[Secure-testing-commits] r391 - sarge-checks/CAN
Joey Hess
joeyh@costa.debian.org
Fri, 11 Feb 2005 09:14:24 +0100
Author: joeyh
Date: 2005-02-11 09:14:22 +0100 (Fri, 11 Feb 2005)
New Revision: 391
Modified:
sarge-checks/CAN/list
Log:
automatic CAN database update
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-02-10 20:14:18 UTC (rev 390)
+++ sarge-checks/CAN/list 2005-02-11 08:14:22 UTC (rev 391)
@@ -1,3 +1,181 @@
+CAN-2005-0348 (Directory traversal vulnerability in RealArcade 1.2.0.994 allows ...)
+ TODO: check
+CAN-2005-0347 (Integer overflow in RealArcade 1.2.0.994 and earlier allows remote ...)
+ TODO: check
+CAN-2005-0346 (SafeNet SoftRemote VPN Client stores the VPN password (pre-shared key) ...)
+ TODO: check
+CAN-2005-0345 (viewthread.php in php-fusion 4.x does not check the (1) forum_id or ...)
+ TODO: check
+CAN-2005-0344 (Directory traversal vulnerability in 602LAN SUITE 2004.0.04.1221 ...)
+ TODO: check
+CAN-2005-0343 (SQL injection vulnerability in PerlDesk 1.x allows remote attackers to ...)
+ TODO: check
+CAN-2005-0342 (The Finder in Mac OS X and earlier allows local users to overwrite ...)
+ TODO: check
+CAN-2005-0341 (Apple Safari 1.2.4 does not obey the Content-type field in the HTTP ...)
+ TODO: check
+CAN-2005-0340 (Integer signedness error in Apple File Service (AFP Server) allows ...)
+ TODO: check
+CAN-2005-0339 (Buffer overflow in Foxmail 2.0 allows remote attackers to cause a ...)
+ TODO: check
+CAN-2005-0338 (Buffer overflow in Savant Web Server 3.1 allows remote attackers to ...)
+ TODO: check
+CAN-2005-0337 (Postfix 2.1.3, when /proc/net/if_inet6 is not available and ...)
+ TODO: check
+CAN-2005-0336 (Cross-site scripting (XSS) vulnerability in EMotion MediaPartner Web ...)
+ TODO: check
+CAN-2005-0335 (Directory traversal vulnerability in EMotion MediaPartner Web Server ...)
+ TODO: check
+CAN-2005-0334 (Linksys PSUS4 running firmware 6032 allows remote attackers to cause a ...)
+ TODO: check
+CAN-2005-0333 (LANChat Pro Revival 1.666c allows remote attackers to cause a denial ...)
+ TODO: check
+CAN-2005-0332 (Directory traversal vulnerability in DeskNow Mail and Collaboration ...)
+ TODO: check
+CAN-2005-0331 (Directory traversal vulnerability in WinRAR 3.42 and earlier, when the ...)
+ TODO: check
+CAN-2005-0330 (Buffer overflow in Painkiller 1.35 and earlier, and possibly other ...)
+ TODO: check
+CAN-2005-0329 (Directory traversal vulnerability in ZipGenius 5.5 and earlier allows ...)
+ TODO: check
+CAN-2005-0328 (Zyxel P310, P314, P324 and Netgaear RT311, RT314 running the latest ...)
+ TODO: check
+CAN-2005-0327 (pafiledb.php in Pafiledb 3.1 may allow remote attackers to execute ...)
+ TODO: check
+CAN-2005-0326 (pafiledb.php in PaFileDB 3.1 allows remote attackers to gain sensitive ...)
+ TODO: check
+CAN-2005-0325 (Xpand Rally 1.0.0.0 allows remote attackers or remote malicious game ...)
+ TODO: check
+CAN-2005-0324 (Infinite Mobile Delivery Webmail 2.6 allows remote attackers to gain ...)
+ TODO: check
+CAN-2005-0323 (Cross-site scripting (XSS) vulnerability in Infinite Mobile Delivery ...)
+ TODO: check
+CAN-2005-0322 (MERAK Mail Server 7.6.0 with Icewarp Web Mail 5.3.0 and Mail Server ...)
+ TODO: check
+CAN-2005-0321 (MERAK Mail Server 7.6.0 with Icewarp Web Mail 5.3.0 allows remote ...)
+ TODO: check
+CAN-2005-0320 (Multiple cross-site scripting vulnerabilities in MERAK Mail Server ...)
+ TODO: check
+CAN-2005-0319 (Direct remote injection vulnerability in modalfram.wdm in Alt-N ...)
+ TODO: check
+CAN-2005-0318 (useredit_account.wdm in Alt-N WebAdmin 3.0.4 does not properly ...)
+ TODO: check
+CAN-2005-0317 (Cross-site scripting (XSS) vulnerability in useredit_account.wdm in ...)
