[Secure-testing-commits] r1303 - data/CAN

SALVETTI Djoumé djoume-guest@costa.debian.org
Wed, 29 Jun 2005 15:47:29 +0000 

Author: djoume-guest
Date: 2005-06-29 15:47:26 +0000 (Wed, 29 Jun 2005)
New Revision: 1303

Modified:
   data/CAN/list
Log:
* processed my block : lot of not-for-us
* claimed some more


Modified: data/CAN/list
===================================================================
--- data/CAN/list	2005-06-29 10:40:42 UTC (rev 1302)
+++ data/CAN/list	2005-06-29 15:47:26 UTC (rev 1303)
@@ -124,124 +124,125 @@
 CAN-2002-1952 (phpRank 1.8 does not properly check the return codes for MySQL ...)
 	TODO: check
 end claimed by jmm
-begin claimed by djoume
 CAN-2002-1951 (Buffer overflow in GoAhead WebServer 2.1 allows remote attackers to ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1950 (Cross-site scripting (XSS) vulnerability in phpRank 1.8 allows remote ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1949 (The Network Attached Storage (NAS) Administration Web Page for Iomega ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1948 (Multiple buffer overflows in Gringotts 0.5.9 allows local users to ...)
-	TODO: check
+	NOTE: not-for-us
+	NOTE: fixed before Gringotts was in Debian
 CAN-2002-1947 (Webmin 0.21 through 1.0 uses the same built-in SSL key for all ...)
-	TODO: check
+	- webmin (1.000-2)
 CAN-2002-1946 (Videsh Sanchar Nigam Limited (VSNL) Integrated Dialer Software ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1945 (Buffer overflow in SmartMail Server 1.0 Beta 10 allows remote ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1944 (Motorola Surfboard 4200 cable modem allows remote attackers to cause a ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1943 (SafeTP 1.46, when network address translation (NAT) is being used, ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1942 (Imatix Xitami 2.5 b5 does not properly terminate certain Keep-Alive ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1941 (Buffer overflow in RadioBird WebServer 4 Everyone 1.28 allows remote ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1940 (LCC-Win32 3.2 compiler, when running on Windows 95, 98, or ME, writes ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1939 (FlashFXP 1.4 prints FTP passwords in plaintext when there are ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1938 (Virgil CGI Scanner 0.9 allows remote attackers to execute arbitrary ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1937 (Symantec Firewall/VPN Appliance 100 through 200R hardcodes the ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1936 (UTStarcom BAS 1000 3.1.10 creates several default or back door ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1935 (Pingtel Xpressa 1.2.5 through 2.0.1 uses predictable (1) Call-ID, (2) ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1934 (Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 2.0.1 ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1933 (The terminal services screensaver for Microsoft Windows 2000 does not ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1932 (Microsoft Windows XP and Windows 2000, when configured to send ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1931 (Cross-site scripting (XSS) vulnerability in PHP Arena paFileDB 1.1.3 ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1930 (Buffer overflow in AN HTTPd 1.38 through 1.4.1c allows remote ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1929 (Cross-site scripting (XSS) vulnerability in pafiledb.php in PHP Arena ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1928 (602Pro LAN SUITE 2002 allows remote attackers to view the directory ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1927 (Aquonics File Manager 1.5 allows users with edit privileges to modify ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1926 (Directory traversal vulnerability in source.php in Aquonics File ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1925 (Tiny Personal Firewall 3.0 through 3.0.6 allows remote attackers to ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1924 (PowerChute plus 5.0.2 creates a "Pwrchute" directory during ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1923 (The default configuration in MySQL 3.20.32 through 3.23.52, when ...)
-	TODO: check
+	NOTE: not-for-us (Windows specific)
 CAN-2002-1922 (Cross-site scripting (XSS) vulnerability in global.php in Jelsoft ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1921 (The default configuration of MySQL 3.20.32 through 3.23.52, when ...)
-	TODO: check
+	NOTE: not-for-us (Windows specific)
 CAN-2002-1920 (Buffer overflow in FtpXQ 2.5 allows remote attackers to cause a denial ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1919 (SQL injection vulnerability in shopadmin.asp in VP-ASP 4.0 allows ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1918 (Buffer overflow in Microsoft Active Data Objects (ADO) in Microsoft ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1917 (CRLF injection vulnerability in the "User Profile: Send Email" feature ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1916 (Pirch and RusPirch, when auto-log is enabled, allows remote attackers ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1915 (tip on multiple BSD-based operating systems allows local users to ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1914 (dump 0.4 b10 through b29 allows local users to cause a denial of ...)
-	TODO: check
+	- dump 0.4b31-1
 CAN-2002-1913 (phptonuke.php in myPHPNuke 1.8.8 allows remote attackers to read ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1912 (SkyStream EMR5000 1.16 through 1.18 does not drop packets or disable ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1911 (ZoneAlarm Pro 3.0 and 3.1, when configured to block all traffic, ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1910 (Click2Learn Ingenium Learning Management System 5.1 and 6.1 uses weak ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1909 (Click2Learn Ingenium Learning Management System 5.1 and 6.1 stores the ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1908 (Microsoft IIS 5.0 and 5.1 allows remote attackers to cause a denial of ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1907 (TelCondex SimpleWebServer 2.06.20817 allows remote attackers to cause ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1906 (The web server for Polycom ViaVideo 2.2 and 3.0 allows remote ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1905 (Buffer overflow in the web server of Polycom ViaVideo 2.2 and 3.0 ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1904 (Buffer overflow in the Log function in util.c in GazTek ghttpd 1.4 ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1903 (Pine 4.2.1 through 4.4.4 puts Unix usernames and/or uid into Sender: ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1902 (CGIForum 1.0 through 1.05 allows remote attackers to cause a denial of ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1901 (Cross-site scripting (XSS) vulnerability in Bodo Bauer BBGallery 1.0 ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1900 (Cross-site scripting (XSS) vulnerability in Pinboard 1.0 allows remote ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1899 (Cross-site scripting (XSS) vulnerability in IceWarp Web Mail 3.3.3 and ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1898 (Terminal 1.3 in Apple Mac OS X 10.2 allows remote attackers to execute ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1897 (MyWebServer 1.0.2 allows remote attackers to cause a denial of service ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2002-1896 (Buffer overflow in Alsaplayer 0.99.71, when installed setuid root, ...)
-	TODO: check
+	- alsaplayer 0.99.72-1
 CAN-2002-1895 (The servlet engine in Jakarta Apache Tomcat 3.3 and 4.0.4, when using ...)
-	TODO: check
+	NOTE: not-for-us (Windows specific)
 CAN-2002-1894 (Cross-site scripting (XSS) vulnerability in viewtopic.php in phpBB ...)
-	TODO: check
-end claimed by djoume
+	NOTE: not-for-us
+	NOTE: fix before phpbb2 was in Debian.
+begin claimed by djoume
 CAN-2002-1893 (Cross-site scripting (XSS) vulnerability in ArGoSoft Mail Server Pro ...)
 	TODO: check
 CAN-2002-1892 (NETGEAR FVS318 running firmware 1.1 stores the username and password ...)
@@ -336,6 +337,7 @@
 	TODO: check
 CAN-2002-1847 (Buffer overflow in mplay32.exe of Microsoft Windows Media Player (WMP) ...)
 	TODO: check
+end claimed by djoume
 CAN-2002-1846 (Yet Another Bulletin Board (YaBB) 1.40 and 1.41 does not require a ...)
 	TODO: check
 CAN-2002-1845 (Cross-site scripting (XSS) vulnerability in index.php in Yet Another ...)