[Secure-testing-commits] r359 - sarge-checks/CAN
SALVETTI Djoumé
djoume-guest@costa.debian.org
Sun, 06 Feb 2005 23:49:42 +0100
Author: djoume-guest
Date: 2005-02-06 23:49:40 +0100 (Sun, 06 Feb 2005)
New Revision: 359
Modified:
sarge-checks/CAN/list
Log:
* processed a few CAN left by "super quick" joeyh
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-02-06 20:14:16 UTC (rev 358)
+++ sarge-checks/CAN/list 2005-02-06 22:49:40 UTC (rev 359)
@@ -87,9 +87,9 @@
CAN-2005-0185 (Stack-based buffer overflow in NodeManager Professional 2.00 allows ...)
NOTE: not-for-us (NodeManager Professional)
CAN-2005-0184 (Directory traversal vulnerability in ftpfile in the Vacation plugin ...)
- TODO: check
+ NOTE: not-for-us (vacation plugin not in Debian)
CAN-2005-0183 (ftpfile in the Vacation plugin 0.15 and earlier for Squirrelmail ...)
- TODO: check
+ NOTE: not-for-us (vacation plugin not in Debian)
CAN-2005-0182 (The mod_dosevasive module 1.9 and earlier for Apache creates temporary ...)
NOTE: not-for-us (mod_dosevasive module for apache)
CAN-2005-0181
@@ -2132,7 +2132,8 @@
CAN-2004-0668 (Web Access in Lotus Domino 6.5.1 allows remote attackers to cause a ...)
NOTE: not-for-us (Lotus)
CAN-2004-0667 (Rule Set Based Access Control (RSBAC) 1.2.2 through 1.2.3 allows ...)
- TODO: kernel-patch-adamantix may contain the RSBAC patch, check
+ NOTE: kernel-patch-adamantix contain the RSBAC patch v1.2.2 and is vulnerable.
+ - kernel-patch-adamantix (unfixed, buf filed)
CAN-2004-0666 (Off-by-one error in the POP3_readmsg function in popclient 3.0b6 ...)
NOTE: not-for-us (popclient not in Debian)
CAN-2004-0665 (csFAQ.cgi in csFAQ allows remote attackers to gain sensitive ...)