+ TODO: check
+CAN-2005-0316 (WebWasher Classic 2.2.1 and 3.3, when running in server mode, does not ...)
+ TODO: check
+CAN-2005-0315 (The FTP service in Magic Winmail Server 4.0 Build 1112 does not verify ...)
+ TODO: check
+CAN-2005-0314 (Cross-site scripting (XSS) vulnerability in user.php in Magic Winmail ...)
+ TODO: check
+CAN-2005-0313 (Multiple directory traversal vulnerabilities in Magic Winmail Server ...)
+ TODO: check
+CAN-2005-0312 (WarFTPD 1.82 RC9, when running as an NT service, allows remote ...)
+ TODO: check
+CAN-2005-0311 (Ingate Firewall 4.1.3 and earlier does not terminate the PPTP session ...)
+ TODO: check
+CAN-2005-0310 (Exponent 0.95 allows remote attackers to obtain sensitive information ...)
+ TODO: check
+CAN-2005-0309 (Multiple cross-site scripting (XSS) vulnerabilities in (1) index.php ...)
+ TODO: check
+CAN-2005-0308 (Buffer overflow in the wsprintf function in W32Dasm 8.93 and earlier ...)
+ TODO: check
+CAN-2005-0307 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+ TODO: check
+CAN-2005-0306 (MercuryBoard 1.1.1 allows remote attackers to gain sensitive ...)
+ TODO: check
+CAN-2005-0305 (CRLF injection vulnerability in users.php in Siteman 1.1.10 and ...)
+ TODO: check
+CAN-2005-0304 (Directory traversal vulnerability in DivX Player 2.6 and earlier ...)
+ TODO: check
+CAN-2005-0303 (Multiple cross-site scripting (XSS) vulnerabilities in (1) ...)
+ TODO: check
+CAN-2005-0302 (SQL injection vulnerability in default.asp in BackOffice Lite 6.0 and ...)
+ TODO: check
+CAN-2005-0301 (comersus_backoffice_install10.asp in BackOffice Lite 6.0 and 6.01 ...)
+ TODO: check
+CAN-2005-0300 (Directory traversal vulnerability in session.php in JSBoard 2.0.9 and ...)
+ TODO: check
+CAN-2005-0299 (Directory traversal vulnerability in GForge 3.3 and earlier allows ...)
+ TODO: check
+CAN-2005-0298 (The DIRECTORY objects in Oracle 8i through Oracle 10g contain the ...)
+ TODO: check
+CAN-2005-0297 (SQL injection vulnerability in Oracle Database 9i and 10g allows ...)
+ TODO: check
+CAN-2005-0296 (The error module in Novell GroupWise WebAccess allows remote attackers ...)
+ TODO: check
+CAN-2005-0295 (npptnt2.sys in nProtect Gameguard provides unrestricted I/O to any ...)
+ TODO: check
+CAN-2005-0294 (minis.php in Minis 0.2.1 allows remote attackers to cause a denial of ...)
+ TODO: check
+CAN-2005-0293 (Directory traversal vulnerability in minis.php in Minis 0.2.1 allows ...)
+ TODO: check
+CAN-2005-0292 (Multiple SQL injection vulnerabilities in index.php in PHP Gift ...)
+ TODO: check
+CAN-2005-0291 (Cross-site scripting (XSS) vulnerability in the log viewer in NETGEAR ...)
+ TODO: check
+CAN-2005-0290 (NETGEAR FVS318 running firmware 2.4, and possibly other versions, ...)
+ TODO: check
+CAN-2005-0289 (Apple AirPort Express prior to 6.1.1 and Extreme prior to 5.5.1, ...)
+ TODO: check
+CAN-2005-0288 (The change password functionality in Bottomline Webseries Payment ...)
+ TODO: check
+CAN-2005-0287 (Bottomline Webseries Payment Application allows remote attackers to ...)
+ TODO: check
+CAN-2005-0286 (eMotion MediaPartner Web Server 5.0 and 5.1 allows remote attackers to ...)
+ TODO: check
+CAN-2005-0285 (Webseries Payment Application does not properly restrict privileged ...)
+ TODO: check
+CAN-2005-0284 (SQL injection vulnerability in addentry.php in Woltlab Burning Book ...)
+ TODO: check
+CAN-2005-0283 (Directory traversal vulnerability in index.php in QwikiWiki allows ...)
+ TODO: check
+CAN-2005-0282 (SQL injection vulnerability in member.php in MyBB allows remote ...)
+ TODO: check
+CAN-2005-0281 (Cross-site scripting (XSS) vulnerability in the web interface in ...)
+ TODO: check
+CAN-2005-0280 (Format string vulnerability in Soldner Secret Wars 30830 and earlier ...)
+ TODO: check
+CAN-2005-0279 (Soldner Secret Wars 30830 and earlier does not properly handle the ...)
