[Secure-testing-commits] r1595 - data/CAN

Joey Hess joeyh at costa.debian.org
Tue Aug 16 09:14:19 UTC 2005 

Author: joeyh
Date: 2005-08-16 09:14:16 +0000 (Tue, 16 Aug 2005)
New Revision: 1595

Modified:
   data/CAN/list
Log:
automatic CAN database update

Modified: data/CAN/list
===================================================================
--- data/CAN/list	2005-08-16 08:17:15 UTC (rev 1594)
+++ data/CAN/list	2005-08-16 09:14:16 UTC (rev 1595)
@@ -1,3 +1,17 @@
+CAN-2005-2554 (The web server for Network Associates ePolicy Orchestrator Agent 3.5.0 ...)
+	TODO: check
+CAN-2005-2553 (The find_target function in ptrace32.c in the Linux kernel 2.4.x ...)
+	TODO: check
+CAN-2005-2552 (Unknown vulnerability in HP ProLiant DL585 servers running Integrated ...)
+	TODO: check
+CAN-2005-2551 (Buffer overflow in dhost.exe in iMonitor for Novell eDirectory 8.7.3 ...)
+	TODO: check
+CAN-2005-2550 (Format string vulnerability in Evolution 1.4 through 2.3.6.1 allows ...)
+	TODO: check
+CAN-2005-2549 (Multiple format string vulnerabilities in Evolution 1.5 through ...)
+	TODO: check
+CAN-2005-2547 (security.c in hcid for BlueZ 2.18 and earlier allows remote attackers ...)
+	TODO: check
 CAN-2005-XXXX [centericq embeds libgadu, which had multiple vulns]
 	NOTE: Will be split once the maintainer has investigated this
 	- centericq (unfixed; bug #323185; medium)
@@ -149,7 +163,7 @@
 	NOTE: unknown if really a bug; if it is it's different than the
 	NOTE: previous ssh delay bugs
 	- ssh (unfixed; bug #314645; low)
-CAN-2005-2548 [null pointer oops on udp packets]
+CAN-2005-2548 (vlan_dev.c in Linux kernel 2.6.8 allows remote attackers to cause a ...)
 	NOTE: Will appear in next kernel DSA, fixed in 2.6 since 2.6.9
 	- kernel-image-2.6.8-i386 (unfixed; bug #309308; low)
 	- linux-2.6 2.6.12-1 (low)
@@ -531,7 +545,7 @@
 	NOTE: ftpshut fixed in -19, SQLShowInfo in -20
 CAN-2005-2389 (NDMP server in Veritas NetBackup 5.1 allows attackers to cause a ...)
 	NOTE: not-for-us (Veritas NetBackup)
-CAN-2005-2388 (Buffer overflow in a certain USB driver, as used on Windows, allows ...)
+CAN-2005-2388 (Buffer overflow in a certain USB driver, as used on Microsoft Windows, ...)
 	NOTE: not-for-us (some windows USB driver)
 CAN-2005-2387 (Multiple stack-based buffer overflows in GoodTech SMTP server 5.16 ...)
 	NOTE: not-for-us (GoodTech SMTP server)
@@ -1395,7 +1409,7 @@
 CAN-2005-2232 (Buffer overflow in invscout in IBM AIX 5.1.0 through 5.3.0 might allow ...)
 	NOTE: not-for-us (AIX)
 CAN-2005-2231 (High Availability Linux Project Heartbeat 1.2.3 allows local users to ...)
-	{DSA-761-1}
+	{DSA-761-2}
 	- heartbeat 1.2.3-12 (medium)
 CAN-2005-2230 (Electronic Mail Operator (elmo) 1.3.2-r1 and earlier creates the ...)
 	- elmo 1.3.0-1.1 (bug #318291; medium)
@@ -2534,7 +2548,7 @@
 	NOTE: reserved
 CAN-2005-1984 (Buffer overflow in the Print Spooler service (Spoolsv.exe) for ...)
 	NOTE: not-for-us (Spoolsv.exe)
-CAN-2005-1983 (Buffer overflow in the Plug and Play (PnP) service for Microsoft ...)
+CAN-2005-1983 (Stack-based buffer overflow in the Plug and Play (PnP) service for ...)
 	NOTE: not-for-us (Microsoft)
 CAN-2005-1982 (Unknown vulnerability in the PKINIT Protocol for Microsoft Windows ...)
 	NOTE: not-for-us (Microsoft)
@@ -4026,8 +4040,7 @@
 	NOTE: reserved
 CAN-2005-1528
 	NOTE: reserved
-CAN-2005-1527 [Insufficient input validation in awstats]
-	NOTE: reserved
+CAN-2005-1527 (Direct dynamic code evaluation vulnerability in awstats.pl in AWStats ...)
 	- awstats 6.4-1 (unfixed; bug #322591; medium)
 CAN-2005-1526 (PHP file inclusion vulnerability in config_settings.php in Cacti ...)
 	{DSA-764-1}
@@ -12054,7 +12067,7 @@
 	NOTE: not-for-us (PHPX)
 CAN-2004-0247 (The client and server of Chaser 1.50 and earlier allow remote ...)
 	NOTE: not-for-us (Chaser)
-CAN-2004-0246 (Multiple PHP remote code injection vulnerabilities in (1) ...)
+CAN-2004-0246 (Multiple PHP remote file inclusion vulnerabilities in (1) ...)
 	NOTE: not-for-us (Les Commentaires)
 CAN-2004-0245 (Web Crossing 4.x and 5.x allows remote attackers to cause a denial of ...)
 	NOTE: not-for-us (Web Crossing)
@@ -12339,7 +12352,7 @@
 	NOTE: not-for-us (MacOS)
 CAN-2004-0087 (The System Configuration subsystem in Mac OS 10.2.8 and 10.3.2 allows ...)
 	NOTE: not-for-us (MacOS)
-CAN-2004-0086 (Unknown vulnerability in the Mail application for Mac OS X 10.3.2 with ...)
+CAN-2004-0086 (Unknown vulnerability in the Mail application for Mac OS X 10.3.2 has ...)
 	NOTE: not-for-us (MacOS)
 CAN-2004-0085 (Unknown vulnerability in the Mail application for Mac OS X 10.1.5 and ...)
 	NOTE: not-for-us (MacOS)

More information about the Secure-testing-commits mailing list