[Secure-testing-commits] r1309 - data/CAN
Moritz Muehlenhoff
jmm-guest@costa.debian.org
Thu, 30 Jun 2005 13:58:38 +0000
Author: jmm-guest
Date: 2005-06-30 13:58:35 +0000 (Thu, 30 Jun 2005)
New Revision: 1309
Modified:
data/CAN/list
Log:
mono xss issue has been fixed
prios for proftpd
Modified: data/CAN/list
===================================================================
--- data/CAN/list 2005-06-30 09:22:30 UTC (rev 1308)
+++ data/CAN/list 2005-06-30 13:58:35 UTC (rev 1309)
@@ -1,9 +1,9 @@
CAN-2005-XXXX [proftpd: format string vulnerability in mod_sql's SQLShowInfo]
- - proftpd 1.2.10-20
+ - proftpd 1.2.10-20 (medium)
CAN-2005-XXXX [XSS, SQL injection and other issues in Wordpress]
- wordpress 1.5.1.3-1
CAN-2005-XXXX [proftpd format string vulnerability in ftpshut]
- - proftpd 1.2.10-19
+ - proftpd 1.2.10-19 (medium)
CAN-2005-2078 (BisonFTP Server V4R1 allows remote authenticated users to cause a ...)
NOTE: not-for-us (BisonFTP Server)
CAN-2005-2077 (Cross-site scripting (XSS) vulnerability in error.asp for Hosting ...)
@@ -5622,9 +5622,8 @@
CAN-2005-0510 (The daemon for fallback-reboot before 0.995 allows attackers to cause ...)
NOTE: not-for-us (fallback-reboot)
CAN-2005-0509 (Multiple cross-site scripting (XSS) vulnerabilities in the Mono 1.0.5 ...)
- - mono (unfixed; bug #296659)
NOTE: default config of Mono not vulnerable
- NOTE: Mono wont be in Sarge according to http://wiki.debian.net/?MonoDebianPlan
+ - mono 1.1.6-4 (medium)
CAN-2005-0508 (Unknown vulnerability in Squiggle for Batik before 1.5.1 allows ...)
- batik 1.5.1-1
CAN-2005-0507 (Directory traversal vulnerability in SD Server 4.0.70 and earlier ...)