[Secure-testing-commits] r288 - sarge-checks/CAN
Joey Hess
joeyh@costa.debian.org
Wed, 19 Jan 2005 09:14:26 +0100
Author: joeyh
Date: 2005-01-19 09:14:24 +0100 (Wed, 19 Jan 2005)
New Revision: 288
Modified:
sarge-checks/CAN/list
Log:
automatic CAN database update
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-01-18 23:22:22 UTC (rev 287)
+++ sarge-checks/CAN/list 2005-01-19 08:14:24 UTC (rev 288)
@@ -1,4 +1,96 @@
-CAN-2005-0080
+CAN-2005-0121
+ TODO: check
+CAN-2005-0120
+ TODO: check
+CAN-2005-0119
+ TODO: check
+CAN-2005-0118
+ TODO: check
+CAN-2005-0117
+ TODO: check
+CAN-2005-0116
+ TODO: check
+CAN-2005-0115
+ NOTE: reserved
+CAN-2005-0114
+ NOTE: reserved
+CAN-2005-0113
+ TODO: check
+CAN-2005-0112
+ NOTE: reserved
+CAN-2005-0111
+ TODO: check
+CAN-2005-0110
+ TODO: check
+CAN-2005-0109
+ NOTE: reserved
+CAN-2005-0108
+ TODO: check
+CAN-2005-0107
+ NOTE: reserved
+CAN-2005-0106
+ NOTE: reserved
+CAN-2005-0105
+ NOTE: reserved
+CAN-2005-0104
+ NOTE: reserved
+CAN-2005-0103
+ NOTE: reserved
+CAN-2005-0102
+ NOTE: reserved
+CAN-2005-0101
+ NOTE: reserved
+CAN-2005-0100
+ NOTE: reserved
+CAN-2005-0099
+ NOTE: reserved
+CAN-2005-0098
+ NOTE: reserved
+CAN-2005-0097
+ TODO: check
+CAN-2005-0096
+ TODO: check
+CAN-2005-0095
+ TODO: check
+CAN-2005-0094
+ TODO: check
+CAN-2005-0093
+ NOTE: reserved
+CAN-2005-0092
+ NOTE: reserved
+CAN-2005-0091
+ NOTE: reserved
+CAN-2005-0090
+ NOTE: reserved
+CAN-2005-0089
+ NOTE: reserved
+CAN-2005-0088
+ NOTE: reserved
+CAN-2005-0087
+ NOTE: reserved
+CAN-2005-0086
+ NOTE: reserved
+CAN-2005-0085
+ NOTE: reserved
+CAN-2005-0084
+ NOTE: reserved
+CAN-2005-0083
+ NOTE: reserved
+CAN-2005-0082
+ NOTE: reserved
+CAN-2005-0081
+ NOTE: reserved
+CAN-2004-1379
+ TODO: check
+CAN-2004-1378
+ TODO: check
+CAN-2004-1377
+ TODO: check
+CAN-2003-1054
+ TODO: check
+CAN-2003-1053
+ TODO: check
+CAN-2005-0080 (The 55_options_traceback.dpatch patch for mailman 2.1.5 in Ubuntu 4.10 ...)
- mailman 2.1.5-5
CAN-2005-0079
NOTE: reserved
@@ -23,16 +115,16 @@
CAN-2005-0069
NOTE: reserved
- vim (unfixed; bug #291125)
-CAN-2005-0068
+CAN-2005-0068 (The original design of ICMP does not require authentication for ...)
NOTE: general icmp design error
-CAN-2005-0067
+CAN-2005-0067 (The original design of TCP does not require that port numbers be ...)
NOTE: general tcp design error, no indication it affects linux
-CAN-2005-0066
+CAN-2005-0066 (The original design of TCP does not check that the TCP Acknowledgement ...)
NOTE: general tcp design error
-CAN-2005-0065
+CAN-2005-0065 (The original design of TCP does not check that the TCP sequence number ...)
NOTE: general tcp design error
-CAN-2005-0064
- NOTE: reserved
+CAN-2005-0064 (Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc ...)
+ TODO: check
CAN-2005-0063
NOTE: reserved
CAN-2005-0062
@@ -73,7 +165,7 @@
NOTE: reserved
CAN-2005-0044
NOTE: reserved
-CAN-2005-0043
+CAN-2005-0043 (Buffer overflow in Apple iTunes 4.7 allows remote attackers to execute ...)
