[Secure-testing-commits] r1448 - data/CAN
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Thu Jul 21 07:53:30 UTC 2005
Author: jmm-guest
Date: 2005-07-21 07:53:26 +0000 (Thu, 21 Jul 2005)
New Revision: 1448
Modified:
data/CAN/list
Log:
two new issues: freebsd and gopher
Modified: data/CAN/list
===================================================================
--- data/CAN/list 2005-07-21 07:38:21 UTC (rev 1447)
+++ data/CAN/list 2005-07-21 07:53:26 UTC (rev 1448)
@@ -1,3 +1,5 @@
+CAN-2005-XXXX [Insecure temp usage in gopher]
+ - gopher 3.0.8 (low)
CAN-2005-XXXX [fiaif: Package provided cron job updates conf files with access definitions]
NOTE: This doesn't look like a real security issue as cron.daily should only be
NOTE: writable by root, but lets include it as the maintainer considers it an issue
@@ -498,8 +500,9 @@
NOTE: not-for-us (Dragonfly)
CAN-2005-2219 (Hosting Controller 6.1 Hotfix 2.1 allows remote authenticated users to ...)
NOTE: not-for-us (Hosting Controller)
-CAN-2005-2218
+CAN-2005-2218 [freebsd: Weak permissions permit exposal of devfs nodes in jails]
NOTE: reserved
+ - kfreebsd5-source 5.3-17 (medium)
CAN-2005-2217 (Dansie Shopping Cart stores the vars.dat file under the web root with ...)
NOTE: not-for-us (Dansie Shopping Cart
CAN-2005-2216 (PHP remote file inclusion vulnerability in gals.php in PhotoGal Photo ...)
More information about the Secure-testing-commits
mailing list