[Secure-testing-commits] r325 - sarge-checks/CAN
Joey Hess
joeyh@costa.debian.org
Fri, 28 Jan 2005 21:14:19 +0100
Author: joeyh
Date: 2005-01-28 21:14:15 +0100 (Fri, 28 Jan 2005)
New Revision: 325
Modified:
sarge-checks/CAN/list
Log:
automatic CAN database update
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-01-27 20:14:16 UTC (rev 324)
+++ sarge-checks/CAN/list 2005-01-28 20:14:15 UTC (rev 325)
@@ -1,4 +1,95 @@
+CAN-2005-0175
+ NOTE: reserved
+CAN-2005-0174
+ NOTE: reserved
+CAN-2005-0173
+ NOTE: reserved
+CAN-2005-0172
+ NOTE: reserved
+CAN-2005-0171
+ NOTE: reserved
+CAN-2005-0170
+ NOTE: reserved
+CAN-2005-0169
+ NOTE: reserved
+CAN-2005-0168
+ NOTE: reserved
+CAN-2005-0167
+ NOTE: reserved
+CAN-2005-0166
+ NOTE: reserved
+CAN-2005-0165
+ NOTE: reserved
+CAN-2005-0164
+ NOTE: reserved
+CAN-2005-0163
+ NOTE: reserved
+CAN-2005-0162
+ TODO: check
+CAN-2005-0161
+ NOTE: reserved
+CAN-2005-0160
+ NOTE: reserved
+CAN-2005-0159
+ NOTE: reserved
+CAN-2005-0158
+ NOTE: reserved
+CAN-2005-0157
+ NOTE: reserved
+CAN-2005-0156
+ NOTE: reserved
+CAN-2005-0155
+ NOTE: reserved
+CAN-2005-0154
+ NOTE: reserved
+CAN-2005-0153
+ NOTE: reserved
+CAN-2005-0152
+ NOTE: reserved
+CAN-2005-0151
+ NOTE: reserved
+CAN-2005-0150
+ TODO: check
+CAN-2005-0149
+ TODO: check
+CAN-2005-0148
+ TODO: check
+CAN-2005-0147
+ TODO: check
+CAN-2005-0146
+ TODO: check
+CAN-2005-0145
+ TODO: check
+CAN-2005-0144
+ TODO: check
+CAN-2005-0143
+ TODO: check
+CAN-2005-0142
+ TODO: check
+CAN-2005-0141
+ TODO: check
+CAN-2005-0140
+ TODO: check
+CAN-2005-0139
+ NOTE: reserved
+CAN-2005-0138
+ NOTE: reserved
+CAN-2005-0137
+ NOTE: reserved
+CAN-2005-0136
+ NOTE: reserved
+CAN-2005-0135
+ NOTE: reserved
+CAN-2005-0134
+ NOTE: reserved
+CAN-2004-1381
+ TODO: check
+CAN-2004-1380
+ TODO: check
+CAN-1999-1572
+ TODO: check
CAN-2005-0133
+ NOTE: reserved
- clamav 0.80-0.81rc1-1
CAN-2005-0132
NOTE: reserved
@@ -10,12 +101,12 @@
- konversation 0.15-3
CAN-2005-0128
NOTE: reserved
-CAN-2005-0127
- NOTE: reserved
-CAN-2005-0126
- NOTE: reserved
-CAN-2005-0125
- NOTE: reserved
+CAN-2005-0127 (Mail in Mac OS X 10.3.7, when generating a Message-ID header, ...)
+ TODO: check
+CAN-2005-0126 (ColorSync on Mac OS X 10.3.7 and 10.3.8 allows attackers to execute ...)
+ TODO: check
+CAN-2005-0125 (The "at" commands on Mac OS X 10.3.7 and earlier do not properly drop ...)
+ TODO: check
CAN-2005-0124 (The coda_pioctl function in the coda functionality (pioctl.c) for ...)
- kernel-source-2.4.27 2.4.27-8
NOTE: 2.6.8 apparently ok
@@ -35,8 +126,8 @@
- xshisen 1.51-1-1.1
CAN-2005-0116 (AWStats 6.1, and other versions before 6.3, allows remote attackers to ...)
- awstats 6.2-1.1
-CAN-2005-0115
- NOTE: reserved
+CAN-2005-0115 (Stack-based buffer overflow in DataRescue Interactive Disassembler ...)
+ TODO: check
CAN-2005-0114
NOTE: reserved
CAN-2005-0113 (inpview in SGI IRIX allows local users to execute arbitrary commands ...)
@@ -49,7 +140,7 @@
NOTE: not-for-us (MSIE)
CAN-2005-0109
NOTE: reserved
-CAN-2005-0108 (Apache mod_auth_radius 1.5.4 allows remote malicious RADIUS servers to ...)
