[Secure-testing-commits] r466 - sarge-checks/CAN
SALVETTI Djoumé
djoume-guest@costa.debian.org
Tue, 22 Feb 2005 15:22:29 +0100
Author: djoume-guest
Date: 2005-02-22 15:22:27 +0100 (Tue, 22 Feb 2005)
New Revision: 466
Modified:
sarge-checks/CAN/list
Log:
* processed my block
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-02-22 13:18:28 UTC (rev 465)
+++ sarge-checks/CAN/list 2005-02-22 14:22:27 UTC (rev 466)
@@ -239,120 +239,120 @@
- proftpd 1.2.10-4
CAN-2004-1601 (Directory traversal vulnerability in index.php in CoolPHP 1.0-stable ...)
NOTE: not-for-us (coolphp)
-begin claimed by djoume
CAN-2004-1600 (index.php in CoolPHP 1.0-stable allows remote attackers to gain ...)
- TODO: check
+ NOTE: not-for-us (CoolPHP)
CAN-2004-1599 (Cross-site scripting (XSS) vulnerability in index.php in CoolPHP ...)
- TODO: check
+ NOTE: not-for-us (CoolPHP)
CAN-2004-1598 (Adobe Acrobat and Acrobat Reader 6.0 allow remote attackers to read ...)
- TODO: check
+ NOTE: not-for-us (Acrobat)
CAN-2004-1597 (RIM Blackberry 7230 running RIM Blackberry OS 3.7 SP1 allows remote ...)
- TODO: check
+ NOTE: not-for-us (RIM Blackberry)
CAN-2004-1596 (The 3COM Wireless router 3CRADSL72 running Boot Code 1.3d allows ...)
- TODO: check
+ NOTE: not-for-us (3COM router)
CAN-2004-1595 (Buffer overflow in ShixxNote 6.net build 117 allows remote attackers ...)
- TODO: check
+ NOTE: not-for-us (ShixxNote)
CAN-2004-1594 (Cross-site scripting (XSS) vulnerability in FuseTalk 4.0 allows remote ...)
- TODO: check
+ NOTE: not-for-us (FuseTalk)
CAN-2004-1593 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOTE: not-for-us (SCT email client)
CAN-2004-1592 (PHP remote code injection vulnerability in index.php in ocPortal 1.0.3 ...)
- TODO: check
+ NOTE: not-for-us (ocPortal)
CAN-2004-1591 (The web interface for Micronet Wireless Broadband Router SP916BM ...)
- TODO: check
+ NOTE: not-for-us (Micronet Wireless Router)
CAN-2004-1590 (Clientexec allows remote attackers to gain sensitive information via ...)
- TODO: check
+ NOTE: not-for-us (clientexec)
CAN-2004-1589 (Cross-site scripting (XSS) vulnerability in GoSmart Message Board ...)
- TODO: check
+ NOTE: not-for-us (GoSmart)
CAN-2004-1588 (SQL injection vulnerability in GoSmart Message Board allows remote ...)
- TODO: check
+ NOTE: not-for-us (GoSmart)
CAN-2004-1587 (Buffer overflow in Monolith games including (1) Alien versus Predator ...)
- TODO: check
+ NOTE: not-for-us (Monolith Games)
CAN-2004-1586 (Flash Messaging clients can ignore disconnecting commands such as ...)
- TODO: check
+ NOTE: not-for-us (Flash Messaging)
CAN-2004-1585 (Flash Messaging 5.2.0g (rev 1.1.2) and earlier allows remote attackers ...)
- TODO: check
+ NOTE: not-for-us (Flash Messaging)
CAN-2004-1584 (CRLF injection vulnerability in wp-login.php in WordPress 1.2 allows ...)
- TODO: check
+ - wordpress 1.2.1-1.1
CAN-2004-1583 (Directory traversal vulnerability in the FTP server in TriDComm 1.3 ...)
- TODO: check
+ NOTE: not-for-us (FTP server in TriDComm)
CAN-2004-1582 (PHP remote code injection vulnerability in BlackBoard 1.5.1 allows ...)
- TODO: check
+ NOTE: not-for-us (BlackBoard)
CAN-2004-1581 (BlackBoard 1.5.1 allows remote attackers to gains sensitive ...)
- TODO: check
+ NOTE: not-for-us (BlackBoard)
CAN-2004-1580 (SQL injection vulnerability in index.php in CubeCart 2.0.1 allows ...)
- TODO: check
+ NOTE: not-for-us (CubeCart)
CAN-2004-1579 (index.php in CubeCart 2.0.1 allows remote attackers to gain sensitive ...)
- TODO: check
+ NOTE: not-for-us (CubeCart)
CAN-2004-1578 (Cross-site scripting (XSS) vulnerability in index.php in Invision ...)
- TODO: check
+ NOTE: not-for-us (Invision Power Board)
CAN-2004-1577 (index.php in PHP Links allows remote attackers to gain sensitive ...)
- TODO: check
+ NOTE: not-for-us (phplinks)
CAN-2004-1576 (Format string vulnerability in Judge Dredd: Dredd vs. Death 1.01 and ...)
- TODO: check
+ NOTE: not-for-us (Judge Dredd)
CAN-2004-1575 (The XML parser in Xerces-C++ 2.5.0 allows remote attackers to cause a ...)
- TODO: check
+ - xerces25 (unfixed; bug filed)
+ NOTE: xerces24, xerces23, xerces22, xerces21 could also be concerned by this
+ NOTE: I have noticed it in the bug report agains xerces25 -- Djoume
CAN-2004-1574 (Buffer overflow in Vypress Messenger 3.5.1 and earlier allows remote ...)
