[Secure-testing-commits] r1348 - data/CAN

Joey Hess joeyh@costa.debian.org
Thu, 07 Jul 2005 09:14:18 +0000


Author: joeyh
Date: 2005-07-07 09:14:15 +0000 (Thu, 07 Jul 2005)
New Revision: 1348

Modified:
   data/CAN/list
Log:
automatic CAN database update

Modified: data/CAN/list
===================================================================
--- data/CAN/list	2005-07-07 09:01:55 UTC (rev 1347)
+++ data/CAN/list	2005-07-07 09:14:15 UTC (rev 1348)
@@ -1,3 +1,49 @@
+CAN-2005-2169 (Directory traversal vulnerability in source.php in Quick & Dirty ...)
+	TODO: check
+CAN-2005-2168 (delete.php in Plague News System 0.6 and earlier allows remote ...)
+	TODO: check
+CAN-2005-2167 (Cross-site scripting (XSS) vulnerability in index.php in Plague News ...)
+	TODO: check
+CAN-2005-2166 (SQL injection vulnerability in index.php in Plague News System 0.6 and ...)
+	TODO: check
+CAN-2005-2165 (read.cgi in GlobalNoteScript allows remote attackers to execute ...)
+	TODO: check
+CAN-2005-2164 (SQL injection vulnerability in Covide Groupware-CRM allows remote ...)
+	TODO: check
+CAN-2005-2163 (Cross-site scripting (XSS) vulnerability in index.php in AutoIndex PHP ...)
+	TODO: check
+CAN-2005-2162 (PHP remote file inclusion vulnerability in form.inc.php3 in ...)
+	TODO: check
+CAN-2005-2161 (Cross-site scripting (XSS) vulnerability in phpBB 2.0.16 allows remote ...)
+	TODO: check
+CAN-2005-2160 (IMail stores usernames and passwords in cleartext in a cookie, which ...)
+	TODO: check
+CAN-2005-2159 (mshftp.dll in PlanetDNS PlanetFileServer 2.0.1.3 allows remote ...)
+	TODO: check
+CAN-2005-2158 (A regression error in the embedded HSQLDB in JBoss jBPM 2.0 allows ...)
+	TODO: check
+CAN-2005-2157 (PHP remote file inclusion vulnerability in survey.inc.php for nabopoll ...)
+	TODO: check
+CAN-2005-2156 (SQL injection vulnerability in news.php in PHPNews 1.2.5 allows remote ...)
+	TODO: check
+CAN-2005-2155 (PHP remote file inclusion vulnerability in EasyPHPCalendar 6.1.5 and ...)
+	TODO: check
+CAN-2005-2154 (PHP local file inclusion vulnerability in (1) view.php and (2) ...)
+	TODO: check
+CAN-2005-2153 (SQL injection vulnerability in class.ticket.php in osTicket 1.3.1 beta ...)
+	TODO: check
+CAN-2005-2152 (SQL injection vulnerability in Geeklog before 1.3.11 allows remote ...)
+	TODO: check
+CAN-2005-2151 (spf.c in Courier Mail Server does not properly handle DNS failures ...)
+	TODO: check
+CAN-2005-2150
+	NOTE: reserved
+CAN-2005-2149 (config.php in Cacti 0.8.6e and earlier allows remote attackers to set ...)
+	TODO: check
+CAN-2005-2148 (Cacti 0.8.6e and earlier does not perform proper input validation to ...)
+	TODO: check
+CAN-2005-2147 (Trac before 0.8.4 allows remote attackers to read or upload arbitrary ...)
+	TODO: check
 CAN-2005-2146 (SSH Tectia Server 4.3.1 and earlier, and SSH Secure Shell for Windows ...)
 	TODO: check
 CAN-2005-2145 (The kernel driver in Prevx Pro 2005 1.0 does not verify the source of ...)
@@ -18,7 +64,7 @@
 	TODO: check
 CAN-2005-2137 (Unknown vulnerability in NateOn Messenger 3.0 allows remote attackers ...)
 	TODO: check
-CAN-2005-2136 (DSX Raritan Console Servers DSX16, DSX32, DSX4, DSX8, and DSXA-48 set ...)
+CAN-2005-2136 (Raritan Dominion SX (DSX) Console Servers DSX16, DSX32, DSX4, DSX8, ...)
 	TODO: check
 CAN-2005-2135 (SQL injection vulnerability in verify.asp in EtoShop Dynamic Biz ...)
 	TODO: check
@@ -114,8 +160,7 @@
 	NOTE: reserved
 CAN-2005-2097
 	NOTE: reserved
-CAN-2005-2096
-	NOTE: reserved
+CAN-2005-2096 (Buffer overflow in zlib 1.2 and later versions allows remote attackers ...)
 	{DSA-740-1}
 CAN-2005-2095
 	NOTE: reserved
@@ -1252,8 +1297,8 @@
 	NOTE: reserved
 CAN-2005-1917 (kpopper 1.0 and earlier allows local users to create and overwrite ...)
 	TODO: check
-CAN-2005-1916
-	NOTE: reserved
+CAN-2005-1916 (linki.py in ekg 2005-06-05 and earlier allows local users to overwrite ...)
+	TODO: check
 CAN-2005-1915
 	NOTE: reserved
 CAN-2005-1914