NOTE: not-for-us (iTunes)
CAN-2005-0042
NOTE: reserved
@@ -95,69 +187,69 @@
NOTE: reserved
CAN-2005-0033
NOTE: reserved
-CAN-2004-1376
+CAN-2004-1376 (Directory traversal vulnerability in Microsoft Internet Explorer 5.01, ...)
NOTE: not-for-us (MSIE)
-CAN-2004-1375
+CAN-2004-1375 (Unknown vulnerability in System Administration Manager (SAM) in HP-UX ...)
NOTE: not-for-us (HP-UX)
-CAN-2004-1374
+CAN-2004-1374 (Multiple buffer overflows in NetBSD kernel may allow local users to ...)
NOTE: not-for-us (NetBSD)
-CAN-2004-1373
+CAN-2004-1373 (Format string vulnerability in SHOUTcast 1.9.4 allows remote attackers ...)
NOTE: not-for-us (Shoutcast)
-CAN-2004-1372
+CAN-2004-1372 (Multiple stack-based buffer overflows in IBM DB2 7.x and 8.1 allow ...)
NOTE: not-for-us (IBM DB2)
-CAN-2004-1371
+CAN-2004-1371 (Stack-based buffer overflow in Oracle 9i and 10g allows remote ...)
NOTE: not-for-us (Oracle)
-CAN-2004-1370
+CAN-2004-1370 (Multiple SQL injection vulnerabilities in PL/SQL procedures that run ...)
NOTE: not-for-us (Oracle)
-CAN-2004-1369
+CAN-2004-1369 (The TNS Listener in Oracle 10g allows remote attackers to cause a ...)
NOTE: not-for-us (Oracle)
-CAN-2004-1368
+CAN-2004-1368 (ISQL*Plus in Oracle 10g Application Server allows remote attackers to ...)
NOTE: not-for-us (Oracle)
-CAN-2004-1367
+CAN-2004-1367 (Oracle 10g Database Server, when installed with a password that ...)
NOTE: not-for-us (Oracle)
-CAN-2004-1366
+CAN-2004-1366 (Oracle 10g Database Server stores the password for the SYSMAN account ...)
NOTE: not-for-us (Oracle)
-CAN-2004-1365
+CAN-2004-1365 (Extproc in Oracle 9i and 10g does not require authentication to load a ...)
NOTE: not-for-us (Oracle)
-CAN-2004-1364
+CAN-2004-1364 (Directory traversal vulnerability in extproc in Oracle 9i and 10g ...)
NOTE: not-for-us (Oracle)
-CAN-2004-1363
+CAN-2004-1363 (Buffer overflow in extproc in Oracle 10g allows remote attackers to ...)
NOTE: not-for-us (Oracle)
-CAN-2004-1362
+CAN-2004-1362 (The PL/SQL module for the Oracle HTTP Server in Oracle Application ...)
NOTE: not-for-us (Oracle)
-CAN-2004-1361
+CAN-2004-1361 (Integer underflow in winhlp32.exe in Windows NT, Windows 2000 through ...)
NOTE: not-for-us (Windows)
-CAN-2004-1360
+CAN-2004-1360 (Unknown vulnerability in conv_fix in Sun Solaris 7 through 9, when ...)
NOTE: not-for-us (Solaris)
-CAN-2004-1359
+CAN-2004-1359 (Multiple buffer overflows in uucp for Sun Solaris 2.6, 7, 8, and 9 ...)
NOTE: not-for-us (Solaris)
-CAN-2004-1358
+CAN-2004-1358 (The patches (1) 114332-08 and (2) 114929-06 for Sun Solaris 9 disable ...)
NOTE: not-for-us (Solaris)
-CAN-2004-1357
+CAN-2004-1357 (The Secure Shell (SSH) Daemon (SSHD) in Sun Solaris 9 does not ...)
NOTE: not-for-us (ssh on Solaris)
-CAN-2004-1356
+CAN-2004-1356 (Unknown vulnerability in the sendfilev function in Sun Solaris 8 and 9 ...)
NOTE: not-for-us (Solaris)
-CAN-2004-1355
+CAN-2004-1355 (Unknown vulnerability in the TCP/IP stack for Sun Solaris 8 and 9 ...)
