[Secure-testing-commits] r487 - sarge-checks/CAN
Joey Hess
joeyh@costa.debian.org
Fri, 25 Feb 2005 09:14:23 +0100
Author: joeyh
Date: 2005-02-25 09:14:20 +0100 (Fri, 25 Feb 2005)
New Revision: 487
Modified:
sarge-checks/CAN/list
Log:
automatic CAN database update
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-02-25 03:17:55 UTC (rev 486)
+++ sarge-checks/CAN/list 2005-02-25 08:14:20 UTC (rev 487)
@@ -1,3 +1,49 @@
+CAN-2005-0532 (The reiserfs_copy_from_user_to_file_region function in reiserfs/file.c ...)
+ TODO: check
+CAN-2005-0531 (The atm_get_addr function in addr.c for Linux kernel 2.6.10 and 2.6.11 ...)
+ TODO: check
+CAN-2005-0530 (Signedness error in the copy_from_read_buf function in n_tty.c for ...)
+ TODO: check
+CAN-2005-0529 (Linux kernel 2.6.10 and 2.6.11rc1-bk6 uses different size types for ...)
+ TODO: check
+CAN-2005-0528
+ NOTE: reserved
+CAN-2005-0527
+ NOTE: reserved
+CAN-2005-0526 (Multiple cross-site scripting (XSS) vulnerabilities in PBLang 4.65 ...)
+ TODO: check
+CAN-2005-0525
+ NOTE: reserved
+CAN-2005-0524
+ NOTE: reserved
+CAN-2005-0523 (Format string vulnerability in ProZilla 1.3.7.3 and earlier allows ...)
+ TODO: check
+CAN-2005-0522 (Chat Anywhere 2.72a stores sensitive information such as passwords in ...)
+ TODO: check
+CAN-2005-0521 (SendLink 1.5 stores sensitive information, possibly including ...)
+ TODO: check
+CAN-2005-0520 (ArGoSoft before 1.4.2.8 allows remote attackers to read arbitrary ...)
+ TODO: check
+CAN-2005-0519 (ArGoSoft before 1.4.2.7 allows remote attackers to read arbitrary ...)
+ TODO: check
+CAN-2005-0518 (eXeem 0.21 stores sensitive information such as passwords in plaintext ...)
+ TODO: check
+CAN-2005-0517 (PeerFTP_5 stores sensitive information such as passwords in plaintext ...)
+ TODO: check
+CAN-2005-0516 (The ImageGalleryPlugin (ImageGalleryPlugin.pm) in Twiki allows remote ...)
+ TODO: check
+CAN-2005-0515
+ NOTE: reserved
+CAN-2005-0514 (Cross-site scripting (XSS) vulnerability in Verity Ultraseek before ...)
+ TODO: check
+CAN-2005-0513 (PHP remote code injection vulnerability in mail_autocheck.php in ...)
+ TODO: check
+CAN-2005-0512 (PHP remote code injection vulnerability in Tar.php in Mambo 4.5.2 ...)
+ TODO: check
+CAN-2005-0511 (Direct code injection vulnerability in misc.php for vBulletin 3.0.6 ...)
+ TODO: check
+CAN-2003-1086 (PHP remote code injection vulnerability in pm/lib.inc.php in pMachine ...)
+ TODO: check
CAN-2005-0510 (The daemon for fallback-reboot before 0.995 allows attackers to cause ...)
NOTE: not-for-us (fallback-reboot)
CAN-2005-0509 (Multiple cross-site scripting (XSS) vulnerabilities in the Mono 1.0.5 ...)
@@ -1486,10 +1532,10 @@
CAN-2005-0162 (Stack-based buffer overflow in the get_internal_addresses function in ...)
- openswan 2.2.0-6
NOTE: does not seem to affect freeswan
-CAN-2005-0161
- NOTE: reserved
-CAN-2005-0160
- NOTE: reserved
+CAN-2005-0161 (Multiple directory traversal vulnerabilities in unace 1.2b allow ...)
+ TODO: check
+CAN-2005-0160 (Multiple buffer overflows in unace 1.2b allow attackers to execute ...)
+ TODO: check
CAN-2005-0159 (The tpkg-* scripts in the toolchain-source 3.0.4 package on Debian ...)
{DSA-679-1}
CAN-2005-0158 (Format string vulnerability in bidwatcher before 1.3.17 allows remote ...)
@@ -3884,8 +3930,8 @@
NOTE: not-for-us (IRIX)
CAN-2004-0482 (Multiple "incorrect bounds checking" errors in certain functions for ...)
NOTE: not-for-us (OpenBSD)
-CAN-2004-0481
- NOTE: reserved
+CAN-2004-0481 (The logging feature in kcms_configure in the KCMS package on Solaris 8 ...)
+ TODO: check
CAN-2004-0480 (Argument injection vulnerability in IBM Lotus Notes 6.0.3 and 6.5 ...)
NOTE: not-for-us (Lotus Notes)
CAN-2004-0479 (Internet Explorer 6 allows remote attackers to cause a denial of ...)
@@ -3915,10 +3961,10 @@
NOTE: not-for-us (Juniper JUNOS)
CAN-2004-0467 (Juniper JUNOS 5.x through JUNOS 7.x allows remote attackers to cause a ...)
NOTE: not-for-us (Juniper JUNOS)
-CAN-2004-0466
- NOTE: reserved
-CAN-2004-0465
- NOTE: reserved
+CAN-2004-0466 (WebConnect 6.5, 6.4.4, and possibly earlier versions allows remote ...)
+ TODO: check
+CAN-2004-0465 (Directory traversal vulnerability in jretest.html in WebConnect 6.5 ...)
+ TODO: check
CAN-2004-0464
NOTE: reserved
CAN-2004-0463