[Secure-testing-commits] r1268 - data/CAN
Joey Hess
joeyh@costa.debian.org
Thu, 23 Jun 2005 20:59:35 +0000
Author: joeyh
Date: 2005-06-23 20:59:32 +0000 (Thu, 23 Jun 2005)
New Revision: 1268
Modified:
data/CAN/list
Log:
completed block, no new holes
Modified: data/CAN/list
===================================================================
--- data/CAN/list 2005-06-23 20:40:07 UTC (rev 1267)
+++ data/CAN/list 2005-06-23 20:59:32 UTC (rev 1268)
@@ -169,7 +169,6 @@
NOTE: not-for-us (FormMail)
CAN-2002-1770 (Qualcomm Eudora 5.1 allows remote attackers to execute arbitrary code ...)
NOTE: not-for-us (Eudora)
-begin claimed by joeyh
CAN-2002-1769 (Microsoft Site Server 3.0 prior to SP4 installs a default user, ...)
NOTE: not-for-us (Mirosoft)
CAN-2002-1768 (Cisco IOS 11.1 through 12.2, when HSRP support is not enabled, allows ...)
@@ -177,78 +176,78 @@
CAN-2002-1767 (Buffer overflow in tnslsnr of Oracle 8i Database Server 8.1.5 for ...)
NOTE: not-for-su (Oracle)
CAN-2002-1766 (Buffer overflow in Composer in Netscape 4.77 allows local users to ...)
- TODO: check
+ NOTE: not-for-us (Netscape)
+ NOTE: didn't check mozilla
CAN-2002-1765 (Evolution 1.0.3 and 1.0.4 allows remote attackers to cause a denial of ...)
- TODO: check
+ - evolution 1.0.5
CAN-2002-1764 (acroread in Adobe Acrobat Reader 4.05 on Linux allows local users to ...)
- TODO: check
+ NOTE: not-for-us (acrobat)
CAN-2002-1763 (The dtscreen Sun Solaris 8 CDE screensaver crashes when the "Shift" ...)
- TODO: check
+ NOTE: not-for-us (dtscreen Sun Solaris 8 CDE screensaver)
CAN-2002-1762 (Microsoft Baseline Security Analyzer (MBSA) 1.0 stores security scans ...)
- TODO: check
+ NOTE: not-for-us (Microsoft)
CAN-2002-1761 (Directory traversal vulnerability in PHProjekt 2.0 through 3.1 allows ...)
- TODO: check
+ NOTE: not-for-us (PHProjekt)
CAN-2002-1760 (Multiple SQL injection vulnerabilities in PHProjekt 2.0 through 3.1 ...)
- TODO: check
+ NOTE: not-for-us (PHProjekt)
CAN-2002-1759 (The upload function in PHPProjekt 2.0 through 3.1 does not properly ...)
- TODO: check
+ NOTE: not-for-us (PHProjekt)
CAN-2002-1758 (PHProjekt 2.0 through 3.1 allows remote attackers to view or modify ...)
- TODO: check
+ NOTE: not-for-us (PHProjekt)
CAN-2002-1757 (PHProjekt 2.0 through 3.1 relies on the $PHP_SELF variable for ...)
- TODO: check
+ NOTE: not-for-us (PHProjekt)
CAN-2002-1756 (ACDSee 4.0 allows remote attackers to cause a denial of service ...)
- TODO: check
+ NOTE: not-for-us (ACDSee)
CAN-2002-1755 (tinc 1.0pre3 and 1.0pre4 VPN does not authenticate forwarded packets, ...)
- TODO: check
+ - tinc 1.0pre5
CAN-2002-1754 (Buffer overflow in Novell NetWare Client 4.80 through 4.83 allows ...)
- TODO: check
+ NOTE: not-for-us (Novell NetWare)
CAN-2002-1753 (csNewsPro.cgi in CGIScript.net csNews Professional (csNewsPro) allows ...)
- TODO: check
+ NOTE: not-for-us (csNews)
CAN-2002-1752 (csChatRBox.cgi in CGIScript.net csChat-R-Box allows remote attackers ...)
