[Secure-testing-commits] r559 - sarge-checks/CAN

Joey Hess joeyh@costa.debian.org
Wed, 16 Mar 2005 07:33:13 +0100 

Author: joeyh
Date: 2005-03-16 07:33:10 +0100 (Wed, 16 Mar 2005)
New Revision: 559

Modified:
   sarge-checks/CAN/list
Log:
process and claim

Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list	2005-03-16 05:55:10 UTC (rev 558)
+++ sarge-checks/CAN/list	2005-03-16 06:33:10 UTC (rev 559)
@@ -1,69 +1,67 @@
-begin claimed by joeyh
 CAN-2005-0748 (PHP remote code injection vulnerability in initdb.php for WEBInsta ...)
-	TODO: check
+	NOTE: not-for-us (WEBInsta)
 CAN-2005-0747 (ApplyYourself i-Class allows remote attackers to obtain sensitive ...)
-	TODO: check
+	NOTE: not-for-us (ApplyYourself)
 CAN-2005-0746 (The Mini FTP server in Novell iChain 2.2 and 2.3 SP2 and earlier ...)
-	TODO: check
+	NOTE: not-for-us (Novell iChain)
 CAN-2005-0745 (UTStarcom iAN-02EX VoIP Analog Terminal Adaptor (ATA) allows local ...)
-	TODO: check
+	NOTE: not-for-us (UTStarcom iAN-02EX VoIP Analog Terminal Adaptor)
 CAN-2005-0744 (The web GUI for Novell iChain 2.2 and 2.3 SP2 and SP3 allows attackers ...)
-	TODO: check
+	NOTE: not-for-us (Novell iChain)
 CAN-2005-0743 (The custom avatar uploading feature (uploader.php) for XOOPS 2.0.9.2 ...)
-	TODO: check
+	NOTE: not-for-us (XOOPS)
 CAN-2005-0742 (Cross-site scripting (XSS) vulnerability in Sun Java System ...)
-	TODO: check
+	NOTE: not-for-us (Sun Java System Application Server)
 CAN-2005-0741 (Cross-site scripting (XSS) vulnerability in YaBB.pl for YaBB 2.0 RC1 ...)
-	TODO: check
+	NOTE: not-for-us (YaBB)
 CAN-2005-0740 (The TCP stack (tcp_input.c) in OpenBSD 3.5 and 3.6 allows remote ...)
-	TODO: check
+	NOTE: not-for-us (OpenBSD)
 CAN-2005-0739 (The IAPP dissector for Ethereal 0.9.1 to 0.9.9 does not properly use ...)
-	TODO: check
+	- ethereal 0.9.10
 CAN-2005-0738 (Stack overflow in Microsoft Exchange Server 2003 SP1 allows users to ...)
-	TODO: check
+	NOTE: not-for-us (Microsoft)
 CAN-2005-0737 (Buffer overflow in Yahoo! Messenger allows remote attackers to execute ...)
-	TODO: check
+	NOTE: not-for-us (Yahoo Messenger)
 CAN-2005-0736 (Integer overflow in sys_epoll_wait in eventpoll.c for Linux kernel 2.6 ...)
-	TODO: check
+	NOTE: 2.6 through .11
+	TODO: check with kernel team
 CAN-2005-0735 (newsscript.pl for NewsScript allows remote attachers to gain ...)
-	TODO: check
+	NOTE: not-for-us (newsscript)
 CAN-2005-0734 (PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote ...)
-	TODO: check
+	NOTE: not-for-us (PY Software Active Webcam WebServer)
 CAN-2005-0733 (PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote ...)
-	TODO: check
+	NOTE: not-for-us (PY Software Active Webcam WebServer)
 CAN-2005-0732 (PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote ...)
-	TODO: check
+	NOTE: not-for-us (PY Software Active Webcam WebServer)
 CAN-2005-0731 (PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote ...)
-	TODO: check
+	NOTE: not-for-us (PY Software Active Webcam WebServer)
 CAN-2005-0730 (PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote ...)
-	TODO: check
+	NOTE: not-for-us (PY Software Active Webcam WebServer)
 CAN-2005-0729 (Format string vulnerability in Xpand Rally 1.1.0.0 and earlier allows ...)
-	TODO: check
+	NOTE: not-for-us (Xpand Rally)
 CAN-2005-0728
 	NOTE: rejected
-	TODO: check
 CAN-2005-0727
 	NOTE: rejected
-	TODO: check
 CAN-2005-0726 (SQL injection vulnerability in editpost.php in UBB.threads 6.0 allows ...)
-	TODO: check
+	NOTE: not-for-us (UBB.threads)
 CAN-2005-0725 (SQL injection vulnerability in the getAllbyArticle function in ...)
-	TODO: check
+	NOTE: not-for-us (wfsections)
 CAN-2005-0724 (paFileDB 3.1 and earlier allows remote attackers to obtain sensitive ...)
-	TODO: check
+	NOTE: not-for-us (paFileDB)
 CAN-2005-0723 (Cross-site scripting (XSS) vulnerability in the jumpmenu function in ...)
-	TODO: check
+	NOTE: not-for-us (paFileDB)
 CAN-2005-0722 (eXPerience2 allows remote attackers to obtain the full path for the ...)
-	TODO: check
+	NOTE: not-for-us (eXPerience2)
 CAN-2005-0721 (PHP remote code injection vulnerability in modules.php in eXPerience2 ...)
-	TODO: check
+	NOTE: not-for-us (eXPerience2)
 CAN-2005-0720 (PHP remote code injection vulnerability in header.php in PHP mcNews ...)
-	TODO: check
+	NOTE: not-for-us (mcNews)
 CAN-2005-0719 (Unknown vulnerability in the systems message queue in HP Tru64 Unix ...)
-	TODO: check
+	NOTE: not-for-us (Tru64)
 CAN-2005-0718 (Squid 2.5.STABLE7 and earlier allows remote attackers to cause a ...)
-	TODO: check
-end claimed by joeyh
+	- squid 2.5.8
+begin claimed by joeyh
 CAN-2005-0717
 	NOTE: reserved
 CAN-2005-0716
@@ -123,6 +121,7 @@
 	TODO: check
 CAN-2003-1112 (The Session Initiation Protocol (SIP) implementation in Ingate ...)
 	TODO: check
+end claimed by joeyh
 CAN-2003-1111 (The Session Initiation Protocol (SIP) implementation in multiple ...)
 	TODO: check
 CAN-2003-1110 (The Session Initiation Protocol (SIP) implementation in Columbia SIP ...)