[Secure-testing-commits] r1404 - data/CAN
Joey Hess
joeyh at costa.debian.org
Fri Jul 15 18:23:58 UTC 2005
Author: joeyh
Date: 2005-07-15 18:23:55 +0000 (Fri, 15 Jul 2005)
New Revision: 1404
Modified:
data/CAN/list
Log:
hole in gnats and claim rest of recent cans
Modified: data/CAN/list
===================================================================
--- data/CAN/list 2005-07-15 12:50:31 UTC (rev 1403)
+++ data/CAN/list 2005-07-15 18:23:55 UTC (rev 1404)
@@ -168,7 +168,7 @@
CAN-2005-2181 (Cisco 7940/7960 Voice over IP (VoIP) phones do not properly check the ...)
NOTE: not-for-us (SIP phone hardware issue)
CAN-2005-2180 (gen-index in GNATS 4.0, 4.1.0, and possibly earlier versions, when ...)
- TODO: check
+ - gnats (unfixed; bug filed; high)
CAN-2005-2179 (PHP remote file inclusion vulnerability in BlogModel.php in Jaws 0.5.2 ...)
NOTE: not-for-us (Jaws)
CAN-2005-2178 (probe.cgi allows remote attackers to execute arbitrary commands via ...)
@@ -196,6 +196,7 @@
NOTE: not-for-us (AliveSites)
CAN-2004-2210 (Multiple cross-site scripting (XSS) vulnerabilities in Express-Web ...)
NOTE: not-for-us (Express-Web)
+begin claimed by joeyh
CAN-2004-2209 (SQL injection vulnerability in Ideal Science IdealBB 1.4.9 through ...)
TODO: check
CAN-2004-2208 (CRLF injection vulnerability in Ideal Science IdealBB 1.4.9 through ...)
@@ -306,6 +307,7 @@
TODO: check
CAN-2004-2155 (Online-bookmarks before 0.4.6 allows remote attackers to bypass its ...)
TODO: check
+end claimed by joeyh
CAN-2005-XXXX [base-config log should not be world readable]
- base-config 2.68 (low)
CAN-2005-2169 (Directory traversal vulnerability in source.php in Quick & Dirty ...)
More information about the Secure-testing-commits
mailing list