[Secure-testing-commits] r448 - sarge-checks/CAN
Joey Hess
joeyh@costa.debian.org
Sat, 19 Feb 2005 09:14:22 +0100
Author: joeyh
Date: 2005-02-19 09:14:19 +0100 (Sat, 19 Feb 2005)
New Revision: 448
Modified:
sarge-checks/CAN/list
Log:
automatic CAN database update
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-02-19 01:21:40 UTC (rev 447)
+++ sarge-checks/CAN/list 2005-02-19 08:14:19 UTC (rev 448)
@@ -1,3 +1,121 @@
+CAN-2005-0469
+ NOTE: reserved
+CAN-2005-0468
+ NOTE: reserved
+CAN-2005-0467
+ NOTE: reserved
+CAN-2005-0466
+ NOTE: reserved
+CAN-2005-0465
+ NOTE: reserved
+CAN-2005-0464
+ NOTE: reserved
+CAN-2004-1544 (Cross-site scripting (XSS) vulnerability in Search.jsp in JSPWiki ...)
+ TODO: check
+CAN-2004-1543 (Directory traversal vulnerability in viewimg.php in KorWeblog ...)
+ TODO: check
+CAN-2004-1542 (Buffer overflow in Soldier of Fortune II 1.03 Gold and earlier allows ...)
+ TODO: check
+CAN-2004-1541 (SecureCRT 4.0, 4.1, and possibly other versions, allows remote ...)
+ TODO: check
+CAN-2004-1540 (ZyXEL Prestige 623, 650, and 652 HW Routers, and possibly other ...)
+ TODO: check
+CAN-2004-1539 (Halo: Combat Evolved 1.05 and earlier allows remote game servers to ...)
+ TODO: check
+CAN-2004-1538 (SQL injection vulnerability in include.php in PHPKIT 1.6.03 through ...)
+ TODO: check
+CAN-2004-1537 (Cross-site scripting (XSS) vulnerability in popup.php in PHPKIT 1.6.03 ...)
+ TODO: check
+CAN-2004-1536 (SQL injection vulnerability in index.php in the ibProArcade module for ...)
+ TODO: check
+CAN-2004-1535 (PHP remote code injection vulnerability in admin_cash.php for the Cash ...)
+ TODO: check
+CAN-2004-1534 (ZoneAlarm and ZoneAlarm Pro before 5.5.062, with ad-blocking enabled, ...)
+ TODO: check
+CAN-2004-1533 (Buffer overflow in pop3svr.exe for DMS POP3 1.5.3.27 and earlier ...)
+ TODO: check
+CAN-2004-1532 (AppServ 2.5.x and earlier installs a default username and password, ...)
+ TODO: check
+CAN-2004-1531 (SQL injection vulnerability in post.php in Invision Power Board (IPB) ...)
+ TODO: check
+CAN-2004-1530 (SQL injection vulnerability in the Event Calendar module 2.13 for ...)
+ TODO: check
+CAN-2004-1529 (Cross-site scripting (XSS) vulnerability in the Event Calendar module ...)
+ TODO: check
+CAN-2004-1528 (The Event Calendar module 2.13 for PHP-Nuke allows remote attackers to ...)
+ TODO: check
+CAN-2004-1527 (Microsoft Internet Explorer 6.0 SP1 does not properly handle certain ...)
+ TODO: check
+CAN-2004-1526 (Hired Team: Trial 2.0 and earlier and 2.200 does not limit how game ...)
+ TODO: check
+CAN-2004-1525 (Hired Team: Trial 2.0 and earlier and 2.200 allows remote attackers to cause ...)
+ TODO: check
+CAN-2004-1524 (Hired Team: Trial 2.0 and earlier and 2.200 allows remote attackers to ...)
+ TODO: check
+CAN-2004-1523 (Format string vulnerability in the game console in Hired Team: Trial ...)
+ TODO: check
+CAN-2004-1522 (Format string vulnerability in Army Men RTS 1.0 allows remote ...)
+ TODO: check
+CAN-2004-1521 (Eudora 6.2.0.14 does not issue a warning when a user forwards an ...)
+ TODO: check
+CAN-2004-1520 (Stack-based buffer overflow in IPSwitch IMail 8.13 allows remote ...)
+ TODO: check
+CAN-2004-1519 (SQL injection vulnerability in bug.php in phpBugTracker 0.9.1 allows ...)
+ TODO: check
+CAN-2004-1518 (SQL injection vulnerability in follow.php in Phorum 5.0.12 and earlier ...)
+ TODO: check
+CAN-2004-1517 (Zone Labs IMsecure and IMsecure Pro before 1.5 allow remote attackers ...)
+ TODO: check
+CAN-2004-1516 (CRLF injection vulnerability in index.php in phpWebSite 0.9.3-4 allows ...)
