[Secure-testing-commits] r1302 - data/CAN
Moritz Muehlenhoff
jmm-guest@costa.debian.org
Wed, 29 Jun 2005 10:40:44 +0000
Author: jmm-guest
Date: 2005-06-29 10:40:42 +0000 (Wed, 29 Jun 2005)
New Revision: 1302
Modified:
data/CAN/list
Log:
new proftpd format string issue
processed half of my block.
Modified: data/CAN/list
===================================================================
--- data/CAN/list 2005-06-29 10:02:07 UTC (rev 1301)
+++ data/CAN/list 2005-06-29 10:40:42 UTC (rev 1302)
@@ -1,3 +1,5 @@
+CAN-2005-XXXX [proftpd format string vulnerability in ftpshut]
+ - proftpd 1.2.10-9
CAN-2005-2078 (BisonFTP Server V4R1 allows remote authenticated users to cause a ...)
NOTE: not-for-us (BisonFTP Server)
CAN-2005-2077 (Cross-site scripting (XSS) vulnerability in error.asp for Hosting ...)
@@ -50,47 +52,49 @@
NOTE: not-for-us (RealPlayer)
begin claimed by jmm
CAN-2002-1986 (Perception LiteServe 2.0 through 2.0.1 allows remote attackers to ...)
- TODO: check
+ NOTE: not-for-us (Perception LiteServe)
CAN-2002-1985 (iSMTP 5.0.1 allows remote attackers to cause a denial of service via a ...)
- TODO: check
+ NOTE: not-for-us (iSMTP)
CAN-2002-1984 (Microsoft Internet Explorer 5.0.1 through 6.0 on Windows 2000 or ...)
- TODO: check
+ NOTE: not-for-us (Microsoft)
CAN-2002-1983 (The timer implementation in QNX RTOS 6.1.0 allows local users to cause ...)
- TODO: check
+ NOTE: not-for-us (QNX)
CAN-2002-1982 (Directory traversal vulnerability in the list_directory function in ...)
- TODO: check
+ TODO: check, possibly affected, but sphor currently off, minor issue
CAN-2002-1981 (Microsoft SQL Server 2000 through SQL Server 2000 SP2 allows the ...)
- TODO: check
+ NOTE: not-for-us (Microsoft)
CAN-2002-1980 (Buffer overflow in Volume Manager daemon (vold) of Sun Solaris 2.5.1 ...)
- TODO: check
+ NOTE: not-for-us (Solaris)
CAN-2002-1979 (WatchGuard SOHO products running firmware 5.1.6 and earlier, and ...)
- TODO: check
+ NOTE: not-for-us (Watchguard SOHO)
CAN-2002-1978 (IPFilter 3.1.1 through 3.4.28 allows remote attckers to bypass ...)
- TODO: check
+ NOTE: not-for-us (IPFilter)
CAN-2002-1977 (Network Associates PGP 7.0.4 and 7.1 does not time out according to ...)
- TODO: check
+ NOTE: not-for-us (Proprietary PGP)
CAN-2002-1976 (ifconfig in Linux kernel 2.2 and 2.4 does not report when the network ...)
- TODO: check
+ NOTE: Kernel 2.2 introduced a different way to set promisc mode through setsockopt()
+ NOTE: instead through an ioctl() as before.
+ TODO: check, whether current ifconfig handles that correctly, I guess so
CAN-2002-1975 (Sharp Zaurus PDA SL-5000D and SL-5500 uses a salt of "A0" to encrypt ...)
- TODO: check
+ NOTE: not-for-us (Zaurus hardware)
CAN-2002-1974 (The FTP service in Zaurus PDAs SL-5000D and SL-5500 does not require ...)
- TODO: check
+ NOTE: not-for-us (Zaurus hardware)
CAN-2002-1973 (Buffer overflow in CHttpServer::OnParseError in the ISAPI extension ...)
- TODO: check
+ NOTE: not-for-us (Microsoft)
CAN-2002-1972 (Unknown vulnerability in Parallel port powerSwitch (aka ...)
- TODO: check
+ NOTE: not-for-us (pp_powerSwitch)
CAN-2002-1971 (The ping utility in networking_utils.php in Sourcecraft ...)
- TODO: check
+ NOTE: not-for-us (Sourcecraft Networking Utils)
CAN-2002-1970 (SnortCenter 0.9.5, when configured to push Snort rules, stores the ...)
- TODO: check
+ NOTE: not-for-us (SnortCenter)
CAN-2002-1969 (Magic Notebook 1.0b and 1.1b allows remote attackers to cause a denial ...)
- TODO: check
+ NOTE: not-for-us (Magic Notebook)
CAN-2002-1968 (Com21 DOXport 1100 series cable modem running firmware 2.1.1.106, and ...)
- TODO: check
+ NOTE: not-for-us (Com21 hardware)
CAN-2002-1967 (Buffer overflow in XiRCON 1.0 Beta 4 allows remote attackers to cause ...)
- TODO: check
+ NOTE: not-for-us (XiRCON)
CAN-2002-1966 (Directory traversal vulnerability in magiccard.cgi in My Postcards ...)
- TODO: check
+ NOTE: not-for-us (My Postcards Platinum)
CAN-2002-1965 (Cross-site scripting (XSS) vulnerability in Errors.gsl in Imatix ...)
TODO: check
CAN-2002-1964 (Unknown vulnerability in WesMo phpEventCalendar 1.1 allows remote ...)