[Secure-testing-commits] r1700 - data/CAN

Sun Aug 28 18:50:16 UTC 2005

Author: mhelas-guest
Date: 2005-08-28 18:50:13 +0000 (Sun, 28 Aug 2005)
New Revision: 1700

Modified:
   data/CAN/list
Log:
unclaimed my CANs as i am too busy ATM with other stuff.


Modified: data/CAN/list
===================================================================

--- data/CAN/list	2005-08-28 18:35:35 UTC (rev 1699)
+++ data/CAN/list	2005-08-28 18:50:13 UTC (rev 1700)
@@ -1774,7 +1774,6 @@
 CAN-2002-2050 (Directory traversal vulnerability in processor_web plugin for ModLogAn ...)
 	NOTE: fixed in 0.7.12-1
 	- modlogan 0.7.12-1 (low)
-begin claimed by zobel
 CAN-2002-2049 (configure for Dsniff 2.3, fragroute 1.2, and fragrouter 1.6, when ...)
 	TODO: check
 CAN-2002-2048 (Buffer overflow in PFinger 0.7.8 client allows remote attackers to ...)
@@ -1791,43 +1790,45 @@
 CAN-2002-2043 (SQL injection vulnerability in the LDAP and MySQL authentication patch ...)
 	TODO: check
 CAN-2002-2042 (ptrace in the QNX realtime operating system (RTOS) 4.25 and 6.1.0 ...)
-	TODO: check
+	NOTE: not-for-us (QNX)
 CAN-2002-2041 (Multiple buffer overflows in realtime operating system (RTOS) 6.1.0 ...)
-	TODO: check
+	NOTE: not-for-us (QNX)
 CAN-2002-2040 (The (1) phrafx and (2) phgrafx-startup programs in QNX realtime ...)
-	TODO: check
+	NOTE: not-for-us (QNX)
 CAN-2002-2039 (/bin/su in QNX realtime operating system (RTOS) 4.25 and 6.1.0 allows ...)
-	TODO: check
+	NOTE: not-for-us (QNX)
 CAN-2002-2038 (Next Generation POSIX Threading (NGPT) 1.9.0 uses a filesystem-based ...)
-	TODO: check
+	TODO: check, ISS says Linux: Linux Any version
+	NOTE: http://lists.debian.org/debian-user/2003/10/msg03627.html
 CAN-2002-2037 (The Cisco Media Gateway Controller (MGC) in (1) SC2200 7.4 and ...)
-	TODO: check
+	NOTE: not-for-us (Cisco)
 CAN-2002-2036 (Sun Ray Server Software (SRSS) 1.3, when Non-Smartcard Mobility (NSCM) ...)
-	TODO: check
+	NOTE: not-for-us (Sun)
 CAN-2002-2035 (SQL injection vulnerability in RealityScape MyLogin 2000 1.0.0 and ...)
-	TODO: check
+	NOTE: not-for-us (RealityScape)
 CAN-2002-2034 (The Email Sanitizer before 1.133 for Procmail allows remote attackers ...)
-	TODO: check
+	NOTE: not-for-us (Email Sanitizer)
 CAN-2002-2033 (faqmanager.cgi in FAQManager 2.2.5 and earlier allows remote attackers ...)
-	TODO: check
+	NOTE: not-for-us (FAQManager)
 CAN-2002-2032 (sql_layer.php in PHP-Nuke 5.4 and earlier does not restrict access to ...)
 	TODO: check
 CAN-2002-2031 (Internet Explorer 5.0, 5.0.1 and 5.5 with JavaScript execution enabled ...)
-	TODO: check
+	NOTE: not-for-us (Microsoft)
 CAN-2002-2030 (Stack-based buffer overflow in SQLData Enterprise Server 3.0 allows ...)
 	TODO: check
 CAN-2002-2029 (PHP, when installed on Windows with Apache and ScriptAlias for /php/ ...)
-	TODO: check
+	NOTE: not-for-us (PHP, Mircrosoft)
 CAN-2002-2028 (The screensaver on Windows NT 4.0, 2000, XP, and 2002 does not verify ...)
-	TODO: check
+	NOTE: not-for-us (Microsoft)
 CAN-2002-2027 (Database of Our Owlish Wisdom (DOOW) 0.1 through 0.2.1 does not ...)
 	TODO: check
 CAN-2002-2026 (Buffer overflow in BrowseFTP 1.62 client allows remote FTP servers to ...)
-	TODO: check
+	NOTE: not-for-us (BrowseFTP)
 CAN-2002-2025 (Lotus Domino server 5.0.9a and earlier allows remote attackers to ...)
-	TODO: check
+	NOTE: not-for-us (Lotus Domino)
 CAN-2002-2024 (Horde IMP 2.2.7 allows remote attackers to obtain the full web root ...)
-	TODO: check
+	NOTE: fixed in 3:2.2.6-5
+	- imp 3:2.2.6-5 (high)
 CAN-2002-2023 (The get_parameter_from_freqency_source function in beep2 1.0, 1.1 and ...)
 	TODO: check
 CAN-2002-2022 (Format string vulnerability in Kaffe OpenVM 1.0.6 and earlier allows ...)
@@ -1902,7 +1903,6 @@
 	TODO: check
 CAN-2002-1987 (Directory traversal vulnerability in view_source.jsp in Resin 2.1.2 ...)
 	TODO: check
-end claimed by zobel
 CAN-2001-1572 (The MAC module in Netfilter in Linux kernel 2.4.1 through 2.4.11, when ...)
 	NOTE: presumably fixed in linux 2.4.12
 CAN-2001-1571 (The Remote Desktop client in Windows XP sends the most recent user ...)