+ TODO: check
+CAN-2005-0278 (The FTP service in 3Com 3CDaemon 2.0 revision 10 allows remote ...)
+ TODO: check
+CAN-2005-0277 (The FTP service in 3Com 3CDaemon 2.0 revision 10 allows remote ...)
+ TODO: check
+CAN-2005-0276 (Multiple format string vulnerabilities in the FTP service in 3Com ...)
+ TODO: check
+CAN-2005-0275 (TFTP in 3Com 3CDaemon 2.0 revision 10 allows remote attackers to cause ...)
+ TODO: check
+CAN-2005-0274 (Multiple cross-site scripting (XSS) vulnerabilities in showgallery.php ...)
+ TODO: check
+CAN-2005-0273 (Multiple SQL injection vulnerabilities in showgallery.php in PhotoPost ...)
+ TODO: check
+CAN-2005-0272 (ReviewPost PHP Pro before 2.84 allows remote attackers to upload and ...)
+ TODO: check
+CAN-2005-0271 (Multiple SQL injection vulnerbilities in ReviewPost PHP Pro before ...)
+ TODO: check
+CAN-2005-0270 (Multiple cross-site scripting (XSS) vulnerabilities in ReviewPost PHP ...)
+ TODO: check
+CAN-2005-0269 (The file extention check in GNUBoard 3.40 and earlier only verifies ...)
+ TODO: check
+CAN-2005-0268 (Direct code injection vulnerability in FlatNuke 2.5.1 allows remote ...)
+ TODO: check
+CAN-2005-0267 (index.php in FlatNuke 2.5.1 allows remote attackers to create an ...)
+ TODO: check
+CAN-2005-0266 (Cross-site scripting (XSS) vulnerability in index.php in SugarCRM 1.X ...)
+ TODO: check
+CAN-2005-0265 (Multiple SQL injection vulnerabilities in browse.php in OWL 0.7 and ...)
+ TODO: check
+CAN-2005-0264 (Multiple cross-site scripting (XSS) vulnerabilities in browse.php in ...)
+ TODO: check
+CAN-2005-0263 (Buffer overflow in netpmon on AIX 5.2, and possibly earlier versions, ...)
+ TODO: check
+CAN-2005-0262 (Buffer overflow in ipl_varyon on AIX 5.2, 5.3, and possibly earlier ...)
+ TODO: check
+CAN-2005-0261 (lspath in AIX 5.2, 5.3, and possibly earlier versions, does not drop ...)
+ TODO: check
+CAN-2005-0260 (Stack-based buffer overflow in the Discovery Service for BrightStor ...)
+ TODO: check
CAN-2005-0259
NOTE: reserved
CAN-2005-0258
@@ -135,8 +313,8 @@
- mozilla-firefox 1.0+dfsg.1-6
CAN-2005-0231 (Firefox 1.0 does not invoke the Javascript Security Manager when a ...)
- mozilla-firefox 1.0+dfsg.1-6
-CAN-2005-0230
- NOTE: reserved
+CAN-2005-0230 (Firefox 1.0 does not prevent the user from dragging an executable file ...)
+ TODO: check
CAN-2005-0229
NOTE: reserved
CAN-2005-0228
@@ -439,7 +617,7 @@
- evolution 2.0.3-1.2
CAN-2005-0101 (Buffer overflow in the socket_getline function in Newspost 2.1.1 and ...)
- newspost 2.1.1-2
-CAN-2005-0100 (Format string vulnerability in the movemail utility in Emacs 21.3 ...)
+CAN-2005-0100 (Format string vulnerability in the movemail utility in (1) Emacs 20.x, ...)
{DSA-671-1 DSA-670-1}
- emacs21 21.3+1-9
- xemacs21 21.4.16-2
@@ -467,8 +645,8 @@
NOTE: reserved
CAN-2005-0089 (The SimpleXMLRPCServer library module in Python 2.2, 2.3 before 2.3.5, ...)
{DSA-666-1}
-CAN-2005-0088
- NOTE: reserved
+CAN-2005-0088 (The publisher handler for mod_python 2.7.8 and earlier allows remote ...)
+ TODO: check
CAN-2005-0087
NOTE: reserved
CAN-2005-0086 (Heap-based buffer overflow in less in Red Hat Enterprise Linux 3 ...)
@@ -504,8 +682,7 @@
{DSA-660-1}
CAN-2005-0077 (The DBI library (libdbi-perl) for Perl allows local users to overwrite ...)
{DSA-658-1}
-CAN-2005-0076
- NOTE: reserved
+CAN-2005-0076 (Multiple buffer overflows in the XView library 3.2 may allow local ...)
{DSA-672-1}
CAN-2005-0075 (prefs.php in SquirrelMail before 1.4.4, with register_globals enabled, ...)
- squirrelmail 2:1.4.4-1