[Secure-testing-commits] r511 - sarge-checks/CAN

SALVETTI Djoumé djoume-guest@costa.debian.org
Tue, 01 Mar 2005 23:30:47 +0100 

Author: djoume-guest
Date: 2005-03-01 23:30:44 +0100 (Tue, 01 Mar 2005)
New Revision: 511

Modified:
   sarge-checks/CAN/list
Log:
* processed a part of my block


Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list	2005-03-01 20:27:29 UTC (rev 510)
+++ sarge-checks/CAN/list	2005-03-01 22:30:44 UTC (rev 511)
@@ -33,40 +33,39 @@
 	NOTE: reserved
 CAN-2005-0581
 	NOTE: reserved
-begin claimed by djoume
 CAN-2005-0580 (cmd5checkpw, when running setuid, does not properly drop privileges ...)
-	TODO: check
+	NOTE: not-for-us (cmd5checkpw)
 CAN-2005-0579 (nxagent in FreeNX before 0.2.8 does not properly handle when the ...)
-	TODO: check
+	NOTE: not-for-us (FreeNX)
 CAN-2005-0578 (Firefox before 1.0.1 and Mozilla Suite before 1.7.6 use a predictable ...)
-	TODO: check
+	- mozilla-firefox 1.0.1-1
 CAN-2005-0577 (Format string vulnerability in DNA MKBold-MKItalic 0.06_1 and earlier ...)
-	TODO: check
+	NOTE: not-for-us (MKBold-MKItalic)
 CAN-2005-0576 (Unknown vulnerability in Standard Type Services Framework (STSF) Font ...)
-	TODO: check
+	NOTE: not-for-us (STSF in Solaris)
 CAN-2005-0575 (Buffer overflow in Stormy Studios Knet 1.04c and earlier allows remote ...)
-	TODO: check
+	NOTE: not-for-us (Stormy Studios Knet)
 CAN-2005-0574 (Directory traversal vulnerability in CIS WebServer 3.5.13 allows ...)
-	TODO: check
+	NOTE: not-for-us (CIS Webserver)
 CAN-2005-0573 (Gaim 1.1.3 on Windows systems allows remote attackers to cause a ...)
+	NOTE: don't know if we are vulnerable, I've mailed maintainers -- Djoume
 	TODO: check
 CAN-2005-0572 (index.php in phpWebSite 0.10.0 and earlier allows remote attackers to ...)
-	TODO: check
+	NOTE: not-for-us (phpWebSite)
 CAN-2005-0571 (admin_loader.php in PunBB 1.2.1 allows remote attackers to read ...)
-	TODO: check
+	NOTE: not-for-us (PunBB)
 CAN-2005-0570 (profile.php in PunBB 1.2.1 allows remote attackers to cause a denial ...)
-	TODO: check
+	NOTE: not-for-us (PunBB)
 CAN-2005-0569 (Multiple SQL injection vulnerabilities in PunBB 1.2.1 allow remote ...)
-	TODO: check
+	NOTE: not-for-us (PunBB)
 CAN-2005-0568 (Soldier of Fortune II 1.03 gold allows remote attackers to cause a ...)
-	TODO: check
+	NOTE: not-for-us (Soldier of Fortune II)
 CAN-2005-0567 (Multiple PHP remote code injection vulnerabilities in phpMyAdmin 2.6.1 ...)
-	TODO: check
+	- phpmyadmin 3:2.6.1-pl2-1
 CAN-2005-0566 (Buffer overflow in Golden FTP Server Pro 2.x allows remote attackers ...)
-	TODO: check
+	NOTE: not-for-us (Golden FTP Server)
 CAN-2005-0565 (The Announce module in phpWebSite 0.10.0 and earlier allows remote ...)
-	TODO: check
-end claimed by djoume
+	NOTE: not-for-us (phpWebSite)
 CAN-2005-0564
 	NOTE: reserved
 CAN-2005-0563
@@ -188,29 +187,29 @@
 	TODO: check
 CAN-2004-1711 (Cross-site scripting (XSS) vulnerability in post.php in Moodle before ...)
 	TODO: check
+end claimed by djoume
 CAN-2004-1710 (page.cgi allows remote attackers to execute arbitrary commands via ...)
-	TODO: check
+	NOTE: not-for-us (page.cgi)
 CAN-2004-1709 (Datakey Rainbow iKey2032 USB token, when using the CIP client package, ...)
-	TODO: check
+	NOTE: not-for-us (Datakey Rainbow iKey2032 USB token)
 CAN-2004-1708 (Webbsyte Chat 0.9.0 allows remote attackers to cause a denial of ...)
-	TODO: check
+	NOTE: not-for-us (Webbsyte)
 CAN-2004-1707 (The (1) dbsnmp and (2) nmo programs in Oracle 8i, Oracle 9i, and ...)
-	TODO: check
+	NOTE: not-for-us (Oracle)
 CAN-2004-1706 (The U.S. Robotics USR808054 wireless access point allows remote ...)
-	TODO: check
+	NOTE: not-for-us (U.S. Robotics wireless access point)
 CAN-2004-1705 (Buffer overflow in Citadel/UX 6.23 and earlier allows remote attackers ...)
-	TODO: check
+	NOTE: not-for-us (Citadel/UX)
 CAN-2004-1704 (WpQuiz 2.60b1 through 2.60b8 allows remote attackers to gain ...)
-	TODO: check
+	NOTE: not-for-us (WpQuiz)
 CAN-2004-1703 (Fusion News 3.6.1 allows remote attackers to add user accounts, if the ...)
-	TODO: check
+	NOTE: not-for-us (Fusion News)
 CAN-2004-0838 (Lexar Safe Guard for JumpDrive Secure 1.0 stores the password ...)
-	TODO: check
+	NOTE: not-for-us (Lexar Safe Guard)
 CAN-2003-1087 (Unknown vulnerability in diagmond and possibly other applications in ...)
-	TODO: check
+	NOTE: not-for-us (diagmond on HP-UX)
 CAN-2005-0547 (Unknown vulnerability in ftpd on HP-UX B.11.00, B.11.04, B.11.11, ...)
-	TODO: check
-end claimed by djoume
+	NOTE: not-for-us (ftpd on HP-UX)
 CAN-2005-0546 (Multiple buffer overflows in Cyrus IMAPd before 2.2.11 may allow ...)
 	- cyrus21-imapd (unfixed; bug #296681)
 CAN-2005-0545 (Microsoft Windows XP Pro SP2 and Windows 2000 Server SP4 running ...)