- TODO: check
+ NOTE: not-for-us (csChat-R-Box)
CAN-2002-1751 (csLiveSupport.cgi in CGIScript.net csLiveSupport allows remote ...)
- TODO: check
+ NOTE: not-for-us (csLiveSupport)
CAN-2002-1750 (csGuestbook.cgi in CGISCRIPT.NET csGuestbook 1.0 allows remote ...)
- TODO: check
+ NOTE: not-for-us (csGuestbook)
CAN-2002-1749 (Windows 2000 Terminal Services, when using the disconnect feature of ...)
- TODO: check
+ NOTE: not-for-us (Windows 2000 Terminal Services)
CAN-2002-1748 (Unknown vulnerability in Slash 2.1.x and 2.2 through 2.2.2, as used in ...)
- TODO: check
+ - slash 2.2.3
CAN-2002-1747 (Vtun 2.5b1 does not authenticate forwarded packets, which allows ...)
- TODO: check
+ - vtun 2.5b2
CAN-2002-1746 (Vtun 2.5b1 allows remote attackers to inject data into user sessions ...)
- TODO: check
+ - vtun 2.5b2
CAN-2002-1745 (Off-by-one error in the CodeBrws.asp sample script in Microsoft IIS ...)
- TODO: check
+ NOTE: not-for-us (Microsoft)
CAN-2002-1744 (Directory traversal vulnerability in CodeBrws.asp in Microsoft IIS 5.0 ...)
- TODO: check
+ NOTE: not-for-us (Microsoft)
CAN-2002-1743 (AOL ICQ 2002a Build 3722 allows remote attackers to cause a denial of ...)
- TODO: check
+ NOTE: not-for-us (AOL ICQ)
CAN-2002-1742 (SOAP::Lite 0.50 through 0.52 allows remote attackers to load arbitrary ...)
- TODO: check
+ - libsoap-lite-perl 0.55
CAN-2002-1741 (Directory traversal vulnerability in WorldClient.cgi in WorldClient ...)
- TODO: check
+ NOTE: not-for-us (WorldClient)
CAN-2002-1740 (Buffer overflow in WorldClient.cgi in WorldClient in Alt-N ...)
- TODO: check
+ NOTE: not-for-us (WorldClient)
CAN-2002-1739 (Alt-N Technologies Mdaemon 5.0 through 5.0.6 uses a weak encryption ...)
- TODO: check
+ NOTE: not-for-us (Alt-N Technologies Mdaemon)
CAN-2002-1738 (Alt-N Technologies MDaemon 5.0.5.0 and earlier creates a default ...)
- TODO: check
+ NOTE: not-for-us (Alt-N Technologies Mdaemon)
CAN-2002-1737 (Astaro Security Linux 2.016 creates world-writable files and ...)
- TODO: check
+ NOTE: not-for-us (Astaro Security Linux)
CAN-2002-1736 (Unknown vulnerability in CGINews before 1.06 allow remote attackers to ...)
- TODO: check
+ NOTE: not-for-us (CGINews)
CAN-2002-1735 (Buffer overflow in dlogin 1.0a could allow local users to gain ...)
- TODO: check
+ NOTE: not-for-us (dlogin)
CAN-2002-1734 (NewsPro 1.01 allows remote attackers to gain unauthorized ...)
- TODO: check
+ NOTE: not-for-us (NewsPro)
CAN-2002-1733 (Cross-site scripting (XSS) vulnerability in the web-based message ...)
- TODO: check
+ NOTE: not-for-us (Prospero MessageBoards)
CAN-2002-1732 (Multiple cross-site scripting (XSS) vulnerabilities in Actinic Catalog ...)
- TODO: check
+ NOTE: not-for-us (Actinic Catalog)
CAN-2002-1731 (The System Request menu in IBM AS/400 allows local users to list valid ...)
- TODO: check
-end claimed by joeyh
+ NOTE: not-for-us (IBM AS/400)
CAN-2002-1730 (ASPjar Guestbook 1.00 allows remote attackers to delete arbitrary ...)
TODO: check
CAN-2002-1729 (Cross-site scripting vulnerability (XSS) in ASPjar Guestbook 1.00 ...)