TODO: check
+CAN-2001-1462 (WebID in RSA Security SecurID 5.0 as used by ACE/Agent for Windows, ...)
+ TODO: check
+CAN-2001-1461 (Directory traversal vulnerability in WebID in RSA Security SecurID 5.0 ...)
+ TODO: check
+CAN-2001-1460 (SQL injection vulnerability in article.php in PostNuke 0.62 through ...)
+ TODO: check
+CAN-2001-1459 (OpenSSH 2.9 and earlier does not initiate a Pluggable Authentication ...)
+ TODO: check
+CAN-2001-1458 (Directory traversal vulnerability in Novell GroupWise 5.5 and 6.0 ...)
+ TODO: check
+CAN-2001-1457 (Buffer overflow in CrazyWWWBoard 2000p4 and 2000LEp5 allows remote ...)
+ TODO: check
+CAN-2001-1456 (Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for ...)
+ TODO: check
+CAN-2001-1455 (Netegrity SiteMinder 3.6 through 4.5.1 allows remote attackers to ...)
+ TODO: check
+CAN-2001-1454 (Buffer overflow in MySQL before 3.23.33 allows remote attackers to ...)
+ TODO: check
+CAN-2001-1453 (Buffer overflow in libmysqlclient.so in MySQL 3.23.33 and earlier ...)
+ TODO: check
+CAN-2001-1452 (By default, DNS servers on Windows NT 4.0 and Windows 2000 Server ...)
+ TODO: check
+CAN-2001-1451 (Memory leak in the SNMP LAN Manager (LANMAN) MIB extension for ...)
+ TODO: check
+CAN-2001-1450 (Microsoft Internet Explorer 5.0 through 6.0 allows attackers to cause ...)
+ TODO: check
+CAN-2001-1449 (The default installation of Apache before 1.3.19 on Mandrake Linux 7.1 ...)
+ TODO: check
+CAN-2001-1448 (Magic eDeveloper Enterprise Edition 8.30-5 and earlier allows local ...)
+ TODO: check
+CAN-2001-1447 (NetInfo Manager for Mac OS X 10.0 through 10.1 allows local users to ...)
+ TODO: check
+CAN-2001-1446 (Find-By-Content in Mac OS X 10.0 through 10.0.4 creates world-readable ...)
+ TODO: check
+CAN-2001-1445 (Unknown vulnerability in the SMTP server in Lotus Domino 5.0 through ...)
+ TODO: check
+CAN-2001-1444 (The Kerberos Telnet protocol, as implemented by KTH Kerberos IV and ...)
+ TODO: check
+CAN-2001-1443 (KTH Kerberos IV and Kerberos V (Heimdal) for Telnet clients do not ...)
+ TODO: check
+CAN-2001-1442 (Buffer overflow in innfeed for ISC InterNetNews (INN) before 2.3.0 ...)
+ TODO: check
+CAN-2001-1441 (Cross-site scripting (XSS) vulnerability in VisualAge for Java 3.5 ...)
+ TODO: check
+CAN-2001-1440 (Unknown vulnerability in login for AIX 5.1L, when using loadable ...)
+ TODO: check
+CAN-2001-1439 (Buffer overflow in the text editor functionality in HP-UX 10.01 ...)
+ TODO: check
+CAN-2001-1438 (Handspring Visor 1.0 and 1.0.1 with the VisorPhone Springboard module ...)
+ TODO: check
+CAN-2001-1437 (easyScripts easyNews 1.5 allows remote attackers to obtain the full ...)
+ TODO: check
+CAN-2001-1436 (Dallas Semiconductor iButton DS1991 returns predictable values when ...)
+ TODO: check
+CAN-2001-1435 (inetd in Compaq Tru64 UNIX 5.1 allows attackers to cause a denial of ...)
+ TODO: check
+CAN-2001-1434 (Cisco IOS 12.0(5)XU through 12.1(2) allows remote attackers to read ...)
+ TODO: check
+CAN-2000-1223 (quikstore.cgi in Quikstore Shopping Cart allows remote attackers to ...)
+ TODO: check
+CAN-2000-1222 (AIX sysback before 4.2.1.13 uses a relative path to find and execute ...)
+ TODO: check
+CAN-2000-1221 (The line printer daemon (lpd) in the lpr package in multiple Linux ...)
