[Secure-testing-commits] r1192 - sarge-checks/CAN
Joey Hess
joeyh@costa.debian.org
Thu, 02 Jun 2005 21:14:26 +0000
Author: joeyh
Date: 2005-06-02 21:14:22 +0000 (Thu, 02 Jun 2005)
New Revision: 1192
Modified:
sarge-checks/CAN/list
Log:
automatic CAN database update
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-06-02 12:35:41 UTC (rev 1191)
+++ sarge-checks/CAN/list 2005-06-02 21:14:22 UTC (rev 1192)
@@ -1,70 +1,70 @@
CAN-2005-XXXX [Privilege escalation in Drupal]
- - drupal 4.5.3-1
+ - drupal 4.5.3-1
CAN-2005-1811 (Cross-site scripting (XSS) vulnerability in usercp.php for ...)
- NOTE: not-for-us (MyBB)
+ NOTE: not-for-us (MyBB)
CAN-2005-1810 (SQL injection vulnerability in template-functions-category.php in ...)
NOTE: Not in Sarge
- wordpress 1.5.1.2-1
CAN-2005-1809 (Sony Ericsson P900 Beamer allows remote attackers to cause a denial of ...)
- NOTE: not-for-us (Sony hardware issue)
+ NOTE: not-for-us (Sony hardware issue)
CAN-2005-1808 (Firefly Studios Stronghold 2 1.2 and earlier allows remote attackers ...)
- NOTE: not-for-us (Stronghold game)
+ NOTE: not-for-us (Stronghold game)
CAN-2005-1807 (The Data function in class.smtp.php in PHPMailer 1.7.2 and earlier ...)
- NOTE: not-for-us (PHPMailer)
+ NOTE: not-for-us (PHPMailer)
CAN-2005-1806 (Format string vulnerability in PeerCast 0.1211 and earlier allows ...)
- NOTE: not-for-us (PeerCast)
+ NOTE: not-for-us (PeerCast)
CAN-2005-1805 (SQL injection vulnerability in login.asp in an unknown product by ...)
- NOTE: not-for-us (Online Solutions for Educators)
+ NOTE: not-for-us (Online Solutions for Educators)
CAN-2005-1804 (Multiple SQL injection vulnerabilities in Net Portal Dynamic System ...)
- NOTE: not-for-us (Net Portal Dynamic System)
+ NOTE: not-for-us (Net Portal Dynamic System)
CAN-2005-1803 (Multiple cross-site scripting (XSS) vulnerabilities in Net Portal ...)
- NOTE: not-for-us (Net Portal Dynamic System)
+ NOTE: not-for-us (Net Portal Dynamic System)
CAN-2005-1802 (Nortel VPN Router (aka Contivity) allows remote attackers to cause a ...)
- NOTE: not-for-us (Nortel hardware)
+ NOTE: not-for-us (Nortel hardware)
CAN-2005-1801 (The vCard viewer in Nokia 9500 allows attackers to cause a denial of ...)
- NOTE: not-for-us (Nokia hardware)
+ NOTE: not-for-us (Nokia hardware)
CAN-2005-1800 (Cross-site scripting (XSS) vulnerability in Jaws Glossary gadget 0.4 ...)
- NOTE: not-for-us (Jaws glossary gadget)
+ NOTE: not-for-us (Jaws glossary gadget)
CAN-2005-1799 (Cross-site scripting (XSS) vulnerability in FreeStyle Wiki 3.5.7 and ...)
- NOTE: not-for-us (FreeStyle Wiki)
+ NOTE: not-for-us (FreeStyle Wiki)
CAN-2005-1798 (Directory traversal vulnerability in ServersCheck Monitoring Software ...)
- NOTE: not-for-us (ServersCheck)
+ NOTE: not-for-us (ServersCheck)
CAN-2005-1797 (The design of Advanced Encryption Standard (AES), aka Rijndael, allows ...)
- NOTE: Cryptographic attack on AES, cannot be fixed
+ NOTE: Cryptographic attack on AES, cannot be fixed
CAN-2005-1796 (Format string vulnerability in the curses_msg function in the Ncurses ...)
- - ettercap (unfixed; bug #311615)
+ - ettercap (unfixed; bug #311615)
CAN-2005-1795 (The filecopy function in misc.c in Clam AntiVirus (ClamAV) before ...)
- NOTE: not-for-us (ClamAV on Mac OS X)
+ NOTE: not-for-us (ClamAV on Mac OS X)
CAN-2005-1794 (Microsoft Terminal Server using Remote Desktop Protocol (RDP) 5.2 ...)
- NOTE: not-for-us (Microsoft)
+ NOTE: not-for-us (Microsoft)
CAN-2005-1793 (User32.DLL in Microsoft Windows 98SE, and possibly other operating ...)
- NOTE: not-for-us (Microsoft)
+ NOTE: not-for-us (Microsoft)
CAN-2005-1792 (Memory leak in Windows Management Instrumentation (WMI) service allows ...)
- NOTE: not-for-us (Microsoft)
+ NOTE: not-for-us (Microsoft)
CAN-2005-1791 (Microsoft Internet Explorer 6 SP2 (6.0.2900.2180) crashes when the ...)
- NOTE: not-for-us (Microsoft)
+ NOTE: not-for-us (Microsoft)
CAN-2005-1790 (Microsoft Internet Explorer 6 SP2 6.0.2900.2180 and 6.0.2800.1106 ...)
- NOTE: not-for-us (Microsoft)
+ NOTE: not-for-us (Microsoft)
CAN-2005-1789 (SQL injection vulnerability in SignIn.asp in India Software Solution ...)
