[Secure-testing-commits] r1403 - data/CAN
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Fri Jul 15 12:50:34 UTC 2005
Author: jmm-guest
Date: 2005-07-15 12:50:31 +0000 (Fri, 15 Jul 2005)
New Revision: 1403
Modified:
data/CAN/list
Log:
new snmp dos issue
Modified: data/CAN/list
===================================================================
--- data/CAN/list 2005-07-15 12:38:28 UTC (rev 1402)
+++ data/CAN/list 2005-07-15 12:50:31 UTC (rev 1403)
@@ -151,35 +151,35 @@
NOTE: not-for-us (Comersus)
CAN-2005-2189 (Lantronix SecureLinx console server running firmware 2.0 and 3.0 ...)
NOTE: not-for-us (Lantronix SecureLinx)
-begin claimed by jmm
CAN-2005-2188 (McAfee IntruShield Security Management System obtains the user ID from ...)
- TODO: check
+ NOTE: not-for-us (McAfee IntruShield)
CAN-2005-2187 (McAfee IntruShield Security Management System allows remote ...)
- TODO: check
+ NOTE: not-for-us (McAfee IntruShield)
CAN-2005-2186 (Multiple cross-site scripting (XSS) vulnerabilities in McAfee ...)
- TODO: check
+ NOTE: not-for-us (McAfee IntruShield)
CAN-2005-2185 (eRoom does not set an expiration for Cookies, which allows remote ...)
- TODO: check
+ NOTE: not-for-us (eRoom)
CAN-2005-2184 (eRoom 6.x does not properly restrict files that can be attached, which ...)
- TODO: check
+ NOTE: not-for-us (eRoom)
CAN-2005-2183 (class.xmail.php in PhpXmail 0.7 through 1.1 does not properly handle ...)
- TODO: check
+ NOTE: not-for-us (PhpXmail)
CAN-2005-2182 (Grandstream BudgeTone (BT) 100 Voice over IP (VoIP) phones do not ...)
- TODO: check
+ NOTE: not-for-us (PhpXmail)
CAN-2005-2181 (Cisco 7940/7960 Voice over IP (VoIP) phones do not properly check the ...)
- TODO: check
+ NOTE: not-for-us (SIP phone hardware issue)
CAN-2005-2180 (gen-index in GNATS 4.0, 4.1.0, and possibly earlier versions, when ...)
TODO: check
CAN-2005-2179 (PHP remote file inclusion vulnerability in BlogModel.php in Jaws 0.5.2 ...)
- TODO: check
+ NOTE: not-for-us (Jaws)
CAN-2005-2178 (probe.cgi allows remote attackers to execute arbitrary commands via ...)
- TODO: check
+ NOTE: How bizarre, they assign a CVE Id without knowing which product contains
+ NOTE: the affected probe.cgi
CAN-2005-2177 (Unknown vulnerability in Net-SNMP 5.0.x before 5.0.10.2, 5.2.x before ...)
- TODO: check
+ - net-snmp (unfixed; bug filed; medium)
CAN-2005-2176 (Novell NetMail automatically processes HTML in an attachment without ...)
- TODO: check
+ NOTE: not-for-us (Novell NetMail)
CAN-2005-2175 (The web interface for Lotus Notes mail automatically processes HTML in ...)
- TODO: check
+ NOTE: not-for-us (Notes)
CAN-2005-2174 (Bugzilla 2.17.x, 2.18 before 2.18.2, 2.19.x, and 2.20 before 2.20rc1 ...)
- bugzilla 2.18.3-1 (low)
CAN-2005-2173 (The Flag::validate and Flag::modify functions in Bugzilla 2.17.1 to ...)
@@ -189,14 +189,13 @@
CAN-2005-2171
NOTE: reserved
CAN-2005-2170 (The LCF component (lcfd) in IBM Tivoli Management Framework Endpoint ...)
- TODO: check
+ NOTE: not-for-us (Tivoli)
CAN-2004-2212 (SQL injection vulnerability in forum.asp in AliveSites Forums 2.0 ...)
- TODO: check
+ NOTE: not-for-us (AliveSites)
CAN-2004-2211 (Cross-site scripting (XSS) vulnerability in AliveSites Forums 2.0 ...)
- TODO: check
+ NOTE: not-for-us (AliveSites)
CAN-2004-2210 (Multiple cross-site scripting (XSS) vulnerabilities in Express-Web ...)
- TODO: check
-end claimed by jmm
+ NOTE: not-for-us (Express-Web)
CAN-2004-2209 (SQL injection vulnerability in Ideal Science IdealBB 1.4.9 through ...)
TODO: check
CAN-2004-2208 (CRLF injection vulnerability in Ideal Science IdealBB 1.4.9 through ...)
More information about the Secure-testing-commits
mailing list