+ TODO: check
+CAN-2000-1220 (The line printer daemon (lpd) in the lpr package in multiple Linux ...)
+ TODO: check
+CAN-2000-1219 (The -ftrapv compiler option in gcc and g++ 3.3.3 and earlier does not ...)
+ TODO: check
+CAN-2000-1218 (The default configuration for the domain name resolver for Microsoft ...)
+ TODO: check
+CAN-2000-1217 (Microsoft Windows 2000 before Service Pack 2 (SP2), when running in a ...)
+ TODO: check
+CAN-2000-1216 (Buffer overflow in portmir for AIX 4.3.0 allows local users to corrupt ...)
+ TODO: check
+CAN-2000-1215 (The default configuration of Lotus Domino server 5.0.8 includes system ...)
+ TODO: check
+CAN-1999-1583 (Buffer overflow in nslookup for AIX 4.3 allows local users to execute ...)
+ TODO: check
+CAN-1999-1582 (By design, the "established" command on the Cisco PIX firewall allows ...)
+ TODO: check
+CAN-1999-1581 (Memory leak in Simple Network Management Protocol (SNMP) agent ...)
+ TODO: check
+CAN-1999-1580 (SunOS sendmail 5.59 through 5.65 uses popen to process a forwarding ...)
+ TODO: check
+CAN-1999-1579 (The Cenroll ActiveX control (xenroll.dll) for Terminal Server Editions ...)
+ TODO: check
+CAN-1999-1578 (Buffer overflow in Registration Wizard ActiveX control (regwizc.dll, ...)
+ TODO: check
+CAN-1999-1577 (Buffer overflow in HHOpen ActiveX control (hhopen.ocx) 1.0.0.1 for ...)
+ TODO: check
+CAN-1999-1576 (Buffer overflow in Adobe Acrobat ActiveX control (pdf.ocx, ...)
+ TODO: check
+CAN-1999-1575 (The Kodak/Wang (1) Image Edit (imgedit.ocx), (2) Image Annotation ...)
+ TODO: check
+CAN-1999-1574 (Buffer overflow in the lex routines of nslookup for AIX 4.3 may allow ...)
+ TODO: check
+CAN-1999-1573 (Multiple unknown vulnerabilities in the "r-cmnds" (1) remshd, (2) ...)
+ TODO: check
CAN-2005-XXXX [Minor directory traversal bugs in cpio and gzip]
- gzip (unfixed; bug #305255)
- cpio (unfixed)
@@ -78,10 +236,10 @@
- mozilla 1.7.7-1
CAN-2005-1158 (Multiple "missing security checks" in Firefox before 1.0.3 allow ...)
- mozilla-firefox 1.0.3-1
-CAN-2005-1157 (Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote ...)
+CAN-2005-1157 (Firefox before 1.0.3, Mozilla Suite before 1.7.7, and Netscape 7.2 ...)
- mozilla-firefox 1.0.3-1
- mozilla 1.7.7-1
-CAN-2005-1156 (Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote ...)
+CAN-2005-1156 (Firefox before 1.0.3, Mozilla Suite before 1.7.7, and Netscape 7.2 ...)
- mozilla-firefox 1.0.3-1
- mozilla 1.7.7-1
CAN-2005-1155 (The favicon functionality in Firefox before 1.0.3 and Mozilla Suite ...)
@@ -292,8 +450,8 @@
NOTE: reserved
CAN-2005-1062
NOTE: reserved
-CAN-2005-1061
- NOTE: reserved
+CAN-2005-1061 (The secure script in LogWatch before 2.6-2 allows attackers to prevent ...)
+ TODO: check
CAN-2005-1060 (Unknown vulnerability in the TCP/IP functionality (TCPIP.NLM) in ...)
NOTE: not-for-us (Novell Netware)
CAN-2005-1059 (Linksys WET11 1.5.4 allows remote attackers to change the password ...)
@@ -1091,12 +1249,11 @@
NOTE: reserved
CAN-2005-0756
NOTE: reserved
-CAN-2005-0755
- NOTE: reserved
+CAN-2005-0755 (Heap-based buffer overflow in RealPlayer 10 and earlier, Helix Player ...)
