[Secure-testing-commits] r475 - sarge-checks/CAN
SALVETTI Djoumé
djoume-guest@costa.debian.org
Wed, 23 Feb 2005 21:28:22 +0100
Author: djoume-guest
Date: 2005-02-23 21:28:19 +0100 (Wed, 23 Feb 2005)
New Revision: 475
Modified:
sarge-checks/CAN/list
Log:
* processed my block
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-02-23 20:14:20 UTC (rev 474)
+++ sarge-checks/CAN/list 2005-02-23 20:28:19 UTC (rev 475)
@@ -1,99 +1,98 @@
CAN-2005-0510 (The daemon for fallback-reboot before 0.995 allows attackers to cause ...)
- TODO: check
+ NOTE: not-for-us (fallback-reboot)
CAN-2005-0509 (Multiple cross-site scripting (XSS) vulnerabilities in the Mono 1.0.5 ...)
- TODO: check
+ NOTE: default config of Mono not vulnerable
+ NOTE: Mono wont be in Sarge according to http://wiki.debian.net/?MonoDebianPlan
CAN-2005-0508 (Unknown vulnerability in Squiggle for Batik before 1.5.1 allows ...)
- TODO: check
+ NOTE: not-for-us (Squiggle for Batik)
CAN-2005-0507 (Directory traversal vulnerability in SD Server 4.0.70 and earlier ...)
- TODO: check
+ NOTE: not-for-us (SD Server)
CAN-2005-0506 (The Avaya IP Office Phone Manager, and other products such as the IP ...)
- TODO: check
+ NOTE: not-for-us (Avaya)
CAN-2005-0505 (Unknown vulnerability in Information Resource Manager (IRM) before ...)
- TODO: check
+ NOTE: not-for-us (IRM)
CAN-2005-0504 (Buffer overflow in the MoxaDriverIoctl function for the moxa serial ...)
- TODO: check
-begin claimed by djoume
+ TODO: check with kernel team
CAN-2005-0503 (uim before 0.4.5.1 trusts certain environment variables when libUIM is ...)
- TODO: check
+ - uim (unfixed; bug #296632)
CAN-2005-0502 (Directory traversal vulnerability in Xinkaa 1.0.3 and earlier allows ...)
- TODO: check
+ NOTE: not-for-us (Xinkaa)
CAN-2005-0501 (Buffer overflow in Bontago 1.1 and earlier allows remote attackers ...)
- TODO: check
+ NOTE: not-for-us (Bontago)
CAN-2005-0500 (Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to ...)
- TODO: check
+ NOTE: not-for-us (MSIE6)
CAN-2005-0499 (Gigafast router (aka CompUSA router) with the DNS proxy option enabled ...)
- TODO: check
+ NOTE: not-for-us (Gigafast router)
CAN-2005-0498 (Gigafast router (aka CompUSA router) allows remote attackers to gain ...)
- TODO: check
+ NOTE: not-for-us (Gigafast router)
CAN-2005-0497 (ADP Elite System Max 9000 allows remote authenticated users to gain ...)
- TODO: check
+ NOTE: not-for-us (ADP Elite System)
CAN-2005-0496 (Arkeia Network Backup Client 5.x contains hard-coded credentials that ...)
- TODO: check
+ NOTE: not-for-us (Arkeia Network Backup)
CAN-2005-0495 (Cross-site scripting (XSS) vulnerability in ZeroBoard allows remote ...)
- TODO: check
+ NOTE: not-for-us (ZeroBoard)
CAN-2005-0494 (The RgSecurity form in the HTTP server for the Thomson TCW690 cable ...)
- TODO: check
+ NOTE: not-for-us (Thomson TCW690 cable modem)
CAN-2005-0493 (CRLF injection vulnerability in bizmail.cgi in Biz Mail Form before ...)
- TODO: check
+ NOTE: not-for-us (Biz Mail From)
CAN-2005-0492 (Adobe Acrobat Reader 6.0.3 and 7.0.0 allows remote attackers to cause ...)
- TODO: check
+ NOTE: not-for-us (Acrobat Reader)
CAN-2005-0491 (Stack-based buffer overflow in Knox Arkeia Server Backup 5.3.x allows ...)
- TODO: check
+ NOTE: not-for-us (Arkeia Server Backup)
CAN-2005-0490 (Multiple stack-based buffer overflows in libcURL and cURL 7.12.1, and ...)
- TODO: check
+ - curl 7.12.3-1
CAN-2005-0489
NOTE: reserved
CAN-2004-1702 (The AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to ...)
- TODO: check
+ - cfengine2 2.1.8-1
CAN-2004-1701 (Heap-based buffer overflow in the AuthenticationDialogue function in ...)
