[Secure-testing-commits] r667 - sarge-checks/CAN

Joey Hess joeyh@costa.debian.org
Sat, 26 Mar 2005 09:14:22 +0000 

Author: joeyh
Date: 2005-03-26 09:14:18 +0000 (Sat, 26 Mar 2005)
New Revision: 667

Modified:
   sarge-checks/CAN/list
Log:
automatic CAN database update

Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list	2005-03-26 08:38:40 UTC (rev 666)
+++ sarge-checks/CAN/list	2005-03-26 09:14:18 UTC (rev 667)
@@ -1,3 +1,75 @@
+CAN-2005-0865 (Samsung ADSL Modem SMDK8947v1.2 uses default passwords for the (1) ...)
+	TODO: check
+CAN-2005-0864 (The Boa web server, as used in Samsung ADSL Modem SMDK8947v1.2 and ...)
+	TODO: check
+CAN-2005-0863 (Cross-site scripting (XSS) vulnerability in PHPOpenChat v3.x allows ...)
+	TODO: check
+CAN-2005-0862 (Multiple PHP remote code injection vulnerabilities in PHPOpenChat ...)
+	TODO: check
+CAN-2005-0861 (Multiple buffer overflows in DeleGate before 8.11.1 may allow ...)
+	TODO: check
+CAN-2005-0860 (PHP remote code injection vulnerability in TRG News Script 3.0 allows ...)
+	TODO: check
+CAN-2005-0859 (PHP remote code injection vulnerability in CzarNews 1.13b allows ...)
+	TODO: check
+CAN-2005-0858 (Multiple SQL injection vulnerabilities in CoolForum 0.8 and earlier ...)
+	TODO: check
+CAN-2005-0857 (Cross-site scripting (XSS) vulnerability in avatar.php for CoolForum ...)
+	TODO: check
+CAN-2005-0856 (CoolForum 0.8.1 beta and earlier allows remote attackers to manipulate ...)
+	TODO: check
+CAN-2005-0855 (CoolForum 0.8.1 beta and earlier allows remote attackers to obtain ...)
+	TODO: check
+CAN-2005-0854 (betaparticle blog (bp blog) allows remote attackers to bypass ...)
+	TODO: check
+CAN-2005-0853 (betaparticle blog (bp blog) stores the database under the web root, ...)
+	TODO: check
+CAN-2005-0852 (Microsoft Windows XP SP1 allows local users to cause a denial of ...)
+	TODO: check
+CAN-2005-0851 (FileZilla FTP server before 0.9.6, when using MODE Z (zlib ...)
+	TODO: check
+CAN-2005-0850 (FileZilla FTP server before 0.9.6 allows remote attackers to cause a ...)
+	TODO: check
+CAN-2005-0849 (Multiple games developed by FUN labs, including 4X4 Off-road Adventure ...)
+	TODO: check
+CAN-2005-0848 (Multiple games developed by FUN labs, including 4X4 Off-road Adventure ...)
+	TODO: check
+CAN-2005-0847 (Code Ocean FTP server 1.0 allows remote attackers to cause a denial of ...)
+	TODO: check
+CAN-2002-1618 (JFS (JFS3.1 and OnlineJFS) in HP-UX 10.20, 11.00, and 11.04 does not ...)
+	TODO: check
+CAN-2002-1617 (Multiple buffer overflows in HP Tru64 UNIX 5.x allow local users to ...)
+	TODO: check
+CAN-2002-1616 (Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and ...)
+	TODO: check
+CAN-2002-1615 (Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and ...)
+	TODO: check
+CAN-2002-1614 (Buffer overflow in HP Tru64 UNIX allows local users to execute ...)
+	TODO: check
+CAN-2002-1613 (Buffer overflow in ps in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f ...)
+	TODO: check
+CAN-2002-1612 (Buffer overflow in mailcv in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and ...)
+	TODO: check
+CAN-2002-1611 (Buffer overflow in quot in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and ...)
+	TODO: check
