[Secure-testing-commits] r1228 - data/CAN

Moritz Muehlenhoff jmm-guest@costa.debian.org
Wed, 15 Jun 2005 09:34:43 +0000 

Author: jmm-guest
Date: 2005-06-15 09:34:40 +0000 (Wed, 15 Jun 2005)
New Revision: 1228

Modified:
   data/CAN/list
Log:
lots of not-for-us


Modified: data/CAN/list
===================================================================
--- data/CAN/list	2005-06-15 09:20:20 UTC (rev 1227)
+++ data/CAN/list	2005-06-15 09:34:40 UTC (rev 1228)
@@ -1,75 +1,73 @@
-begin claimed by jmm
 CAN-2005-1975 (Multiple cross-site scripting (XSS) vulnerabilities in Annuaire 1Two ...)
-	TODO: check
+	NOTE: not-for-us (Annuaire)
 CAN-2005-1974 (Unknown vulnerability in Java 2 Platform, Standard Edition (J2SE) 5.0 ...)
-	TODO: check
+	NOTE: not-for-us (Sun Java)
 CAN-2005-1973 (Java Web Start in Java 2 Platform Standard Edition (J2SE) 5.0 and 5.0 ...)
-	TODO: check
+	NOTE: not-for-us (Sun Java)
 CAN-2005-1972 (Multiple SQL injection vulnerabilities in InteractivePHP FusionBB .11 ...)
-	TODO: check
+	NOTE: not-for-us (InteractivePHP FusionBB)
 CAN-2005-1971 (Directory traversal vulnerability in InteractivePHP FusionBB .11 Beta ...)
-	TODO: check
+	NOTE: not-for-us (InteractivePHP FusionBB)
 CAN-2005-1970 (Symantec pcAnywhere 10.5x and 11.x before 11.5, with "Launch with ...)
-	TODO: check
+	NOTE: not-for-us (pcAnywhere)
 CAN-2005-1969 (Cross-site scripting (XSS) vulnerability in Pragma Systems ...)
-	TODO: check
+	NOTE: not-for-us (Pragma Telnetserver)
 CAN-2005-1968 (Cross-site scripting (XSS) vulnerability in ProductCart Ecommerce ...)
-	TODO: check
+	NOTE: not-for-us (ProductCart Ecommerce)
 CAN-2005-1967 (Multiple SQL injection vulnerabilities in ProductCart Ecommerce before ...)
-	TODO: check
+	NOTE: not-for-us (ProductCart Ecommerce)
 CAN-2005-1966 (The eTrace_validaddr function in eTrace plugin for e107 portal allows ...)
-	TODO: check
+	NOTE: not-for-us (e107)
 CAN-2005-1965 (PHP remote code injection vulnerability in siteframe.php for Broadpool ...)
-	TODO: check
+	NOTE: not-for-us (Broadpool Siteframe)
 CAN-2005-1964 (PHP remote code injection vulnerability in utilit.php for Ovidentia ...)
-	TODO: check
+	NOTE: not-for-us (Ovidentia Portal)
 CAN-2005-1963 (Cerberus Helpdesk 0.97.3 allows remote attackers to obtain sensitive ...)
-	TODO: check
+	NOTE: not-for-us (Cerberus Helpdesk)
 CAN-2005-1962 (Cross-site scripting (XSS) vulnerability in Cerberus Helpdesk 0.97.3 ...)
-	TODO: check
+	NOTE: not-for-us (Cerberus Helpdesk)
 CAN-2005-1961 (Unknown vulnerability in ObjectWeb Consortium C-JDBC before 1.3.1 ...)
-	TODO: check
+	NOTE: not-for-us (C-JDBC)
 CAN-2005-1960 (The getemails function in C.J. Steele Tattle allows remote attackers ...)
-	TODO: check
+	NOTE: not-for-us (C.J. Steele Tattle)
 CAN-2005-1959 (jammail.pl in jamchen JamMail 1.8 allows remote attackers to execute ...)
-	TODO: check
+	NOTE: not-for-us (JamMail)
 CAN-2005-1958 (Backup Manager 0.5.7 and earlier creates archives with insecure ...)
 	TODO: check
 CAN-2005-1957 (File Upload Manager does not properly check user authentication for ...)
-	TODO: check
+	NOTE: not-for-us (File Upload Manager)
 CAN-2005-1956 (File Upload Manager allows remote attackers to upload arbitrary files ...)
-	TODO: check
+	NOTE: not-for-us (File Upload Manager)
 CAN-2005-1955 (Cross-site scripting (XSS) vulnerability in index.php in singapore ...)
-	TODO: check
+	NOTE: not-for-us (singapore)
 CAN-2005-1954 (singapore 0.9.11 allows remote attackers to obtain sensitive ...)
-	TODO: check
+	NOTE: not-for-us (singapore)
 CAN-2005-1953 (Heap-based buffer overflow in the CGI extension for Pico Server ...)
-	TODO: check
+	NOTE: not-for-us (Pico Server)
 CAN-2005-1952 (Directory traversal vulnerability in Pico Server (pServ) 3.3 allows ...)
-	TODO: check
+	NOTE: not-for-us (Pico Server)
 CAN-2005-1951 (Multiple HTTP Response Splitting vulnerabilities in osCommerce 2.2 ...)
-	TODO: check