- NOTE: not-for-us (India Software Solution shopping cart)
+ NOTE: not-for-us (India Software Solution shopping cart)
CAN-2005-1788 (SQL injection vulnerability in resellerresources.asp in Hosting ...)
- NOTE: not-for-us (Hosting Controller)
+ NOTE: not-for-us (Hosting Controller)
CAN-2005-1787 (setup.php in phpStat 1.5 allows remote attackers to bypass ...)
- NOTE: not-for-us (phpStat)
+ NOTE: not-for-us (phpStat)
CAN-2005-1786 (SQL injection vulnerability in admin.asp in FunkyASP AD System 1.1 ...)
- NOTE: not-for-us (FunkyASP)
+ NOTE: not-for-us (FunkyASP)
CAN-2005-1785 (SQL injection vulnerability in ad/login.asp in ZonGG 1.2 allows remote ...)
- NOTE: not-for-us (ZonGG)
+ NOTE: not-for-us (ZonGG)
CAN-2005-1784 (Hosting Controller 6.1 HotFix 2.0 and earlier allows remote attackers ...)
- NOTE: not-for-us (Hosting Controller)
+ NOTE: not-for-us (Hosting Controller)
CAN-2005-1783 (BookReview beta 1.0 allows remote attackers to obtain the path of the ...)
- NOTE: not-for-us (BookReview)
+ NOTE: not-for-us (BookReview)
CAN-2005-1782 (Multiple cross-site scripting (XSS) vulnerabilities in BookReview beta ...)
- NOTE: not-for-us (BookReview)
+ NOTE: not-for-us (BookReview)
CAN-2005-1781 (Unknown vulnerability in SMTP authentication for MailEnable allows ...)
- NOTE: not-for-us (MailEnable)
+ NOTE: not-for-us (MailEnable)
CAN-2005-1780 (SQL injection vulnerability in admin/login.asp in Active News Manager ...)
- NOTE: not-for-us (Active News Manager)
+ NOTE: not-for-us (Active News Manager)
CAN-2005-1779 (SQL injection vulnerability in password.asp in MaxWebPortal 1.35, ...)
NOTE: not-for-us (MaxWebPortal)
CAN-2005-1778 (Cross-site scripting (XSS) vulnerability in readpmsg.php in PostNuke ...)
@@ -76,7 +76,7 @@
CAN-2005-1775 (Terminator 3: War of the Machines 1.16 and earlier allows remote ...)
NOTE: not-for-us (Terminator game)
CAN-2005-1774 (WEB-DAV Linux File System (davfs2) 0.2.3 does not properly enforce ...)
- - davfs2 (unfixed; bug #310757)
+ - davfs2 (unfixed; bug #310757)
CAN-2005-1773 (Multiple unknown vulnerabilities in L-Soft LISTSERV 14.3, 1.8e, and ...)
NOTE: not-for-us (Listserv)
CAN-2005-1772 (Buffer overflow in the client cd-key hash in Terminator 3: War of the ...)
@@ -128,7 +128,7 @@
CAN-2004-2131 (Stack-based buffer overflow in ontape for IBM Informix Dynamic Server ...)
NOTE: not-for-us (Informix Dynamic Server)
CAN-2004-2130 (Multiple cross-site scripting (XSS) vulnerabilities in privmsg.php in ...)
- - phpbb2 2.0.6d-2
+ - phpbb2 2.0.6d-2
CAN-2004-2129 (SurfNOW 2.2 allows remote attackers to cause a denial of service ...)
NOTE: not-for-us (SurfNOW)
CAN-2004-2128 (Cross-site scripting (XSS) vulnerability in BRS WebWeaver 1.07 allows ...)
@@ -140,7 +140,7 @@
CAN-2004-2125 (Buffer overflow in blackd.exe for BlackICE PC Protection 3.6 and ...)
NOTE: not-for-us (BlackICE)
CAN-2004-2124 (The register_globals simulation capability in Gallery 1.3.1 through ...)
- - gallery 1.4.4-pl1-1
+ - gallery 1.4.4-pl1-1
CAN-2004-2123 (Multiple cross-site scripting (XSS) vulnerabilities in Nextplace.com ...)
NOTE: not-for-us (Nextplace)
CAN-2004-2122 (Cross-site scripting (XSS) vulnerability in intraforum_db.cgi in Intra ...)
@@ -199,13 +199,13 @@
CAN-2004-2096 (Cross-site scripting (XSS) vulnerability in Mephistoles httpd 0.6.0 ...)
NOTE: not-for-us (Mephistoles)
CAN-2004-2095 (Honeyd before 0.8 replies to TCP packets with the SYN and RST flags ...)
- - honeyd 0.8-1
+ - honeyd 0.8-1
CAN-2004-2094 (Cross-site scripting (XSS) vulnerability in WebcamXP 1.06.945 allows ...)
NOTE: not-for-us (WebcamXP)
CAN-2003-1216 (SQL injection vulnerability in search.php for phpBB 2.0.6 and earlier ...)
- - phpbb2 2.0.8a-1
+ - phpbb2 2.0.8a-1
CAN-2003-1215 (SQL injection vulnerability in groupcp.php for phpBB 2.0.6 and earlier ...)
- - phpbb2 2.0.8a-1
+ - phpbb2 2.0.8a-1
CAN-2002-1665 (Buffer overflow in Yahoo! Messenger before February 2002 allows remote ...)
NOTE: not-for-us (Yahoo Messenger)
CAN-2002-1664 (Yahoo! Messenger before February 2002 allows remote attackers to add ...)