+CAN-2005-0108 (Apache mod_auth_radius 1.5.4 and libpam-radius-auth allow remote ...)
{DSA-659-1}
- libapache-mod-auth-radius 1.5.7-6
- libpam-radius-auth 1.3.16-3
@@ -64,8 +155,7 @@
CAN-2005-0103
NOTE: reserved
- squirrelmail 2:1.4.4-1
-CAN-2005-0102
- NOTE: reserved
+CAN-2005-0102 (Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier ...)
- evolution 2.0.3-1.2
CAN-2005-0101
NOTE: reserved
@@ -99,12 +189,11 @@
NOTE: reserved
CAN-2005-0087
NOTE: reserved
-CAN-2005-0086
- NOTE: reserved
+CAN-2005-0086 (Heap-based buffer overflow in less in Red Hat Enterprise Linux 3 ...)
+ TODO: check
CAN-2005-0085
NOTE: reserved
-CAN-2005-0084
- NOTE: reserved
+CAN-2005-0084 (Buffer overflow in the X11 dissector in Ethereal 0.8.10 through 0.10.8 ...)
{DSA-653-1}
- ethereal 0.10.9-1
CAN-2005-0083
@@ -127,14 +216,11 @@
- xshisen 1.51-1-1
CAN-2005-0080 (The 55_options_traceback.dpatch patch for mailman 2.1.5 in Ubuntu 4.10 ...)
- mailman 2.1.5-5
-CAN-2005-0079
- NOTE: reserved
+CAN-2005-0079 (Buffer overflow in xtrlock 2.0 allows local users to cause a denial of ...)
{DSA-649-1}
-CAN-2005-0078
- NOTE: reserved
+CAN-2005-0078 (The KDE screen saver in KDE before 3.0.5 does not properly check the ...)
{DSA-660-1}
-CAN-2005-0077
- NOTE: reserved
+CAN-2005-0077 (The DBI library (libdbi-perl) for Perl allows local users to overwrite ...)
{DSA-658-1}
CAN-2005-0076
NOTE: reserved
@@ -145,16 +231,13 @@
NOTE: reserved
CAN-2005-0073
NOTE: reserved
-CAN-2005-0072
- NOTE: reserved
+CAN-2005-0072 (zhcon before 0.2 does not drop privileges before reading a user ...)
{DSA-655-1}
-CAN-2005-0071
- NOTE: reserved
+CAN-2005-0071 (vdr before 1.2.6 does not securely create files, which allows ...)
{DSA-656-1}
CAN-2005-0070
NOTE: reserved
-CAN-2005-0069
- NOTE: reserved
+CAN-2005-0069 (The (1) tcltags or (2) vimspell.sh scripts in vim 6.3 allow local ...)
- vim 1:6.3-058+1
CAN-2005-0068 (The original design of ICMP does not require authentication for ...)
NOTE: general icmp design error
@@ -230,10 +313,10 @@
NOTE: reserved
CAN-2005-0035
NOTE: reserved
-CAN-2005-0034
- NOTE: reserved
-CAN-2005-0033
- NOTE: reserved
+CAN-2005-0034 (An "incorrect assumption" in the authvalidated validator function in ...)
+ TODO: check
+CAN-2005-0033 (Buffer overflow in the code for recursion and glue fetching in BIND ...)
+ TODO: check
CAN-2004-1376 (Directory traversal vulnerability in Microsoft Internet Explorer 5.01, ...)
NOTE: not-for-us (MSIE)
CAN-2004-1375 (Unknown vulnerability in System Administration Manager (SAM) in HP-UX ...)
@@ -306,8 +389,7 @@
NOTE: reserved
CAN-2004-1341
NOTE: reserved
-CAN-2004-1340
- NOTE: reserved
+CAN-2004-1340 (Debian GNU/Linux installs the libpam-radius-auth package with the ...)
{DSA-659-1}
- libpam-radius-auth 1.3.16-1.1
CAN-2005-0032
@@ -346,8 +428,7 @@
{DSA-661-1}
CAN-2005-0016 (Buffer overflow in the exported_display function in xatitv in gatos ...)
{DSA-640-1}
-CAN-2005-0015
- NOTE: reserved
+CAN-2005-0015 (diatheke.pl in Sword 1.5.7a allows remote attackers to execute ...)
{DSA-650-1}
CAN-2005-0014
NOTE: reserved
@@ -357,20 +438,15 @@
- dillo 0.8.3-1
CAN-2005-0011
NOTE: reserved
-CAN-2005-0010
- NOTE: reserved
+CAN-2005-0010 (Unknown vulnerability in the MMSE dissector in Ethereal 0.10.4 through ...)
