[Secure-testing-commits] r1304 - data/CAN

Moritz Muehlenhoff jmm-guest@costa.debian.org
Wed, 29 Jun 2005 21:20:47 +0000 

Author: jmm-guest
Date: 2005-06-29 21:20:44 +0000 (Wed, 29 Jun 2005)
New Revision: 1304

Modified:
   data/CAN/list
Log:
process more


Modified: data/CAN/list
===================================================================
--- data/CAN/list	2005-06-29 15:47:26 UTC (rev 1303)
+++ data/CAN/list	2005-06-29 21:20:44 UTC (rev 1304)
@@ -50,7 +50,6 @@
 	NOTE: not-for-us (RealPlayer)
 CAN-2005-2054 (Unknown vulnerability in RealPlayer 10 and 10.5 (6.0.12.1040-1069) and ...)
 	NOTE: not-for-us (RealPlayer)
-begin claimed by jmm
 CAN-2002-1986 (Perception LiteServe 2.0 through 2.0.1 allows remote attackers to ...)
 	NOTE: not-for-us (Perception LiteServe)
 CAN-2002-1985 (iSMTP 5.0.1 allows remote attackers to cause a denial of service via a ...)
@@ -96,34 +95,33 @@
 CAN-2002-1966 (Directory traversal vulnerability in magiccard.cgi in My Postcards ...)
 	NOTE: not-for-us (My Postcards Platinum)
 CAN-2002-1965 (Cross-site scripting (XSS) vulnerability in Errors.gsl in Imatix ...)
-	TODO: check
+	NOTE: not-for-us (Imatix Xitami)
 CAN-2002-1964 (Unknown vulnerability in WesMo phpEventCalendar 1.1 allows remote ...)
-	TODO: check
+	NOTE: not-for-us (phpEventCalender)
 CAN-2002-1963 (Linux kernel 2.4.1 through 2.4.19 sets root's NR_RESERVED_FILES limit ...)
-	TODO: check
+	NOTE: No kernels in Sarge or sid affected
 CAN-2002-1962 (Finjan Software SurfinGate 6.0 and 6.0 1 allows remote attackers to ...)
-	TODO: check
+	NOTE: not-for-us (SurfinGate)
 CAN-2002-1961 (Finjan Software SurfinGate 6.0 and 6.0 1 allows remote attackers to ...)
-	TODO: check
+	NOTE: not-for-us (SurfinGate)
 CAN-2002-1960 (Cross-site scripting (XSS) vulnerability in Cybozu Share360 1.1 allows ...)
-	TODO: check
+	NOTE: not-for-us (Cybozu Share)
 CAN-2002-1959 (Nagios 1.0b1 through 1.0b3 allows remote attackers to execute ...)
-	TODO: check
+	NOTE: Nagios was packaged for Debian after these vulnerable versions have been released
 CAN-2002-1958 (Cross-site scripting (XSS) vulnerability in kmMail 1.0 through 1.0b ...)
-	TODO: check
+	NOTE: not-for-us (kmMail)
 CAN-2002-1957 (Buffer overflow in the netlog function in pen.c for Pen 0.9.1 and ...)
-	TODO: check
+	NOTE: pen was introduced after this old vulnerability
 CAN-2002-1956 (ROX Filer 1.1.9 and 1.2 is installed with world writable permissions, ...)
-	TODO: check
+	- rox 1.3.0-1
 CAN-2002-1955 (Iomega NAS A300U uses cleartext LANMAN authentication when mounting ...)
-	TODO: check
+	NOTE: not-for-us (Iomega hardware issue)
 CAN-2002-1954 (Cross-site scripting (XSS) vulnerability in the phpinfo function in ...)
 	TODO: check
 CAN-2002-1953 (Heap-based buffer overflow in the goim handler of AOL Instant ...)
-	TODO: check
+	NOTE: not-for-us (AIM)
 CAN-2002-1952 (phpRank 1.8 does not properly check the return codes for MySQL ...)
-	TODO: check
-end claimed by jmm
+	NOTE: not-for-us (phpRank)
 CAN-2002-1951 (Buffer overflow in GoAhead WebServer 2.1 allows remote attackers to ...)
 	NOTE: not-for-us
 CAN-2002-1950 (Cross-site scripting (XSS) vulnerability in phpRank 1.8 allows remote ...)