+	NOTE: not-for-us (osCommerce)
 CAN-2005-1950 (hints.pl in Webhints 1.03 allows remote attackers to execute arbitrary ...)
-	TODO: check
+	NOTE: not-for-us (Webhints)
 CAN-2005-1949 (The eping_validaddr function in functions.php for the eping plugin for ...)
-	TODO: check
+	NOTE: not-for-us (e107)
 CAN-2005-1948 (Multiple SQL injection vulnerabilities in Invision Gallery before ...)
-	TODO: check
+	NOTE: not-for-us (Invision Gallery)
 CAN-2005-1947 (Cross-site request forgery (CSRF) vulnerability in Invision Gallery ...)
-	TODO: check
+	NOTE: not-for-us (Invision Gallery)
 CAN-2005-1946 (Multiple SQL injection vulnerabilities in Invision Blog before 1.1.2 ...)
-	TODO: check
+	NOTE: not-for-us (Invision Blog)
 CAN-2005-1945 (Cross-site scripting (XSS) vulnerability in the convert_highlite_words ...)
-	TODO: check
+	NOTE: not-for-us (Invision Blog)
 CAN-2005-1944 (xmysqladmin 1.0 and earlier allows local users to delete arbitrary ...)
-	TODO: check
+	NOTE: not-for-us (xmysqladmin)
 CAN-2005-1943 (Multiple SQL injection vulnerabilities in Loki download manager 2.0 ...)
-	TODO: check
+	NOTE: not-for-us (Loki download manager)
 CAN-2005-1942 (Cisco switches that support 802.1x security allow remote attackers to ...)
-	TODO: check
+	NOTE: not-for-us (Cisco hardware issue)
 CAN-2005-1941 (SilverCity before 0.9.5-r1 installs (1) cgi-styler-form.py, (2) ...)
-	TODO: check
-end claimed by jmm
+	NOTE: not-for-us (SilverCity)
 CAN-2005-1940
 	NOTE: reserved
 CAN-2005-1939
@@ -79,7 +77,7 @@
 CAN-2005-1937 (A regression error in Firefox 1.0.3 and Mozilla 1.7.7 allows remote ...)
 	TODO: check
 CAN-2004-2137 (Outlook Express 6.0, when sending multipart e-mail messages using the ...)
-	TODO: check
+	NOTE: not-for-us (Microsoft)
 CAN-2005-1936 (Unknown vulnerability in the web server for the ESS/ Network ...)
 	NOTE: not-for-us (Xerox hardware issue)
 CAN-2005-1935 (Heap-based buffer overflow in the BERDecBitString function in ...)
@@ -453,11 +451,11 @@
 CAN-2005-1759
 	NOTE: reserved
 CAN-2005-1758 (Buffer overflow in the IMAP command continuation function in Novell ...)
-	TODO: check
+	NOTE: not-for-us (Novell)
 CAN-2005-1757 (Buffer overflow in the Modweb agent for Novell NetMail 3.52 before ...)
-	TODO: check
+	NOTE: not-for-us (Novell)
 CAN-2005-1756 (Cross-site scripting (XSS) vulnerability in the ModWeb agent for ...)
-	TODO: check
+	NOTE: not-for-us (Novell)
 CAN-2005-1751 (Race condition in shtool 2.0.1 and earlier allows local users to ...)
 	- shtool 2.0.1-2
 CAN-2004-2136 (dm-crypt on Linux kernel 2.6.x, when used on certain file systems ...)
@@ -615,23 +613,23 @@
 CAN-2005-1729
 	NOTE: reserved
 CAN-2005-1728 (MCX Client for Apple Mac OS X 10.4.x up to 10.4.1 insecurely logs ...)
-	TODO: check
+	NOTE: not-for-us (Apple)
 CAN-2005-1727 (Apple Mac OS X 10.4.x up to 10.4.1 sets insecure world- and ...)
-	TODO: check
+	NOTE: not-for-us (Apple)
 CAN-2005-1726
 	NOTE: reserved
 CAN-2005-1725 (launchd 106 in Apple Mac OS X 10.4.x up to 10.4.1 allows local users ...)
-	TODO: check
+	NOTE: not-for-us (Apple)
 CAN-2005-1724 (NFS on Apple Mac OS X 10.4.x up to 10.4.1 does not properly obey the ...)
-	TODO: check
+	NOTE: not-for-us (Apple)
 CAN-2005-1723 (LaunchServices in Apple Mac OS X 10.4.x up to 10.4.1 does not properly ...)
-	TODO: check
+	NOTE: not-for-us (Apple)
 CAN-2005-1722 (Unknown vulnerability in the CoreGraphics Window Server for Mac OS X ...)
-	TODO: check
+	NOTE: not-for-us (Apple)
 CAN-2005-1721 (Buffer overflow in the legacy client support for AFP Server for Mac OS ...)
-	TODO: check
+	NOTE: not-for-us (Apple)
 CAN-2005-1720 (AFP Server for Mac OS X 10.4.1, when using an ACL enabled volume, does ...)
-	TODO: check
+	NOTE: not-for-us (Apple)
 CAN-2005-1719 (Unknown vulnerability in ALWIL avast! antivirus 4 (4.6.6230) and ...)
 	NOTE: not-for-us (avast! antivirus)
 CAN-2005-1718 (Buffer overflow in LS Games War Times 1.03 and earlier allows remote ...)