[Secure-testing-commits] r1213 - sarge-checks/CAN
Joey Hess
joeyh@costa.debian.org
Thu, 09 Jun 2005 09:14:22 +0000
Author: joeyh
Date: 2005-06-09 09:14:19 +0000 (Thu, 09 Jun 2005)
New Revision: 1213
Modified:
sarge-checks/CAN/list
Log:
automatic CAN database update
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-06-09 09:01:32 UTC (rev 1212)
+++ sarge-checks/CAN/list 2005-06-09 09:14:19 UTC (rev 1213)
@@ -1,3 +1,141 @@
+CAN-2005-1930
+ NOTE: reserved
+CAN-2005-1929
+ NOTE: reserved
+CAN-2005-1928
+ NOTE: reserved
+CAN-2005-1927
+ NOTE: reserved
+CAN-2005-1926
+ NOTE: reserved
+CAN-2005-1925
+ NOTE: reserved
+CAN-2005-1924
+ NOTE: reserved
+CAN-2005-1923
+ NOTE: reserved
+CAN-2005-1922
+ NOTE: reserved
+CAN-2005-1921
+ NOTE: reserved
+CAN-2005-1920
+ NOTE: reserved
+CAN-2005-1919
+ NOTE: reserved
+CAN-2005-1918
+ NOTE: reserved
+CAN-2005-1917
+ NOTE: reserved
+CAN-2005-1916
+ NOTE: reserved
+CAN-2005-1915
+ NOTE: reserved
+CAN-2005-1914
+ NOTE: reserved
+CAN-2005-1913
+ NOTE: reserved
+CAN-2005-1912
+ NOTE: reserved
+CAN-2005-1911 (The fetchnews NNTP client in leafnode 1.11.2 and earlier can hang ...)
+ TODO: check
+CAN-2005-1910 (SQL injection vulnerability in login.asp for WWWeb Concepts Events ...)
+ TODO: check
+CAN-2005-1909 (The web server control panel in 602LAN SUITE 2004 allows remote ...)
+ TODO: check
+CAN-2005-1908 (Perception LiteWeb allows remote attackers to bypass access controls ...)
+ TODO: check
+CAN-2005-1907 (The ISA Firewall service in Microsoft Internet Security and ...)
+ TODO: check
+CAN-2005-1906 (SQL injection vulnerability in login.asp in livingmailing 1.3 allows ...)
+ TODO: check
+CAN-2005-1905 (The klif.sys driver in Kaspersky Labs Anti-Virus 5.0.227, 5.0.228, and ...)
+ TODO: check
+CAN-2005-1904 (SQL injection vulnerability in login.asp in JiRo's Upload System (JUS) ...)
+ TODO: check
+CAN-2005-1903 (Buffer overflow in the IMAP service for SPA-PRO Mail @Solomon 4.00 ...)
+ TODO: check
+CAN-2005-1902 (Directory traversal vulnerability in the IMAP service for SPA-PRO Mail ...)
+ TODO: check
+CAN-2005-1901 (Multiple cross-site scripting (XSS) vulnerabilities in Sawmill before ...)
+ TODO: check
+CAN-2005-1900 (Multiple unknown vulnerabilities in Sawmill before 7.1.6 allow remote ...)
+ TODO: check
+CAN-2005-1899 (Rakkarsoft RakNet network library 2.33 and earlier, when released ...)
+ TODO: check
+CAN-2005-1898 (The passthrough functionality in phpThumb.php in phpThumb() before ...)
+ TODO: check
+CAN-2005-1897 (Unknown vulnerability in FlexCast Audio Video Streaming Server before ...)
+ TODO: check
+CAN-2005-1896 (Directory traversal vulnerability in thumb.php in FlatNuke 2.5.3 ...)
+ TODO: check
+CAN-2005-1895 (Cross-site scripting (XSS) vulnerability in FlatNuke 2.5.3 allows ...)
+ TODO: check
+CAN-2005-1894 (Direct code injection vulnerability in FlatNuke 2.5.3 allows remote ...)
+ TODO: check
+CAN-2005-1893 (FlatNuke 2.5.3 allows remote attackers to obtain sensitive information ...)
+ TODO: check
+CAN-2005-1892 (FlatNuke 2.5.3 allows remote attackers to cause a denial of service or ...)
+ TODO: check
+CAN-2005-1891 (The GIF parser in ateimg32.dll in AOL Instant Messenger (AIM) 5.9.3797 ...)
+ TODO: check
+CAN-2005-1890 (Unknown vulnerability in Mortiforo before 0.9.1 allows users to access ...)
+ TODO: check
+CAN-2005-1889 (Unknown vulnerability in Sun ONE Application Server 6.5 SP1 ...)
+ TODO: check
+CAN-2005-1888 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.5 ...)
+ TODO: check
+CAN-2005-1887 (Unknown vulnerability in the Sun Solaris C library (libc and ...)
+ TODO: check
+CAN-2005-1886 (Cross-site scripting (XSS) vulnerability in view.php in YaPiG 0.92b, ...)
