[Secure-testing-commits] r1447 - data/CAN

Moritz Muehlenhoff jmm-guest at costa.debian.org
Thu Jul 21 07:38:24 UTC 2005


Author: jmm-guest
Date: 2005-07-21 07:38:21 +0000 (Thu, 21 Jul 2005)
New Revision: 1447

Modified:
   data/CAN/list
Log:
new fiaif issue
snmp dos fixed


Modified: data/CAN/list
===================================================================
--- data/CAN/list	2005-07-21 07:13:42 UTC (rev 1446)
+++ data/CAN/list	2005-07-21 07:38:21 UTC (rev 1447)
@@ -1,3 +1,7 @@
+CAN-2005-XXXX [fiaif: Package provided cron job updates conf files with access definitions]
+	NOTE: This doesn't look like a real security issue as cron.daily should only be
+	NOTE: writable by root, but lets include it as the maintainer considers it an issue
+	- faif 1.19.2-14 (low)
 CAN-2005-XXXX [Shorewall lets users which have been accepted by MAC based access control bypass the other access checks]
 	- shorewall 2.4.1-2 (medium)
 CAN-2005-XXXX [pdns: Two DoS vulnerabilities in the LDAP backend]
@@ -578,7 +582,7 @@
 	NOTE: How bizarre, they assign a CVE Id without knowing which product contains
 	NOTE: the affected probe.cgi
 CAN-2005-2177 (Unknown vulnerability in Net-SNMP 5.0.x before 5.0.10.2, 5.2.x before ...)
-	- net-snmp (unfixed; bug #318420; medium)
+	- net-snmp 5.2.1.2-1 (medium)
 CAN-2005-2176 (Novell NetMail automatically processes HTML in an attachment without ...)
 	NOTE: not-for-us (Novell NetMail)
 CAN-2005-2175 (The web interface for Lotus Notes mail automatically processes HTML in ...)




More information about the Secure-testing-commits mailing list