[Secure-testing-commits] r249 - sarge-checks/CAN

Joey Hess joeyh@costa.debian.org
Fri, 07 Jan 2005 09:14:34 +0100 

Author: joeyh
Date: 2005-01-07 09:14:28 +0100 (Fri, 07 Jan 2005)
New Revision: 249

Modified:
   sarge-checks/CAN/list
Log:
automatic CAN database update

Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list	2005-01-06 21:26:46 UTC (rev 248)
+++ sarge-checks/CAN/list	2005-01-07 08:14:28 UTC (rev 249)
@@ -18,9 +18,9 @@
 	NOTE: reserved
 CAN-2005-0023
 	NOTE: reserved
-CAN-2005-0022
+CAN-2005-0022 (Buffer overflow in the spa_base64_to_bits function in Exim before ...)
 	- exim4 4.34-10
-CAN-2005-0021
+CAN-2005-0021 (Buffer overflow in the host_aton function in Exim before 4.43 may ...)
 	- exim4 4.34-10
 CAN-2005-0020
 	NOTE: reserved
@@ -62,51 +62,52 @@
 	NOTE: reserved
 CAN-2005-0001
 	NOTE: reserved
-CAN-2004-1339
+CAN-2004-1339 (SQL injection vulnerability in the (1) MDSYS.SDO_GEOM_TRIG_INS1 and ...)
 	NOTE: not-for-us (oracle)
-CAN-2004-1338
+CAN-2004-1338 (The triggers in Oracle 9i and 10g allow local users to gain privileges ...)
 	NOTE: not-for-us (oracle)
-CAN-2004-1337
+CAN-2004-1337 (The POSIX Capability Linux Security Module (LSM) for Linux kernel 2.6 ...)
 	NOTE: <dilinger> joeyh: we're mostly not vulnerable, because the module is generally loaded from the initrd (or very early on at some point)
 	TODO: re-check with kernel team re fix
 	NOTE: apparent it only affects 2.6
-CAN-2004-1336
+CAN-2004-1336 (The xdvizilla script in tetex-bin 2.0.2 creates temporary files with ...)
 	- tetex-bin 2.0.2-25
-CAN-2004-1335
+CAN-2004-1335 (Memory leak in the ip_options_get function in the Linux kernel before ...)
 	- kernel-source-2.6.8 2.6.8-11
-CAN-2004-1334
+CAN-2004-1334 (Integer overflow in the ip_options_get function in the Linux kernel ...)
 	TODO: re-check with kernel team (was unfixed before)
-CAN-2004-1333
+CAN-2004-1333 (Integer overflow in the vc_resize function in the Linux kernel 2.4 and ...)
 	- kernel-source-2.6.8 2.6.8-11
-CAN-2004-1332
+CAN-2004-1332 (Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with ...)
 	NOTE: not-for-us (hpux)
-CAN-2004-1331
+CAN-2004-1331 (The execCommand method in Microsoft Internet Explorer 6.0 SP2 allows ...)
 	NOTE: not-for-us (microsoft)
-CAN-2004-1330
+CAN-2004-1330 (Buffer overflow in paginit in AIX 5.1 through 5.3 allows local users ...)
 	NOTE: not-for-us (AIX)
-CAN-2004-1329
+CAN-2004-1329 (Untrusted execution path vulnerability in the diag commands (1) ...)
 	NOTE: not-for-us (AIX)
-CAN-2004-1328
+CAN-2004-1328 (Unknown vulnerability in newgrp in HP-UX B.11.00, B.11.04, and B.11.11 ...)
 	NOTE: not-for-us (hpux)
-CAN-2004-1327
+CAN-2004-1327 (Buffer overflow in Crystal FTP Client 2.8 allows remote malicious ...)
 	NOTE: not-for-us (Crystal FTP client)
-CAN-2004-1326
+CAN-2004-1326 (Buffer overflow in dxterm in Ultrix 4.5 allows local users to execute ...)
 	NOTE: not-for-us (Ultrix)
-CAN-2004-1325
+CAN-2004-1325 (The getItemInfoByAtom function in the ActiveX control for Microsoft ...)
 	NOTE: not-for-us (Microsoft)
-CAN-2004-1324
+CAN-2004-1324 (The Microsoft Windows Media Player 9.0 ActiveX control may allow ...)
 	NOTE: not-for-us (Microsoft)
-CAN-2004-1323
+CAN-2004-1323 (Multiple syscalls in the compat subsystem for NetBSD before 2.0 allow ...)
 	NOTE: not-for-us (Netbsd)
-CAN-2004-1322
+CAN-2004-1322 (Cisco Unity 2.x, 3.x, and 4.x, when integrated with Microsoft ...)
 	NOTE: not-for-us (Microsoft/Cisco)
-CAN-2004-1321
+CAN-2004-1321 (The configuration backup in Asante FM2008 running firmware 1.06 stores ...)
 	NOTE: not-for-us (Asante FM2008)
-CAN-2004-1320
+CAN-2004-1320 (Asante FM2008 running firmware 1.06 is shipped with a default username ...)
 	NOTE: not-for-us (Asante FM2008)
-CAN-2004-1319
+CAN-2004-1319 (The DHTML Edit Control (dhtmled.ocx) in Internet Explorer ...)
 	NOTE: not-for-us (MSIE)
-CAN-2004-1318
+CAN-2004-1318 (Cross-site scripting (XSS) vulnerability in namazu.cgi for Namazu ...)
+	{DSA-627-1}
 	- namuzu2 2.0.14
 CAN-2004-1317 (Stack-based buffer overflow in doexec.c in Netcat for Windows 1.1, ...)
 	NOTE: apparently only affects netcat in windows
@@ -168,6 +169,7 @@
 CAN-2004-1290 (Buffer overflow in the process_moves function in pgn2web.c for pgn2web ...)
 	NOTE: not-for-us (pgn2web)
 CAN-2004-1289 (Multiple buffer overflows in (1) the getline function in pcalutil.c ...)
+	{DSA-625-1}
 	- pcal 4.8.0-1
 CAN-2004-1288 (Buffer overflow in the parse_html function in o3read.c for o3read ...)
 	NOTE: not-for-us (o3read)
@@ -387,6 +389,7 @@
 	NOTE: reserved
 CAN-2004-1183
 	NOTE: reserved
+	{DSA-626-1}
 CAN-2004-1182
 	NOTE: reserved
 CAN-2004-1181
@@ -725,7 +728,7 @@
 CAN-2004-1027 (The -x command line option in unarj allows remote attackers to ...)
 	NOTE: sarge's unarj is from a different code base, probably not vulnerable
 CAN-2004-1026 (Multiple integer overflows in the image handler for imlib 1.9.14 and ...)
-	{DSA-618-1}
+	{DSA-628-1 DSA-618-1}
 	- imlib 1.9.14-17.1
 	- imlib-png2 1.9.14-16.1
 	- imlib2 1.1.2-2.1