+ TODO: check
+CAN-2005-1885 (view.php in YaPiG 0.92b, 0.93u and 0.94u allows remote attackers to ...)
+ TODO: check
+CAN-2005-1884 (Directory traversal vulnerability in the (1) rmdir or (2) mkdir ...)
+ TODO: check
+CAN-2005-1883 (global.php in YaPiG 0.92b allows remote attackers to include arbitrary ...)
+ TODO: check
+CAN-2005-1882 (PHP remote code injection vulnerability in last_gallery.php in YaPiG ...)
+ TODO: check
+CAN-2005-1881 (upload.php in YaPiG 0.92b, 0.93u and 0.94u does not properly restrict ...)
+ TODO: check
+CAN-2005-1880 (everybuddy 0.4.3 and earlier allows local users to overwrite arbitrary ...)
+ TODO: check
+CAN-2005-1879 (LutelWall 0.97 and earlier allows local users to overwrite arbitrary ...)
+ TODO: check
+CAN-2005-1878 (GIPTables Firewall 1.1 and earlier allows local users to overwrite ...)
+ TODO: check
+CAN-2005-1877 (Cross-site scripting (XSS) vulnerability in view_ticket.php in Lpanel ...)
+ TODO: check
+CAN-2005-1876 (Direct code injection vulnerability in CuteNews 1.3.6 and earlier ...)
+ TODO: check
+CAN-2005-1875 (Multiple SQL injection vulnerabilities in list.php in Exhibit Engine ...)
+ TODO: check
+CAN-2005-1874 (Directory traversal vulnerability in Dzip before 2.9 allows remote ...)
+ TODO: check
+CAN-2005-1873 (Multiple buffer overflows in Crob FTP 3.6.1, and possibly earlier ...)
+ TODO: check
+CAN-2005-1872 (Buffer overflow in the administrative console in IBM WebSphere ...)
+ TODO: check
+CAN-2005-1871 (Unknown vulnerability in the privilege system in Drupal 4.4.0 through ...)
+ TODO: check
+CAN-2005-1870 (PHP remote code injection vulnerability in childwindow.inc.php in ...)
+ TODO: check
+CAN-2005-1869 (PHP remote code injection vulnerability in start_lobby.php in MWChat ...)
+ TODO: check
+CAN-2005-1868 (I-Man 0.9, and possibly earlier versions, allows remote attackers to ...)
+ TODO: check
+CAN-2005-1867 (Symantec Brightmail AntiSpam before 6.0.2 has a hard-coded database ...)
+ TODO: check
+CAN-2005-1866 (Cross-site scripting (XSS) vulnerability in calendar.php in Calendarix ...)
+ TODO: check
+CAN-2005-1865 (Multiple SQL injection vulnerabilities in Calendarix Advanced 1.5 ...)
+ TODO: check
+CAN-2005-1864 (PHP remote code injection vulnerability in cal_admintop.php in ...)
+ TODO: check
+CAN-2003-1218
+ NOTE: reserved
+CAN-2003-1217
+ NOTE: reserved
CAN-2005-XXXX [Minor DoS through malicous NNTP servers in leafnode's fetchnews]
- leafnode 1.11.3.rel-1
CAN-2005-1863
@@ -52,7 +190,7 @@
- websieve (unfixed; bug #311838)
CAN-2005-1840 (Directory traversal vulnerability in class.layout_phpcms.php in phpCMS ...)
NOTE: not-for-us (phpCMS)
-CAN-2005-1839 (Multiple SQL injection vulnerabilities in Liberum Help Desk 0.97.3 ...)
+CAN-2005-1839 (Multiple SQL injection vulnerabilities in Doug Luxem Liberum Help Desk ...)
NOTE: not-for-us (Liberum)
CAN-2005-1838 (Multiple cross-site scripting vulnerabilities in castnewPost.asp in ...)
NOTE: not-for-us (Liberum)
@@ -3634,7 +3772,7 @@
CAN-2005-0752 [PLUGINSPAGE privileged javascript execution in Firefox]
- mozilla-firefox 1.0.3-1
CAN-2005-0751
- NOTE: reserved
+ NOTE: rejected
CAN-2005-0750 [Linux kernel af_bluetooth range check flaw; possibly local root]
- kernel-source-2.4.27-10
- kernel-source-2.6.8 2.6.8-16
@@ -5157,7 +5295,7 @@
NOTE: fix in -4 was broken
- kdelibs 3.3.2-6
CAN-2005-0395
- NOTE: reserved
+ NOTE: rejected
CAN-2005-0394
NOTE: reserved
CAN-2005-0393
@@ -5861,7 +5999,7 @@
- kernel-source-2.6.8 2.6.8-14
- kernel-source-2.6.11 2.6.11-1
CAN-2005-0203
- NOTE: reserved
+ NOTE: rejected
CAN-2005-0202 (Directory traversal vulnerability in the true_path function in ...)
{DSA-674-1}
- mailman 2.1.5-6