[Secure-testing-commits] r1447 - data/CAN
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Thu Jul 21 07:38:24 UTC 2005
Author: jmm-guest
Date: 2005-07-21 07:38:21 +0000 (Thu, 21 Jul 2005)
New Revision: 1447
Modified:
data/CAN/list
Log:
new fiaif issue
snmp dos fixed
Modified: data/CAN/list
===================================================================
--- data/CAN/list 2005-07-21 07:13:42 UTC (rev 1446)
+++ data/CAN/list 2005-07-21 07:38:21 UTC (rev 1447)
@@ -1,3 +1,7 @@
+CAN-2005-XXXX [fiaif: Package provided cron job updates conf files with access definitions]
+ NOTE: This doesn't look like a real security issue as cron.daily should only be
+ NOTE: writable by root, but lets include it as the maintainer considers it an issue
+ - faif 1.19.2-14 (low)
CAN-2005-XXXX [Shorewall lets users which have been accepted by MAC based access control bypass the other access checks]
- shorewall 2.4.1-2 (medium)
CAN-2005-XXXX [pdns: Two DoS vulnerabilities in the LDAP backend]
@@ -578,7 +582,7 @@
NOTE: How bizarre, they assign a CVE Id without knowing which product contains
NOTE: the affected probe.cgi
CAN-2005-2177 (Unknown vulnerability in Net-SNMP 5.0.x before 5.0.10.2, 5.2.x before ...)
- - net-snmp (unfixed; bug #318420; medium)
+ - net-snmp 5.2.1.2-1 (medium)
CAN-2005-2176 (Novell NetMail automatically processes HTML in an attachment without ...)
NOTE: not-for-us (Novell NetMail)
CAN-2005-2175 (The web interface for Lotus Notes mail automatically processes HTML in ...)
More information about the Secure-testing-commits
mailing list