[Secure-testing-commits] r1197 - sarge-checks/CAN

Moritz Muehlenhoff jmm-guest@costa.debian.org
Fri, 03 Jun 2005 22:11:03 +0000 

Author: jmm-guest
Date: 2005-06-03 22:11:00 +0000 (Fri, 03 Jun 2005)
New Revision: 1197

Modified:
   sarge-checks/CAN/list
Log:
several not-for-us, mailutils already fixed


Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list	2005-06-03 22:01:05 UTC (rev 1196)
+++ sarge-checks/CAN/list	2005-06-03 22:11:00 UTC (rev 1197)
@@ -1,61 +1,61 @@
 CAN-2005-1840 (Directory traversal vulnerability in class.layout_phpcms.php in phpCMS ...)
-	TODO: check
+	NOTE: not-for-us (phpCMS)
 CAN-2005-1839 (Multiple SQL injection vulnerabilities in Liberum Help Desk 0.97.3 ...)
-	TODO: check
+	NOTE: not-for-us (Liberum)
 CAN-2005-1838 (Multiple cross-site scripting vulnerabilities in castnewPost.asp in ...)
-	TODO: check
+	NOTE: not-for-us (Liberum)
 CAN-2005-1837 (Fortinet firewall running FortiOS 2.x contains a hardcoded uername ...)
-	TODO: check
+	NOTE: not-for-us (Fortinet firewall)
 CAN-2005-1836 (NEXTWEB (i)Site allows remote attackers to cause a denial of service ...)
-	TODO: check
+	NOTE: not-for-us (NEXTWEB)
 CAN-2005-1835 (NEXTWEB (i)Site stores databases under the web document root with ...)
-	TODO: check
+	NOTE: not-for-us (NEXTWEB)
 CAN-2005-1834 (SQL injection vulnerability in login.asp in NEXTWEB (i)Site allows ...)
-	TODO: check
+	NOTE: not-for-us (NEXTWEB)
 CAN-2005-1833 (Multiple SQL injection vulnerabilities in MyBulletinBoard (MyBB) 1.00 ...)
-	TODO: check
+	NOTE: not-for-us (MyBB)
 CAN-2005-1832 (Multiple cross-site scripting (XSS) vulnerabilities in MyBulletinBoard ...)
-	TODO: check
+	NOTE: not-for-us (MyBB)
 CAN-2005-1831 (Sudo 1.6.8p7 on SuSE Linux 9.3, and possibly other Linux ...)
 	TODO: check
 CAN-2005-1830 (The DbgMsg.sys driver in Compuware SoftICE DriverStudio 3.1 and 3.2 ...)
-	TODO: check
+	NOTE: not-for-us (SoftICE)
 CAN-2005-1829 (Microsoft Internet Explorer 6 SP2 allows remote attackers to cause a ...)
-	TODO: check
+	NOTE: not-for-us (Microsoft)
 CAN-2005-1828 (D-Link DSL-504T stores usernames and passwords in cleartext in the ...)
-	TODO: check
+	NOTE: not-for-us (D-Link hardware issue)
 CAN-2005-1827 (D-Link DSL-504T allows remote attackers to bypass authentication and ...)
-	TODO: check
+	NOTE: not-for-us (D-Link hardware issue)
 CAN-2005-1826 (Buffer overflow in HP Radia Notify Daemon 3.1.0.0 (formerly by ...)
-	TODO: check
+	NOTE: not-for-us (HP Radia)
 CAN-2005-1825 (Multiple stack-based buffer overflows in the nvd_exec function in HP ...)
-	TODO: check
+	NOTE: not-for-us (HP Radia)
 CAN-2005-1824 (The sql_escape_string function in auth/sql.c for the mailutils SQL ...)
-	TODO: check
+	- mailutils 1:0.6.1-2
 CAN-2005-1823 (Multiple cross-site scripting (XSS) vulnerabilities in Qualiteam ...)
-	TODO: check
+	NOTE: not-for-us (Qualiteam X-Cart)
 CAN-2005-1822 (Multiple SQL injection vulnerabilities in Qualiteam X-Cart 4.0.8 allow ...)
-	TODO: check
+	NOTE: not-for-us (Qualiteam X-Cart)
 CAN-2005-1821 (PHP remote code injection vulnerability in pdl_header.inc.php in ...)
-	TODO: check
+	NOTE: not-for-us (PowerDownload)
 CAN-2005-1820 (zboard.php in Zeroboard version 4.1pl2 to 4.1pl5 allows remote ...)
-	TODO: check
+	NOTE: not-for-us (Zeroboard)
 CAN-2005-1819 (Cross-site scripting (XSS) vulnerability in NikoSoft WebMail before ...)
-	TODO: check
+	NOTE: not-for-us (NikoSoft WebMail)
 CAN-2005-1818 (Multiple SQL injection vulnerabilities in NewLife Blogger before 3.3.1 ...)
-	TODO: check
+	NOTE: not-for-us (NewLife Blogger)
 CAN-2005-1817 (Invision Power Board (IPB) 1.0 through 1.3 allows remote attackers to ...)
-	TODO: check
+	NOTE: not-for-us (Invision Power Board)
 CAN-2005-1816 (Invision Power Board (IPB) 1.0 through 2.0.4 allows non-root admins to ...)
-	TODO: check
+	NOTE: not-for-us (Invision Power Board)
 CAN-2005-1815 (Multiple buffer overflows in Hummingbird Connectivity inetD 10.0.0.1 ...)
-	TODO: check
+	NOTE: not-for-us (Hummingbird Connectivity)
 CAN-2005-1814 (Stack-based buffer overflow in PicoWebServer 1.0 allows remote ...)
-	TODO: check
+	NOTE: not-for-us (PicoWebServer)
 CAN-2005-1813 (Directory traversal vulnerability in FutureSoft TFTP Server Evaluation ...)
-	TODO: check
+	NOTE: not-for-us (FutureSoft TFTP Server)
 CAN-2005-1812 (Multiple stack-based buffer overflows in FutureSoft TFTP Server ...)
-	TODO: check
+	NOTE: not-for-us (FutureSoft TFTP Server)
 CAN-2005-XXXX [Privilege escalation in Drupal]
 	- drupal 4.5.3-1
 CAN-2005-1811 (Cross-site scripting (XSS) vulnerability in usercp.php for ...)