NOTE: not-for-us (Solaris)
-CAN-2004-1354
+CAN-2004-1354 (The Solaris Management Console (SMC) in Sun Solaris 8 and 9 generates ...)
NOTE: not-for-us (Solaris)
-CAN-2004-1353
+CAN-2004-1353 (Unknown vulnerability in LDAP on Sun Solaris 8 and 9, when using Role ...)
NOTE: not-for-us (Solaris)
-CAN-2004-1352
+CAN-2004-1352 (Buffer overflow in the ping daemon of Sun Solaris 7 through 9 may ...)
NOTE: not-for-us (Solaris)
-CAN-2004-1351
+CAN-2004-1351 (Unknown vulnerability in the rwho daemon (in.rwhod) for Solaris 7 ...)
NOTE: not-for-us (Solaris)
-CAN-2004-1350
+CAN-2004-1350 (Multiple buffer overflows in Sun Java System Web Proxy Server ...)
NOTE: not-for-us (Sun Java System Web Proxy Server )
-CAN-2004-1349
+CAN-2004-1349 (gzip before 1.3 in Solaris 8, when called with the -f or -force flags, ...)
NOTE: not-for-us (gzip on Solaris)
-CAN-2004-1348
+CAN-2004-1348 (Unknown vulnerability in in.named on Solaris 8 allows remote attackers ...)
NOTE: not-for-us (Solaris)
-CAN-2004-1347
+CAN-2004-1347 (X Display Manager (XDM) on Solaris 8 allows remote attackers to cause ...)
NOTE: not-for-us (xdm on Solaris)
-CAN-2004-1346
+CAN-2004-1346 (The Sun Solaris Volume Manager (SVM) on Solaris 9 allows local users ...)
NOTE: not-for-us (Solaris)
-CAN-2004-1345
+CAN-2004-1345 (Unknown vulnerability in Sun StorEdge Enterprise Storage Manager (ESM) ...)
NOTE: not-for-us (Sun StorEdge Enterprise Storage Manager)
CAN-2004-1344
NOTE: reserved
@@ -225,8 +317,7 @@
NOTE: reserved
CAN-2005-0006
NOTE: reserved
-CAN-2005-0005
- NOTE: reserved
+CAN-2005-0005 (Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and ...)
- imagemagick (unfixed; bug #291118)
CAN-2005-0004
NOTE: reserved
@@ -402,6 +493,7 @@
CAN-2004-1265 (Buffer overflow in the readObjectChunk function in 3dsimp.cpp for the ...)
NOTE: not-for-us (Convex)
CAN-2004-1264 (Buffer overflow in the simplify_path function in config.c for ChBg 1.5 ...)
+ {DSA-644-1}
- chbg 1.5-4
CAN-2004-1263 (changepassword.cgi in ChangePassword 0.8, when installed setuid, ...)
NOTE: not-for-us (ChangePassword):w
@@ -1170,8 +1262,8 @@
NOTE: not-for-us (Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus)
CAN-2004-0932 (McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th ...)
NOTE: not-for-us (McAfee Anti-Virus Engine DATS drivers)
-CAN-2004-0931
- NOTE: reserved
+CAN-2004-0931 (MySQL MaxDB before 7.5.00.18 allows remote attackers to cause a denial ...)
+ TODO: check
CAN-2004-0930 (The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other ...)
- samba 3.0.8-1
CAN-2004-0929 (Heap-based buffer overflow in the OJPEGVSetField function in ...)
@@ -1988,6 +2080,7 @@
NOTE: reserved
CAN-2004-0555
NOTE: reserved
+ {DSA-643-1}
CAN-2004-0554 (Linux kernel 2.4.2x and 2.6.x for x86 allows local users to cause a ...)
NOTE: this was a big deal and is fixed in all current kernels
CAN-2004-0553
@@ -5089,7 +5182,7 @@
CAN-2003-0015
{DSA-233}
- cvs 1.11.2-5.1
-CAN-2003-0014 (bmv 1.2 and earlier allows local users to overwrite arbitrary files ...)
+CAN-2003-0014 (gsinterf.c in bmv 1.2 and earlier allows local users to overwrite ...)
{DSA-633-1}
CAN-2003-0013
{DSA-230}