- TODO: check
+ NOTE: not-for-us (Vypress)
CAN-2004-1573 (The documentation for AJ-Fork 167 implies that users should set ...)
- TODO: check
+ NOTE: not-for-us (AJ-Fork)
CAN-2004-1572 (AJ-Fork 167 does not restrict access to directories such as (1) data, ...)
- TODO: check
+ NOTE: not-for-us (AJ-Fork)
CAN-2004-1571 (AJ-Fork 167 allows remote attackers to gain sensitive information via ...)
- TODO: check
+ NOTE: not-for-us (AJ-Fork)
CAN-2004-1570 (SQL injection vulnerability in bBlog 0.7.2 and 0.7.3 allows remote ...)
- TODO: check
+ NOTE: not-for-us (bBlog)
CAN-2004-1569 (Buffer overflow in (1) MusicConverter.exe, (2) playlist.exe, and (3) ...)
- TODO: check
+ NOTE: not-for-us (dbPowerAmp)
CAN-2004-1568 (Directory traversal vulnerability in ParaChat Server 5.5 allows remote ...)
- TODO: check
+ NOTE: not-for-us (Parachat)
CAN-2004-1567 (profile.php in Silent Storm Portal 2.1 and 2.2 allows remote attackers ...)
- TODO: check
+ NOTE: not-for-us (Silent Storm Portal)
CAN-2004-1566 (Cross-site scripting (XSS) vulnerability in index.php in Silent Storm ...)
- TODO: check
+ NOTE: not-for-us (Silent Storm Portal)
CAN-2004-1565 (list.php in w-Agora 4.1.6a allows remote attackers to reveal the full ...)
- TODO: check
+ NOTE: not-for-us (w-Agora)
CAN-2004-1564 (CRLF injection vulnerability in subscribe_thread.php in w-Agora 4.1.6a ...)
- TODO: check
+ NOTE: not-for-us (w-Agora)
CAN-2004-1563 (Multiple cross-site scripting (XSS) vulnerabilities in w-Agora 4.1.6a allow ...)
- TODO: check
+ NOTE: not-for-us (w-Agora)
CAN-2004-1562 (SQL injection vulnerability in redir_url.php in w-Agora 4.1.6a allows ...)
- TODO: check
+ NOTE: not-for-us (w-Agora)
CAN-2004-1561 (Buffer overflow in Icecast 2.0.1 and earlier allows remote attackers ...)
- TODO: check
+ - icecast2 2.0.2.debian-1
CAN-2004-1560 (Microsoft SQL Server 7.0 allows remote attackers to cause a denial of ...)
- TODO: check
+ NOTE: not-for-us (Microsoft SQL Server)
CAN-2004-1559 (Multiple cross-site scripting (XSS) vulnerabilities in Wordpress 1.2 ...)
- TODO: check
+ - wordpress 1.2.2-1.1
CAN-2004-1558 (Multiple stack-based buffer overflows in YahooPOPS 0.4 through 0.6 ...)
- TODO: check
+ NOTE: not-for-us (YahooPOPS)
CAN-2004-1557 (MyWebServer 1.0.3 allows remote attackers to bypass authentication, ...)
- TODO: check
+ NOTE: not-for-us (MyWebServer)
CAN-2004-1556 (MyWebServer 1.0.3 allows remote attackers to cause a denial of service ...)
- TODO: check
+ NOTE: not-for-us (MyWebServer)
CAN-2004-1555 (Multiple SQL injection vulnerabilities in BroadBoard Instant ASP ...)
- TODO: check
+ NOTE: not-for-us (BroadBoard Instant ASP Message Board)
CAN-2004-1554 (PHP remote code injection vulnerability in livre_include.php in @lex ...)
- TODO: check
+ NOTE: not-for-us (@lex GuestBook)
CAN-2004-1553 (SQL injection vulnerability in aspWebAlbum allows remote attackers to ...)
- TODO: check
+ NOTE: not-for-us (aspWebAlbum)
CAN-2004-1552 (SQL injection vulnerability in aspWebCalendar allows remote attackers ...)
- TODO: check
+ NOTE: not-for-us (aspWebCalendar)
CAN-2004-1551 (Cross-site scripting (XSS) vulnerability in the (1) email, (2) ...)
- TODO: check
+ NOTE: not-for-us (PafileDB)
CAN-2004-1550 (Motorola Wireless Router WR850G running firmware 4.03 allows remote ...)
- TODO: check
+ NOTE: not-for-us (Motorola Router)
CAN-2004-1549 (The conference menu in ActivePost Standard 3.1 sends passwords of ...)
- TODO: check
+ NOTE: not-for-us (ActivePost)
CAN-2004-1548 (Directory traversal vulnerability in the file server in ActivePost ...)
- TODO: check
+ NOTE: not-for-us (ActivePost)
CAN-2004-1547 (The file server in ActivePost Standard 3.1 and earlier allows remote ...)
- TODO: check
+ NOTE: not-for-us (ActivePost)
CAN-2004-1546 (Multiple buffer overflows in MDaemon 6.5.1 allow remote attackers to ...)
- TODO: check
+ NOTE: not-for-us (MDaemon)
CAN-2004-1545 (UploadFile.php in MoniWiki 1.0.9.2 and earlier, when used with Apache ...)
- TODO: check
-end claimed by djoume
+ - moniwiki 1.0.9-4
CAN-2005-0487 (Cross-site scripting (XSS) vulnerability in index.php for Kayako ...)
NOTE: not-for-us (Kyako ESupport)
CAN-2005-0486 (Tarantella Secure Global Desktop Enterprise Edition 4.00 and 3.42, and ...)