[Secure-testing-commits] r544 - sarge-checks/CAN
Joey Hess
joeyh@costa.debian.org
Fri, 11 Mar 2005 09:14:24 +0100
Author: joeyh
Date: 2005-03-11 09:14:20 +0100 (Fri, 11 Mar 2005)
New Revision: 544
Modified:
sarge-checks/CAN/list
Log:
automatic CAN database update
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-03-10 21:51:30 UTC (rev 543)
+++ sarge-checks/CAN/list 2005-03-11 08:14:20 UTC (rev 544)
@@ -1,3 +1,57 @@
+CAN-2005-0707 (Buffer overflow in the IMAP daemon (IMAP4d32.exe) for Ipswitch ...)
+ TODO: check
+CAN-2005-0706 (Buffer overflow in discdb.c for grip 3.1.2 allows attackers to cause a ...)
+ TODO: check
+CAN-2005-0705
+ NOTE: reserved
+CAN-2005-0704
+ NOTE: reserved
+CAN-2004-1770 (The login page for cPanel 9.1.0, and possibly other versions, allows ...)
+ TODO: check
+CAN-2004-1769 (The "Allow cPanel users to reset their password via email" feature in ...)
+ TODO: check
+CAN-2004-1768 (The character converters in the Spamhunter and Language ID modules for ...)
+ TODO: check
+CAN-2004-1767 (The kernel in Solaris 2.6, 7, 8, and 9 allows local users to gainp ...)
+ TODO: check
+CAN-2004-1766 (The default installation of NetScreen-Security Manager before Feature ...)
+ TODO: check
+CAN-2004-1765 (Off-by-one buffer overflow in ModSecurity (mod_security) 1.7.4 for ...)
+ TODO: check
+CAN-2004-1764 (Buffer overflow in CDE libDtSvc on HP-UX B.11.00, B.11.04, B.11.11, ...)
+ TODO: check
+CAN-2004-1763 (Buffer overflow in hsrun.exe for HAHTsite Scenario Server 5.1 Patch 06 ...)
+ TODO: check
+CAN-2004-1762 (Unknown vulnerability in F-Secure Anti-Virus (FSAV) 4.52 for Linux ...)
+ TODO: check
+CAN-2004-1761 (Unknown vulnerability in Ethereal 0.8.13 to 0.10.2 allows attackers to ...)
+ TODO: check
+CAN-2004-1760 (The default installation of Cisco IBM Director agent does not require ...)
+ TODO: check
+CAN-2004-1759 (The Cisco IBM Director agent allows remote attackers to cause a denial ...)
+ TODO: check
+CAN-2004-1758 (BEA WebLogic Server and WebLogic Express version 8.1 up to SP2, 7.0 up ...)
+ TODO: check
+CAN-2004-1757 (BEA WebLogic Server and Express 8.1, SP1 and earlier, stores the ...)
+ TODO: check
+CAN-2004-1756 (BEA WebLogic Server and WebLogic Express 8.1 SP2 and earlier, and 7.0 ...)
+ TODO: check
+CAN-2004-1755 (The Web Services fat client for BEA WebLogic Server and Express 7.0 ...)
+ TODO: check
+CAN-2003-1096 (The Cisco LEAP challenge/response authentication mechanism uses ...)
+ TODO: check
+CAN-2003-1095 (BEA WebLogic Server and Express 7.0 and 7.0.0.1, when using "memory" ...)
+ TODO: check
+CAN-2003-1094 (BEA WebLogic Server and Express version 7.0 SP3 may follow certain ...)
+ TODO: check
+CAN-2003-1093 (BEA WebLogic Server 6.1, 7.0 and 7.0.0.1, when routing messages to a ...)
+ TODO: check
+CAN-2003-1092 (Unknown vulnerability in the "Automatic File Content Type Recognition ...)
+ TODO: check
+CAN-2003-1091 (Integer overflow in MP3Broadcaster for Apple QuickTime/Darwin ...)
+ TODO: check
+CAN-2003-1090 (Buffer overflow in AbsoluteTelnet before 2.12 RC10 allows remote ...)
+ TODO: check
CAN-2005-0703 (Unknown vulnerability in Xerox MicroServer Web Server for various ...)
NOTE: not-for-us (Xerox MicroServer Web Server)
CAN-2005-0702 (SQL injection vulnerability in phpMyFAQ 1.4 and 1.5 allows remote ...)
@@ -39,7 +93,8 @@
NOTE: not-for-us (OutStart Participate Enterprise)
CAN-2005-0684
NOTE: reserved
-CAN-2005-0683 (phpBB 2.0.13 and earlier allows remote attackers to obtain the full ...)
+CAN-2005-0683
+ NOTE: rejected
NOTE: not applicable to Debian (installation path known anyway)
CAN-2005-0682 (Cross-site scripting (XSS) vulnerability in common.inc in Drupal ...)
- drupal 4.5.2
@@ -88,7 +143,7 @@
TODO: check
CAN-2005-0660 (Multiple cross-site scripting (XSS) vulnerabilities in D-Forum 1.11 ...)
TODO: check
-CAN-2005-0659 (phpBB 2.0.13 allows remote attackers to obtain sensitive information ...)
+CAN-2005-0659 (phpBB 2.0.13 and earlier allows remote attackers to obtain sensitive ...)
TODO: check
CAN-2005-0658 (SQL injection vulnerability in a third party extension to TYPO3 allows ...)
TODO: check
@@ -3487,8 +3542,7 @@
{DSA-607-1}
- xfree86 4.3.0.dfsg.1-9
- lesstif1-1 (unfixed; bug #294099)
-CAN-2004-0913
- NOTE: reserved
+CAN-2004-0913 (Unknown vulnerability in ecartis 0.x before ...)
{DSA-572-1}
- squid 2.5.6-9
CAN-2004-0912
@@ -9421,7 +9475,7 @@
CAN-2001-0932 (Buffer overflow in Cooolsoft PowerFTP Server 2.03 allows remote ...)
CAN-2001-0931 (Directory traversal vulnerability in Cooolsoft PowerFTP Server 2.03 ...)
CAN-2001-0930 (Sendpage.pl allows remote attackers to execute arbitrary commands via ...)
-CAN-2001-0928 (Buffer overflow in the permitted function of GNOME libgtop_daemon in ...)
+CAN-2001-0928 (Buffer overflow in the permitted function of GNOME gtop daemon ...)
{DSA-301}
CAN-2001-0927 (Format string vulnerability in the permitted function of GNOME ...)
CAN-2001-0926 (SSIFilter in Allaire JRun 3.1, 3.0 and 2.3.3 allows remote attackers ...)