- ethereal 0.10.9-1
-CAN-2005-0009
- NOTE: reserved
+CAN-2005-0009 (Unknown vulnerability in the Gnutella dissector in Ethereal 0.10.6 ...)
- ethereal 0.10.9-1
-CAN-2005-0008
- NOTE: reserved
+CAN-2005-0008 (Unknown vulnerability in the DNP dissector in Ethereal 0.10.5 through ...)
- ethereal 0.10.9-1
-CAN-2005-0007
- NOTE: reserved
+CAN-2005-0007 (Unknown vulnerability in the DLSw dissector in Ethereal 0.10.6 through ...)
- ethereal 0.10.9-1
-CAN-2005-0006
- NOTE: reserved
+CAN-2005-0006 (The COPS dissector in Ethereal 0.10.6 through 0.10.8 allows remote ...)
- ethereal 0.10.9-1
CAN-2005-0005 (Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and ...)
{DSA-646-1}
@@ -719,14 +795,11 @@
- xine-lib 1-rc8-1
CAN-2004-1187 (Heap-based buffer overflow in the pnm_get_chunk function for xine ...)
- xine-lib 1-rc8-1
-CAN-2004-1186
- NOTE: reserved
+CAN-2004-1186 (Multiple buffer overflows in enscript 1.6.3 allow remote attackers or ...)
{DSA-654-1}
-CAN-2004-1185
- NOTE: reserved
+CAN-2004-1185 (Enscript 1.6.3 does not sanitize filenames, which allows remote ...)
{DSA-654-1}
-CAN-2004-1184
- NOTE: reserved
+CAN-2004-1184 (The EPSF pipe support in enscript 1.6.3 allows remote attackers or ...)
{DSA-654-1}
CAN-2004-1183 (Integer overflow in the tiffdump utility for libtiff 3.7.1 and earlier ...)
{DSA-626-1}
@@ -803,8 +876,8 @@
CAN-2004-1151 (Multiple buffer overflows in the (1) sys32_ni_syscall and (2) ...)
NOTE: fixed in kernel team svn (?)
TODO: track fix
-CAN-2004-1150
- NOTE: reserved
+CAN-2004-1150 (Stack-based buffer overflow in the in_cdda.dll plugin for Winamp 5.0 ...)
+ TODO: check
CAN-2004-1149 (Computer Associates eTrust EZ Antivirus 7.0.0 to 7.0.4, including ...)
NOTE: not-for-us (Computer Associates eTrust EZ Antivirus)
CAN-2004-1148 (phpMyAdmin before 2.6.1, when configured with UploadDir functionality, ...)
@@ -861,8 +934,8 @@
- tetex-bin 2.0.2-25
- gpdf 2.8.2-1
- koffice 1:1.3.5-1
-CAN-2004-1124
- NOTE: reserved
+CAN-2004-1124 (Unknown vulnerability in chroot on SCO UnixWare 7.1.1 through 7.1.4 ...)
+ TODO: check
CAN-2004-1123 (Darwin Streaming Server 5.0.1, and possibly earlier versions, allows ...)
NOTE: not-for-us (Darwin Streaming Server)
CAN-2004-1122 (Safari 1.x to 1.2.4, and possibly other versions, allows inactive ...)
@@ -992,11 +1065,9 @@
NOTE: not-for-us (FreeBSD)
CAN-2004-1065 (Buffer overflow in the exif_read_data function in PHP before 4.3.10 ...)
- php4 4:4.3.10-1
-CAN-2004-1064
- NOTE: rejected
+CAN-2004-1064 (The safe mode checks in PHP 4.x to 4.3.9 and PHP 5.x to 5.0.2 truncate ...)
- php4 4:4.3.10-1
-CAN-2004-1063
- NOTE: rejected
+CAN-2004-1063 (PHP 4.x to 4.3.9, and PHP 5.x to 5.0.2, when running in safe mode on a ...)
- php4 4:4.3.10-1
CAN-2004-1062 (Multiple cross-site scripting (XSS) vulnerabilities in ViewCVS 0.9.2 ...)
- viewcvs 0.9.2+cvs.1.0.dev.2004.07.28-1.3
@@ -1008,8 +1079,8 @@
- mnogosearch 3.2.18-2.2
CAN-2004-1058 (Race condition in Linux kernel 2.6 allows local users to read the ...)
TODO: check with kernel team
-CAN-2004-1057
- NOTE: reserved
+CAN-2004-1057 (Multiple drivers in Linux kernel 2.4.19 and earlier do not properly ...)
+ TODO: check
CAN-2004-1056 (Direct Rendering Manager (DRM) driver in Linux kernel 2.6 does not ...)