+ TODO: check
+CAN-2004-1515 (SQL injection vulnerability in (1) ttlast.php and (2) last10.php in ...)
+ TODO: check
+CAN-2004-1514 (04WebServer 1.42 allows remote attackers to cause a denial of service ...)
+ TODO: check
+CAN-2004-1513 (04WebServer 1.42 does not adequately filter data that is written to ...)
+ TODO: check
+CAN-2004-1512 (Cross-site scripting (XSS) vulnerability in Response_default.html in ...)
+ TODO: check
+CAN-2004-1511 (Hotfoon 4.0 does not notify users before opening links in web ...)
+ TODO: check
+CAN-2004-1510 (WebCalendar allows remote attackers to gain privileges by modifying ...)
+ TODO: check
+CAN-2004-1509 (validate.php in WebCalendar allows remote attackers to gain sensitive ...)
+ TODO: check
+CAN-2004-1508 (init.php in WebCalendar allows remote attackers to execute arbitrary ...)
+ TODO: check
+CAN-2004-1507 (CRLF injection vulnerability in login.php in WebCalendar allows remote ...)
+ TODO: check
+CAN-2004-1506 (Multiple cross-site scripting (XSS) vulnerabilities in WebCalendar ...)
+ TODO: check
+CAN-2004-1505 (Directory traversal vulnerability in index.php in Just Another Flat ...)
+ TODO: check
+CAN-2004-1504 (The displaycontent function in config.php for Just Another Flat file ...)
+ TODO: check
+CAN-2004-1503 (Integer overflow in the InitialDirContext in Java Runtime Environment ...)
+ TODO: check
+CAN-2004-1502 (The Telnet proxy in 602 Lan Suite 2004.0.04.0909 and earlier allows ...)
+ TODO: check
+CAN-2004-1501 (The webmail service in 602 Lan Suite 2004.0.04.0909 and earlier allows ...)
+ TODO: check
+CAN-2004-1500 (Format string vulnerability in the Lithtech engine, as used in ...)
+ TODO: check
+CAN-2004-1499 (Cross-site scripting (XSS) vulnerability in the compose message form ...)
+ TODO: check
+CAN-2004-1498 (SQL injection vulnerability in the compose message form in HELM 3.1.19 ...)
+ TODO: check
+CAN-2004-1497 (Web Forums Server 1.6 and 2.0 Power Pack stores passwords in plaintext ...)
+ TODO: check
+CAN-2004-1496 (Directory traversal vulnerability in Web Forums Server 1.6 and 2.0 ...)
+ TODO: check
+CAN-2004-1495 (The Repair Archive command in WinRAR 3.40 allows remote attackers to ...)
+ TODO: check
+CAN-2004-1494 (Buffer overflow in the Screen Fetch option in XDICT 2002 through 2005 ...)
+ TODO: check
+CAN-2004-1493 (Master of Orion III 1.2.5 and earlier allows remote attackers to cause ...)
+ TODO: check
+CAN-2004-1492 (Master of Orion III 1.2.5 and earlier allows remote attackers to cause ...)
+ TODO: check
CAN-2005-0463 (Unknown "major security flaws" in Ulog-php before 1.0, related to ...)
NOTE: not-for-us (ulog-php)
CAN-2005-0462 (Cross-site scripting (XSS) vulnerability in MercuryBoard 1.0.x and ...)
@@ -660,10 +778,10 @@
- postgresql 7.4.7-1
CAN-2005-0244 (PostgreSQL 8.0.0 and earlier allows local users to bypass the EXECUTE ...)
- postgresql 7.4.7-1
-CAN-2005-0243
- NOTE: reserved
-CAN-2005-0242
- NOTE: reserved
+CAN-2005-0243 (Yahoo! Messenger 6.0.0.1750, and possibly other versions before ...)
+ TODO: check
+CAN-2005-0242 (The Audio Setup Wizard (asw.dll) in Yahoo! Messenger 6.0.0.1750, and ...)
+ TODO: check
CAN-2005-0241 (The httpProcessReplyHeader function in http.c for Squid 2.5-STABLE7 ...)
- squid 2.5.7-7
CAN-2004-1394 (The pfexec function for Sun Solaris 8 and 9 does not properly handle ...)
@@ -947,8 +1065,7 @@
NOTE: reserved
CAN-2005-0159 (The tpkg-* scripts in the toolchain-source 3.0.4 package on Debian ...)
{DSA-679-1}
-CAN-2005-0158
- NOTE: reserved
+CAN-2005-0158 (Format string vulnerability in bidwatcher before 1.3.17 allows remote ...)
{DSA-687-1}
CAN-2005-0157
NOTE: reserved