[Secure-testing-commits] r449 - sarge-checks/CAN
SALVETTI Djoumé
djoume-guest@costa.debian.org
Sat, 19 Feb 2005 11:27:23 +0100
Author: djoume-guest
Date: 2005-02-19 11:27:20 +0100 (Sat, 19 Feb 2005)
New Revision: 449
Modified:
sarge-checks/CAN/list
Log:
* set bug number and claimed some CAN
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-02-19 08:14:19 UTC (rev 448)
+++ sarge-checks/CAN/list 2005-02-19 10:27:20 UTC (rev 449)
@@ -10,6 +10,7 @@
NOTE: reserved
CAN-2005-0464
NOTE: reserved
+begin claimed by djoume
CAN-2004-1544 (Cross-site scripting (XSS) vulnerability in Search.jsp in JSPWiki ...)
TODO: check
CAN-2004-1543 (Directory traversal vulnerability in viewimg.php in KorWeblog ...)
@@ -116,6 +117,7 @@
TODO: check
CAN-2004-1492 (Master of Orion III 1.2.5 and earlier allows remote attackers to cause ...)
TODO: check
+end claimed by djoume
CAN-2005-0463 (Unknown "major security flaws" in Ulog-php before 1.0, related to ...)
NOTE: not-for-us (ulog-php)
CAN-2005-0462 (Cross-site scripting (XSS) vulnerability in MercuryBoard 1.0.x and ...)
@@ -154,9 +156,9 @@
NOTE: not-for-us (Sami HTTP Server)
CAN-2005-0449 (The netfilter/iptables module in Linux before 2.6.8.1 allows remote ...)
NOTE: According to Herbert Xu, 2.4 is not vulnerable : http://oss.sgi.com/archives/netdev/2005-01/msg01107.html
- - kernel-source-2.6.8 (unfixed; bug filed)
- - kernel-source-2.6.9 (unfixed; bug filed)
- - kernel-source-2.6.10 (unfixed; bug filed)
+ - kernel-source-2.6.8 (unfixed; bug #295949)
+ - kernel-source-2.6.9 (unfixed; bug #295948)
+ - kernel-source-2.6.10 (unfixed; bug #295947)
CAN-2005-0448
NOTE: reserved
CAN-2005-0430 (The Quake 3 engine, as used in multiple game packages, allows remote ...)