- kernel-source-2.4.27 2.4.27-8
- kernel-image-2.4.27-i386 2.4.27-8
@@ -1074,7 +1145,7 @@
NOTE: not-for-us (Sun JRE)
CAN-2004-1028 (Untrusted execution path vulnerability in chcod on AIX IBM 5.1.0, ...)
NOTE: not-for-us (AIX)
-CAN-2004-1027 (Directory traversal vulnerability in the -x command line option in ...)
+CAN-2004-1027 (Directory traversal vulnerability in the -x (extract) command line ...)
{DSA-652-1}
NOTE: sarge's unarj is from a different code base, probably not vulnerable
CAN-2004-1026 (Multiple integer overflows in the image handler for imlib 1.9.14 and ...)
@@ -1093,13 +1164,11 @@
NOTE: not-for-us (Kerio)
CAN-2004-1021 (iCal before 1.5.4 on Mac OS X 10.2.3, and other later versions, does ...)
NOTE: not-for-us (MacOS)
-CAN-2004-1020
- NOTE: rejected
+CAN-2004-1020 (The addslashes function in PHP 4.3.6 through 4.3.9 and 5.0.0 through ...)
- php4 4:4.3.10-1
CAN-2004-1019 (The deserialization code in PHP before 4.3.10 and PHP 5.x up to 5.0.2 ...)
- php4 4:4.3.10-1
-CAN-2004-1018
- NOTE: rejected
+CAN-2004-1018 (Multiple integer handling errors in PHP before 4.3.10 allow attackers ...)
- php4 4:4.3.10-1
CAN-2004-1017 (Multiple "overflows" in the io_edgeport driver for Linux kernel 2.4.x ...)
TODO: check with kernel team
@@ -1204,7 +1273,7 @@
- ez-ipupdate 3.0.11b8-8
CAN-2004-0979 (Internet Explorer on Windows XP does not properly modify the "Drag and ...)
NOTE: not-for-us (windows)
-CAN-2004-0978 (Unknown vulnerability in the Hrtbeat.ocx ActiveX control for Internet ...)
+CAN-2004-0978 (Heap-based buffer overflow in the Hrtbeat.ocx (Heartbeat) ActiveX ...)
NOTE: not-for-us (windows)
CAN-2004-0977 (The make_oidjoins_check script in the postgresql package allows local ...)
{DSA-577-1}
@@ -1232,7 +1301,7 @@
NOTE: sarge is not vulnerable as our version uses set -C
CAN-2004-0969 (The groffer script in the Groff package 1.18 and later versions, as ...)
- groff 1.18.1.1-2
-CAN-2004-0968 (The catchsegv script in the glibc package in Trustix Secure Linux 1.5 ...)
+CAN-2004-0968 (The catchsegv script in glibc 2.3.2 and earlier allows local users to ...)
{DSA-636-1}
- libc6 2.3.2.ds1-19
CAN-2004-0967 (The (1) pj-gs.sh, (2) ps2epsi , (3) pv.sh, and (4) sysvlp.sh scripts ...)
@@ -2136,8 +2205,7 @@
{DSA-565-1}
CAN-2004-0556
NOTE: reserved
-CAN-2004-0555
- NOTE: reserved
+CAN-2004-0555 (Buffer overflow in (1) queue.c and (2) queued.c in queue before 1.30.1 ...)
{DSA-643-1}
CAN-2004-0554 (Linux kernel 2.4.2x and 2.6.x for x86 allows local users to cause a ...)
NOTE: this was a big deal and is fixed in all current kernels
@@ -2317,8 +2385,8 @@
NOTE: not-for-us (Check Point VPN)
CAN-2004-0468 (Memory leak in Juniper JUNOS Packet Forwarding Engine (PFE) allows ...)
NOTE: not-for-us (Juniper JUNOS)
-CAN-2004-0467
- NOTE: reserved
+CAN-2004-0467 (Unknown vulnerability in Juniper JUNOS 5.x through JUNOS 7.x allows ...)
+ TODO: check
CAN-2004-0466
NOTE: reserved
CAN-2004-0465
@@ -2812,7 +2880,7 @@
NOTE: not-for-us (isakmpd in OpenBSD)
CAN-2004-0217 (The LiveUpdate capability (liveupdate.sh) in Symantec AntiVirus Scan ...)
NOTE: not-for-us (Symantec AntiVirus Scan Engine for Red Hat)
-CAN-2004-0216 (Buffer overflow in the Install Engine (inseng.dll) for Internet ...)
+CAN-2004-0216 (Integer overflow in the Install Engine (inseng.dll) for Internet ...)
NOTE: not-for-us (MSIE bug)
CAN-2004-0215 (Microsoft Outlook Express 5.5 and 6 allows attackers to cause a denial of ...)
NOTE: not-for-us (MS-Outlook-Express)