- TODO: check
+ - cfengine2 2.1.8-1
CAN-2004-1700 (Cross-site scripting (XSS) vulnerability in SettingsBase.php in ...)
- TODO: check
+ NOTE: not-for-us (Pinnacle ShowCenter)
CAN-2004-1699 (SettingsBase.php in Pinnacle ShowCenter 1.51 allows remote attackers ...)
- TODO: check
+ NOTE: not-for-us (Pinnacle ShowCenter)
CAN-2004-1698 (The Base64 function in PopMessenger 1.60 (before 20 Sep 2004) and ...)
- TODO: check
+ NOTE: not-for-us (PopMessenger)
CAN-2004-1697 (The "Forgot your Password" link in Computer Associates Unicenter ...)
- TODO: check
+ NOTE: not-for-u (Computer Associates Unicenter Management Portal)
CAN-2004-1696 (EmuLive Server4 Commerce Edition Build 7560 allows remote attackers to ...)
- TODO: check
+ NOTE: not-for-us (EmuLive Server4)
CAN-2004-1695 (EmuLive Server4 Commerce Edition Build 7560 allows remote attackers to ...)
- TODO: check
+ NOTE: not-for-us (EmuLive Server4)
CAN-2004-1694 (Symantec ON Command CCM 5.4.x and iCommand 3.0.x has four default ...)
- TODO: check
+ NOTE: not-for-us (Symantec)
CAN-2004-1693 (PHP remote code injection vulnerability in Function.php in Mambo 4.5 ...)
- TODO: check
+ NOTE: not-for-us (Mambo)
CAN-2004-1692 (Cross-site scripting (XSS) vulnerability in index.php in Mambo 4.5 ...)
- TODO: check
+ NOTE: not-for-us (Mambo)
CAN-2004-1691 (The Web Server in DNS4Me 3.0.0.4 allows remote attackers to cause a ...)
- TODO: check
+ NOTE: not-for-us (DNS4Me)
CAN-2004-1690 (Cross-site scripting (XSS) vulnerability in the Web Server in DNS4Me ...)
- TODO: check
+ NOTE: not-for-us (DNS4Me)
CAN-2004-1689 (sudoedit (aka sudo -e) in sudo 1.6.8 opens a temporary file with root ...)
- TODO: check
+ - sudo 1.6.8p3-1
CAN-2004-1688 (Pigeon Server 3.02.0143 and earlier allows remote attackers to cause a ...)
- TODO: check
+ NOTE: not-for-us (Pigeon Server)
CAN-2004-1687 (CRLF injection vulnerability in down.asp for Snitz Forums 2000 3.4.04 ...)
- TODO: check
+ NOTE: not-for-us (Snitz Forums)
CAN-2004-1686 (Internet Explorer 6.0 in Windows XP SP2 allows remote attackers to ...)
- TODO: check
+ NOTE: not-for-us (MSIE)
CAN-2004-1685 (SMC routers SMC7004VWBR running firmware 1.00.014 and SMC7008ABR EU ...)
- TODO: check
+ NOTE: not-for-us (SMC router)
CAN-2004-1684 (Zyxel P681 running ZyNOS Vt020225a contains portions of memory in an ...)
- TODO: check
+ NOTE: not-for-us (Zyxel)
CAN-2004-1683 (A race condition in crrtrap for QNX RTP 6.1 allows local users to gain ...)
- TODO: check
+ NOTE: not-for-us (crrtrap)
CAN-2004-1682 (Format string vulnerability in QNX 6.1 FTP client allows remote ...)
- TODO: check
+ NOTE: not-for-us (QNX FTP)
CAN-2004-1681 (Multiple buffer overflows in (1) phrelay-cfg, (2) phlocale, (3) ...)
- TODO: check
+ NOTE: not-for-us (QNX)
CAN-2004-1680 (application.cgi in the Pingtel Xpressa handset running firmware ...)
- TODO: check
+ NOTE: not-for-us (Pingtel Xpressa)
CAN-2004-1679 (Directory traversal vulnerability in TwinFTP 1.0.3 R2 allows remote ...)
- TODO: check
+ NOTE: not-for-us (TwinFTP)
CAN-2004-1678 (Directory traversal vulnerability in pdesk.cgi in PerlDesk allows ...)
- TODO: check
-end claimed by djoume
+ NOTE: not-for-us (PerlDesk)
CAN-2004-1677 (pdesk.cgi in PerlDesk allows remote attackers to gain sensitive ...)
NOTE: not-for-us (PerlDesk)
CAN-2004-1676 (Heap-based buffer overflow in the image sending feature in Gadu-Gadu ...)