[Secure-testing-commits] r505 - sarge-checks/CAN
Joey Hess
joeyh@costa.debian.org
Tue, 01 Mar 2005 09:14:22 +0100
Author: joeyh
Date: 2005-03-01 09:14:18 +0100 (Tue, 01 Mar 2005)
New Revision: 505
Modified:
sarge-checks/CAN/list
Log:
automatic CAN database update
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-03-01 04:26:27 UTC (rev 504)
+++ sarge-checks/CAN/list 2005-03-01 08:14:18 UTC (rev 505)
@@ -1,3 +1,31 @@
+CAN-2005-0594
+ NOTE: reserved
+CAN-2005-0593 (Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote attackers ...)
+ TODO: check
+CAN-2005-0592 (Heap-based buffer overflow in the UTF8ToNewUnicode function for ...)
+ TODO: check
+CAN-2005-0591 (Firefox before 1.0.1 allows remote attackers to spoof the security and ...)
+ TODO: check
+CAN-2005-0590 (The installation confirmation dialog in Firefox before 1.0.1, ...)
+ TODO: check
+CAN-2005-0589 (The Form Fill feature in Firefox before 1.0.1 allows remote attackers ...)
+ TODO: check
+CAN-2005-0588 (Firefox before 1.0.1 and Mozilla before 1.7.6 does not restrict ...)
+ TODO: check
+CAN-2005-0587 (Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote malicious ...)
+ TODO: check
+CAN-2005-0586 (Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote malicious ...)
+ TODO: check
+CAN-2005-0585 (Firefox before 1.0.1 and Mozilla before 1.7.6 truncates long ...)
+ TODO: check
+CAN-2005-0584 (Firefox before 1.0.1 and Mozilla before 1.7.6, when displaying the ...)
+ TODO: check
+CAN-2005-0583
+ NOTE: reserved
+CAN-2005-0582
+ NOTE: reserved
+CAN-2005-0581
+ NOTE: reserved
begin claimed by djoume
CAN-2005-0580 (cmd5checkpw, when running setuid, does not properly drop privileges ...)
TODO: check
@@ -1433,8 +1461,8 @@
NOTE: reserved
CAN-2005-0256 (The wu_fnmatch function in wu_fnmatch.c for wu-fptd 2.6.1 and 2.6.2 ...)
- wu-ftpd 2.6.2-19
-CAN-2005-0255
- NOTE: reserved
+CAN-2005-0255 (String handling functions in Mozilla 1.7.3 and Firefox 1.0, such as ...)
+ TODO: check
CAN-2005-0254 (BibORB 1.3.2, and possibly earlier versions, does not properly enforce ...)
NOTE: not-for-us (BibORB)
CAN-2005-0253 (Directory traversal vulnerability in index.php for BibORB 1.3.2, and ...)
@@ -1618,8 +1646,8 @@
NOTE: reserved
CAN-2005-0206 (The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 ...)
TODO: check
-CAN-2005-0205
- NOTE: reserved
+CAN-2005-0205 (KPPP 2.1.2 in KDE 3.1.5 and earlier, when setuid root without certain ...)
+ TODO: check
CAN-2005-0204 (Linux kernel before 2.6.9, when running on the AMD64 and Intel EM64T ...)
NOTE: according to the CAN it is fixed in 2.6.10, but
NOTE: looking at the source it is not so clear, noting this
@@ -2630,7 +2658,7 @@
- kdebase 4:3.3.1-4
CAN-2004-1157 (Opera 7.x up to 7.54, and possibly other versions, allows remote ...)
NOTE: not-for-us (Opera)
-CAN-2004-1156 (Mozilla through 1.7.x, and Mozilla Firefox through 1.x, allows remote ...)
+CAN-2004-1156 (Mozilla before 1.7.6, and Firefox before 1.0.1, allows remote ...)
- mozilla (unfixed; bug #293663)
- mozilla-firefox (unfixed; bug #293664)
CAN-2004-1155 (Internet Explorer 5.01 through 6 allows remote attackers to spoof ...)
@@ -3138,10 +3166,10 @@
NOTE: sarge's unarj is from a different code base, probably not vulnerable
CAN-2004-0946 (rquotad in nfs-utils (rquota_server.c) before 1.0.6-r6 on 64-bit ...)
NOTE: does not apply per maintainer
-CAN-2004-0945
- NOTE: reserved
-CAN-2004-0944
- NOTE: reserved
+CAN-2004-0945 (The web management interface for Mitel 3300 Integrated Communications ...)
+ TODO: check
+CAN-2004-0944 (The web management interface for Mitel 3300 Integrated Communications ...)
+ TODO: check
CAN-2004-0943
NOTE: reserved
CAN-2004-0942 (Apache webserver 2.0.52 and earlier allows remote attackers to cause a ...)