+ TODO: check
CAN-2005-0754
NOTE: reserved
CAN-2005-0753 [Buffer overflow and several memory access problems in CVS]
- NOTE: reserved
- cvs (unfixed; bug #305254)
CAN-2005-0752 [PLUGINSPAGE privileged javascript execution in Firefox]
- mozilla-firefox 1.0.3-1
@@ -1694,7 +1851,7 @@
NOTE: not-for-us (MSN Messenger)
CAN-2005-0561
NOTE: reserved
-CAN-2005-0560 (Heap-based buffer overflow in the SMTP service of Exchange Server 2000 ...)
+CAN-2005-0560 (Heap-based buffer overflow in the SvrAppendReceivedChunk function in ...)
NOTE: not-for-us (Exchange server)
CAN-2005-0559
NOTE: reserved
@@ -2736,7 +2893,8 @@
NOTE: not-for-us (Real)
CAN-2004-1480 (Unknown vulnerability in the management station in HP StorageWorks ...)
NOTE: not-for-us (HP StorageWorks Command View XP)
-CAN-2004-1479 (The Microsoft IIS Connector in JRun 4.0 and Macromedia ColdFusion MX ...)
+CAN-2004-1479
+ NOTE: rejected
NOTE: not-for-us (JRun 4.0 and Macromedia ColdFusion MX)
CAN-2004-1478 (JRun 4.0 does not properly generate and handle the JSESSIONID, which ...)
NOTE: not-for-us (JRun)
@@ -3745,8 +3903,8 @@
NOTE: reserved
CAN-2005-0036
NOTE: reserved
-CAN-2005-0035
- NOTE: reserved
+CAN-2005-0035 (The Acrobat web control in Adobe Acrobat and Acrobat Reader 7.0 and ...)
+ TODO: check
CAN-2005-0034 (An "incorrect assumption" in the authvalidated validator function in ...)
NOTE: only affects bind9 9.3.0, we have an earlier version
NOTE: fixed in 9.3.1
@@ -4343,7 +4501,7 @@
- samba 3.0.10-1
CAN-2004-1153 (Format string vulnerability in Adobe Acrobat Reader 6.0.0 through ...)
NOTE: not-for-us (Adobe Acrobat Reader)
-CAN-2004-1152 (Buffer overflow in the mailListIsPd function in Adobe Acrobat Reader ...)
+CAN-2004-1152 (Buffer overflow in the mailListIsPdf function in Adobe Acrobat Reader ...)
NOTE: not-for-us (Adobe Acrobat Reader)
CAN-2004-1151 (Multiple buffer overflows in the (1) sys32_ni_syscall and (2) ...)
NOTE: Fixed in upstream 2.6.10
@@ -4495,8 +4653,8 @@
NOTE: not-for-us (Apple MacOS)
CAN-2004-1083 (Apache for Apple Mac OS X 10.2.8 and 10.3.6 restricts access to files ...)
NOTE: not-for-us (Apple MacOS)
-CAN-2004-1082
- NOTE: reserved
+CAN-2004-1082 (mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does ...)
+ TODO: check
CAN-2004-1081 (The Application Framework (AppKit) for Apple Mac OS X 10.2.8 and ...)
NOTE: not-for-us (Apple MacOS)
CAN-2004-1080 (The WINS service (wins.exe) on Microsoft Windows NT Server 4.0, ...)
@@ -4742,8 +4900,7 @@
- iptables 1.2.11-4
CAN-2004-0985 (Internet Explorer 6.x on Windows XP SP2 allows remote attackers to ...)
NOTE: not-for-us (windows)
-CAN-2004-0984
- NOTE: reserved
+CAN-2004-0984 (Unknown vulnerability in the dotlock implementation in mailutils ...)
- mailutils 1:0.5-4
CAN-2004-0983 (The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows ...)
{DSA-586-1}
@@ -4883,8 +5040,8 @@
- samba 3.0.8-1
CAN-2004-0929 (Heap-based buffer overflow in the OJPEGVSetField function in ...)
NOTE: tiff3g was removed from debian
-CAN-2004-0928
- NOTE: reserved
+CAN-2004-0928 (The Microsoft IIS Connector in JRun 4.0 and Macromedia ColdFusion MX ...)
+ TODO: check
CAN-2004-0927 (ServerAdmin in Mac OS X 10.2.8 through 10.3.5 uses the same example ...)
NOTE: not-for-us (MacOS)
CAN-2004-0926 (Heap-based buffer overflow in Apple QuickTime on Mac OS 10.2.8 through ...)