[Secure-testing-commits] r1322 - data/CAN
Moritz Muehlenhoff
jmm-guest@costa.debian.org
Sat, 02 Jul 2005 22:10:38 +0000
Author: jmm-guest
Date: 2005-07-02 22:10:35 +0000 (Sat, 02 Jul 2005)
New Revision: 1322
Modified:
data/CAN/list
Log:
multiple new cacti vulns
claim a block
Modified: data/CAN/list
===================================================================
--- data/CAN/list 2005-07-02 19:13:13 UTC (rev 1321)
+++ data/CAN/list 2005-07-02 22:10:35 UTC (rev 1322)
@@ -1,3 +1,6 @@
+CAN-2005-XXXX [cacti: Multiple further SQL injection, auth bypass and remote command execution issues]
+ - cacti 0.8.6f-1 (high)
+begin claimed by jmm
CAN-2005-2116 (Unknown vulnerability in the third-party XML-RPC library in Drupal ...)
TODO: check
CAN-2005-2115 (Soldier of Fortune II 1.02x and 1.03 allows remote attackers to cause ...)
@@ -110,6 +113,7 @@
TODO: check
CAN-2004-2138 (Cross-site scripting (XSS) vulnerability in AWSguest.php in ...)
TODO: check
+end claimed by jmm
CAN-2005-XXXX [proftpd: format string vulnerability in mod_sql's SQLShowInfo]
- proftpd 1.2.10-20 (medium)
CAN-2005-XXXX [XSS, SQL injection and other issues in Wordpress]