[Secure-testing-commits] r1612 - data/CAN
Joey Hess
joeyh at costa.debian.org
Fri Aug 19 19:15:34 UTC 2005
Author: joeyh
Date: 2005-08-19 19:15:30 +0000 (Fri, 19 Aug 2005)
New Revision: 1612
Modified:
data/CAN/list
Log:
process & claim
Modified: data/CAN/list
===================================================================
--- data/CAN/list 2005-08-19 18:59:51 UTC (rev 1611)
+++ data/CAN/list 2005-08-19 19:15:30 UTC (rev 1612)
@@ -84,36 +84,34 @@
NOTE: not-for-us (Ipswitch IMail)
CAN-2004-2400 (WinFTP Server 1.6 stores username and password credentials in ...)
NOTE: not-for-us (WinFTP Server)
-begin claimed by joeyh
CAN-2004-2399 (Secure Computing Corporation Sidewinder G2 6.1.0.01 allows remote ...)
- TODO: check
+ NOTE: not-for-us (Sidewinder)
CAN-2004-2398 (Netenberg Fantastico De Luxe 2.8 uses database file names that contain ...)
- TODO: check
+ NOTE: not-for-us (Netenberg Fantastico De Luxe)
CAN-2004-2397 (The web-based Management Console in Blue Coat Security Gateway OS 3.0 ...)
- TODO: check
+ NOTE: not-for-us (Blue Coat)
CAN-2004-2396 (passwd 0.68 does not check the return code for the pam_start function, ...)
- TODO: check
+ NOTE: shadow is a different code base, and does not have this problem
CAN-2004-2395 (Memory leak in passwd 0.68 allows local users to cause a denial of ...)
- TODO: check
+ NOTE: shadow is a different code base, and does not have this problem
CAN-2004-2394 (Off-by-one error in passwd 0.68 and earlier, when using the --stdin ...)
- TODO: check
+ NOTE: shadow is a different code base, and does not have this problem
CAN-2004-2393 (Java Secure Socket Extension (JSSE) 1.0.3 through 1.0.3_2 does not ...)
- TODO: check
+ NOTE: not-for-us (Sun JSSE)
CAN-2004-2392 (libuser 0.51.7, as used in Mandrake Linux 9.1 through 10.0 and ...)
- TODO: check
+ NOTE: not-for-us (libuser)
CAN-2004-2391 (Jabber Gadu-Gadu Transport (a.k.a. jabber-gg-transport) 2.0.x before ...)
- TODO: check
+ NOTE: not-for-us (jabber-gg-transport)
CAN-2004-2390 (The roster import functionality in Jabber Gadu-Gadu Transport ...)
- TODO: check
+ NOTE: not-for-us (jabber-gg-transport)
CAN-2004-2389 (Unknown vulnerability in Jabber Gadu-Gadu Transport ...)
- TODO: check
+ NOTE: not-for-us (jabber-gg-transport)
CAN-2003-1231 (Cross-site scripting (XSS) vulnerability in index.php in ECW-Shop 5.5 ...)
- TODO: check
+ NOTE: not-for-us (ECW-Shop)
CAN-2003-1230 (The implementation of SYN cookies (syncookies) in FreeBSD 4.5 through ...)
- TODO: check
+ NOTE: old freebsd
CAN-2003-1229 (X509TrustManager in (1) Java Secure Socket Extension (JSSE) in SDK and ...)
- TODO: check
-end claimed by joeyh
+ NOTE: not-for-us (Sun JSSE and JRE)
CAN-2005-2617 (The syscall32_setup_pages function in syscall32.c for Linux kernel ...)
TODO: check with kernel team (pinged on irc)
NOTE: amd64 specific DOS
@@ -200,6 +198,7 @@
NOTE: rejected
CAN-2005-2577 (Wyse Winterm 1125SE running firmware 4.2.09f or 4.4.061f allows remote ...)
NOTE: not-for-us (Wyse Winterm)
+begin claimed by joeyh
CAN-2005-2576 (CaLogic 1.22, and possibly earlier versions, allows remote attackers ...)
TODO: check
CAN-2005-2575 (SQL injection vulnerability in u2u.inc.php in XMB Forum 1.9.1 allows ...)
@@ -238,6 +237,7 @@
TODO: check
CAN-2005-2558 (Stack-based buffer overflow in the init_syms function in MySQL 4.0 ...)
TODO: check
+end claimed by joeyh
CAN-2005-2557
NOTE: reserved
- mantis 0.19.2-4 (low)
More information about the Secure-testing-commits
mailing list