[Secure-testing-commits] r1642 - data/CAN
Joey Hess
joeyh at costa.debian.org
Thu Aug 25 02:28:37 UTC 2005
Author: joeyh
Date: 2005-08-25 02:28:33 +0000 (Thu, 25 Aug 2005)
New Revision: 1642
Modified:
data/CAN/list
Log:
checked new batch
Modified: data/CAN/list
===================================================================
--- data/CAN/list 2005-08-24 21:48:44 UTC (rev 1641)
+++ data/CAN/list 2005-08-25 02:28:33 UTC (rev 1642)
@@ -1,44 +1,43 @@
CAN-2005-2684 (nquser.php in Virtual Edge Netquery 3.11 allows remote attackers to ...)
- TODO: check
+ NOTE: not-for-us (Virtual Edge Netquery)
CAN-2005-2683 (SQL injection vulnerability in include.php in PHPKit 1.6.1 allow ...)
- TODO: check
+ NOTE: not-for-us (PHPKit)
CAN-2005-2682 (aspell_setup.php in the SpellChecker plugin in DTLink AreaEdit before ...)
- TODO: check
+ NOTE: not-for-us (DTLink AreaEdit)
CAN-2005-2681 (Unspecified vulnerability in the command line processing (CLI) logic ...)
- TODO: check
+ NOTE: not-for-us (Cisco)
CAN-2005-2680 (Unspecified vulnerability in BEA WebLogic Portal 8.1 through SP4, when ...)
- TODO: check
+ NOTE: not-for-us (BEA WebLogic Portal)
CAN-2005-2679 (Buffer overflow in Sysinternals Process Explorer 9.23, and other ...)
- TODO: check
+ NOTE: not-for-us (Sysinternals Process Explorer)
CAN-2005-2678 (Microsoft IIS 5.1 and 6 allows remote attackers to spoof the ...)
- TODO: check
+ NOTE: not-for-us (MSIE)
CAN-2005-2677 (ACNews stores the database in a file under the web document root with ...)
- TODO: check
+ NOTE: not-for-us (ACNews)
CAN-2005-2676 (Cross-site scripting (XSS) vulnerability in displayimage.php in ...)
- TODO: check
+ NOTE: not-for-us (Coppermine)
CAN-2005-2675 (** DISPUTED ** Note: the vendor has disputed this issue. ...)
- TODO: check
+ NOTE: not-for-us (Land Down Under)
CAN-2005-2674 (** DISPUTED ** Note: the vendor has disputed this issue. ...)
- TODO: check
+ NOTE: not-for-us (Land Down Under)
CAN-2005-2673 (SQL injection vulnerability in modcp.php in WoltLab Burning Board ...)
- TODO: check
+ NOTE: not-for-us (Burning Board)
CAN-2005-2671
NOTE: rejected
- TODO: check
CAN-2005-2670 (Directory traversal vulnerability in HAURI Anti-Virus products ...)
- TODO: check
+ NOTE: not-for-us (HAURI)
CAN-2005-2669 (Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 ...)
- TODO: check
+ NOTE: not-for-us (Computer Associates)
CAN-2005-2668 (Multiple buffer overflows in Computer Associates (CA) Message Queuing ...)
- TODO: check
+ NOTE: not-for-us (Computer Associates)
CAN-2005-2667 (Unknown vulnerability in Computer Associates (CA) Message Queuing (CAM ...)
- TODO: check
+ NOTE: not-for-us (Computer Associates)
CAN-2005-2666 (SSH, as implemented in OpenSSH before 4.0 and possibly other ...)
- TODO: check
+ - openssh 1:4.0p1-1 (low)
CAN-2005-2665 (Stack-based buffer overflow in expires.c in Elm 2.5 PL5 through PL7, ...)
- TODO: check
+ NOTE: elm-me+ is no longer in unstable or testing
CAN-2005-2664 (Whisper 32 1.16, and possibly earlier versions, stores passwords in ...)
- TODO: check
+ NOTE: not-for-us (Whisper)
CAN-2005-2663
NOTE: reserved
CAN-2005-2662
@@ -783,7 +782,7 @@
NOTE: Does not affect 2.6.8 or 2.4.27, fixed in current 2.6.12 kernels
- linux-2.6 2.6.12-1 (medium)
CAN-2005-2499 (slocate before 2.7 does not properly process very long paths, which ...)
- TODO: check
+ - slocate (unfixed; bug filed; low)
CAN-2005-2498 (Eval injection vulnerability in PHPXMLRPC 1.1.1 and earlier (PEAR ...)
- drupal (unfixed; bug #323347; high)
- phpgroupware (unfixed; bug #323349; high)
More information about the Secure-testing-commits
mailing list