+CAN-2002-1610 (Unknown vulnerability in ping in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, ...)
+	TODO: check
+CAN-2002-1609 (Buffer overflow in binmail in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and ...)
+	TODO: check
+CAN-2002-1608 (Buffer overflow in traceroute in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, ...)
+	TODO: check
+CAN-2002-1607 (Buffer overflow in ypmatch in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and ...)
+	TODO: check
+CAN-2002-1606 (Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and ...)
+	TODO: check
+CAN-2002-1605 (Buffer overflow in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f ...)
+	TODO: check
+CAN-2002-1604 (Multiple buffer overflows in HP Tru64 UNIX allow local and possibly ...)
+	TODO: check
+CAN-2002-1603 (GoAhead Web Server 2.1.7 and earlier allows remote attackers to obtain ...)
+	TODO: check
+CAN-2002-1602 (Buffer overflow in the Braille module for GNU screen 3.9.11, when ...)
+	TODO: check
 CAN-2005-XXXX [Exploitable race conditions in OpenMosixView may lead to filesystem trashing]
 	- openmosixview (unfixed; bug #301430)
 CAN-2005-XXXX [Buffer overflow in display of messages with MIME encoded filenames in Sylpheed]
@@ -111,7 +183,7 @@
 	NOTE: not-for-us (NotifyLink)
 CAN-2005-0808 (Apache Tomcat before 5.x allows remote attackers to cause a denial of ...)
 	NOTE: not-for-us (Does not affect Tomcat 4.x according to http://www.securityfocus.com/bid/12795/info/)
-CAN-2005-0807 (Heap-based buffer overflow in the PSK sniffer for Cain & Abel 2.65 ...)
+CAN-2005-0807 (Multiple buffer overflows in Cain & Abel before 2.67 allow remote ...)
 	NOTE: not-for-us (Cain & Abel)
 CAN-2005-0806 (Evolution 2.0.3 allows remote attackers to cause a denial of service ...)
 	- evolution (unfixed; bug #300815)
@@ -1651,8 +1723,8 @@
 	NOTE: not-for-us (Microsoft)
 CAN-2005-0419 (Multiple heap-based buffer overflows in 3Com 3CServer allow remote ...)
 	NOTE: not-for-us (3com)
-CAN-2005-0418
-	NOTE: reserved
+CAN-2005-0418 (Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up ...)
+	TODO: check
 CAN-2005-0417 (Unknown "high risk" vulnerability in DB2 Universal Database 8.1 and ...)
 	NOTE: not-for-us (IBM DB2)
 CAN-2005-0416 (The Windows Animated Cursor (ANI) capability in Windows NT, Windows ...)
@@ -1685,15 +1757,12 @@
 CAN-2005-0403
 	NOTE: reserved
 CAN-2005-0402 [Arbitrary code execution from Firefox sidebar panel]
-	NOTE: reserved
 	- mozilla-firefox 1.0.2-1
 CAN-2005-0401 [Drag and drop loading of privileged XUL in Firefox]
-	NOTE: reserved
 	- mozilla-firefox 1.0.2-1
 CAN-2005-0400
 	NOTE: reserved
 CAN-2005-0399 [GIF heap overflow parsing Netscape extension 2 in Firefox]
-	NOTE: reserved
 	- mozilla-firefox 1.0.2-1
 CAN-2005-0398
 	NOTE: reserved
@@ -2193,7 +2262,7 @@
 	NOTE: reserved
 CAN-2005-0256 (The wu_fnmatch function in wu_fnmatch.c for wu-fptd 2.6.1 and 2.6.2 ...)
 	- wu-ftpd 2.6.2-19
-CAN-2005-0255 (String handling functions in Mozilla 1.7.3 and Firefox 1.0, such as ...)
+CAN-2005-0255 (String handling functions in Mozilla 1.7.3, Firefox 1.0, and ...)
 	- mozilla-firefox 1.0.1
 	NOTE: didn't other with YA mozilla-browser bug, it has enough for 1.7.6 already..
 	- mozilla 2:1.7.6