[Secure-testing-commits] r670 - sarge-checks/CAN
Joey Hess
joeyh@costa.debian.org
Sun, 27 Mar 2005 09:14:20 +0000
Author: joeyh
Date: 2005-03-27 09:14:17 +0000 (Sun, 27 Mar 2005)
New Revision: 670
Modified:
sarge-checks/CAN/list
Log:
automatic CAN database update
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-03-26 12:22:07 UTC (rev 669)
+++ sarge-checks/CAN/list 2005-03-27 09:14:17 UTC (rev 670)
@@ -1,3 +1,75 @@
+CAN-2005-0890 (SQL injection vulnerability in Dream4 Koobi CMS 4.2.3 allows remote ...)
+ TODO: check
+CAN-2005-0889 (Cross-site scripting (XSS) vulnerability in index.php for Dream4 Koobi ...)
+ TODO: check
+CAN-2005-0888 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+ TODO: check
+CAN-2005-0887 (Code injection vulnerability in Double Choco Latte before 0.9.4.3 ...)
+ TODO: check
+CAN-2005-0886 (Cross-site scripting (XSS) vulnerability in Invision Power Board 2.0.2 ...)
+ TODO: check
+CAN-2005-0885 (Multiple cross-site scripting (XSS) vulnerabilities in XMB Forum 1.9.1 ...)
+ TODO: check
+CAN-2005-0884 (DigitalHive 2.0 allows remote attackers to re-install the product by ...)
+ TODO: check
+CAN-2005-0883 (Multiple cross-site scripting (XSS) vulnerabilities in base.php for ...)
+ TODO: check
+CAN-2005-0882 (SQL injection vulnerability in admincore.php in BirdBlog before 1.2.0 ...)
+ TODO: check
+CAN-2005-0881 (Cross-site scripting (XSS) vulnerability in articles.newcomment for ...)
+ TODO: check
+CAN-2005-0880 (content.php in Vortex Portal allows remote attackers to obtain ...)
+ TODO: check
+CAN-2005-0879 (PHP remote code injection vulnerability in (1) content.php and (2) ...)
+ TODO: check
+CAN-2005-0878 (Cross-site scripting (XSS) vulnerability in MercuryBoard before 1.1.3 ...)
+ TODO: check
+CAN-2005-0877 (Dnsmasq before 2.21 allows remote attackers to poison the DNS cache ...)
+ TODO: check
+CAN-2005-0876 (Off-by-one buffer overflow in Dnsmasq before 2.21 may allow attackers ...)
+ TODO: check
+CAN-2005-0875 (Multiple buffer overflows in the Yahoo plug-in for Trillian 2.0, 3.0, ...)
+ TODO: check
+CAN-2005-0874 (Multiple buffer overflows in the (1) AIM, (2) MSN, (3) RSS, and other ...)
+ TODO: check
+CAN-2005-0873 (Multiple cross-site scripting (XSS) vulnerabilities in test.jsp in ...)
+ TODO: check
+CAN-2005-0872 (Cross-site scripting (XSS) vulnerability in calendar_scheduler.php in ...)
+ TODO: check
+CAN-2005-0871 (calendar_scheduler.php in Topic Calendar 1.0.1 module for phpBB, when ...)
+ TODO: check
+CAN-2005-0870 (Multiple cross-site scripting (XSS) vulnerabilities in phpSysInfo 2.3, ...)
+ TODO: check
+CAN-2005-0869 (phpSysInfo 2.3 allows remote attackers to obtain sensitive information ...)
+ TODO: check
+CAN-2005-0868 (AS/400 Telnet 5250 terminal emulation clients, as implemented by (1) ...)
+ TODO: check
+CAN-2005-0867 (Integer overflow in Linux kernel 2.6 allows local users to overwrite ...)
+ TODO: check
+CAN-2005-0866 (cdrecord before 4:2.0, when DEBUG is enabled, allows local users to ...)
+ TODO: check
+CAN-2004-1771 (Scalable OGo (SOGo) 1.0 allows remote authenticated users to bypass ...)
+ TODO: check
+CAN-2002-1628 (Directory traversal vulnerability in vote.cgi for Mike Spice Mike's ...)
+ TODO: check
+CAN-2002-1627 (Directory traversal vulnerability in quiz.cgi for Mike Spice Quiz Me! ...)
+ TODO: check
+CAN-2002-1626 (Directory traversal vulnerability in Mike Spice My Calendar before 1.5 ...)
+ TODO: check
+CAN-2002-1625 (Macromedia Flash Player 6 does not terminate connections when the user ...)
+ TODO: check
+CAN-2002-1624 (Buffer overflow in Lotus Domino web server before R5.0.10, when ...)
+ TODO: check
+CAN-2002-1623 (The design of the Internet Key Exchange (IKE) protocol, when using ...)
+ TODO: check
+CAN-2002-1622 (Buffer overflow in certain RPC routines in IBM AIX 4.3 may allow ...)
+ TODO: check
+CAN-2002-1621 (Buffer overflow in the file_comp function in rcp for IBM AIX 4.3.x and ...)
+ TODO: check
+CAN-2002-1620 (Unknown vulnerability in IBM AIX Parallel Systems Support Programs ...)
+ TODO: check
+CAN-2002-1619 (Buffer overflow in the FC client for IBM AIX 4.3.x allows remote ...)
+ TODO: check
CAN-2005-0865 (Samsung ADSL Modem SMDK8947v1.2 uses default passwords for the (1) ...)
NOTE: not-for-us (Samsung ADSL modems)
CAN-2005-0864 (The Boa web server, as used in Samsung ADSL Modem SMDK8947v1.2 and ...)
@@ -266,18 +338,14 @@
CAN-2005-0763
NOTE: reserved
CAN-2005-0762 [imagemagick SGI heap overflow allows arbitrary code execution]
- NOTE: reserved
- imagemagick 5:6.0.0-1
NOTE: Does only affect imagemagick releases prior to 6
CAN-2005-0761 [imagemagick crafted PSD DoS]
- NOTE: reserved
- imagemagick (unfixed; bug #301110)
CAN-2005-0760 [imagemagick malformed TIFF crash DoS]
- NOTE: reserved
- imagemagick 5:6.0.0-1
NOTE: Does only affect imagemagick releases prior to 6
CAN-2005-0759 [imagemagick invalid TIFF tag DoS]
- NOTE: reserved
- imagemagick 5:6.0.0-1
NOTE: Does only affect imagemagick releases prior to 6
CAN-2005-0758
@@ -1764,8 +1832,7 @@
NOTE: reserved
CAN-2005-0399 [GIF heap overflow parsing Netscape extension 2 in Firefox]
- mozilla-firefox 1.0.2-1
-CAN-2005-0398
- NOTE: reserved
+CAN-2005-0398 (The KAME racoon daemon in ipsec-tools before 0.5 allows remote ...)
- racoon 1:0.5-5
CAN-2005-0397 (Format string vulnerability in ImageMagick before 6.0.2.5 allows ...)
- imagemagick 6:6.0.6.2-2.2
@@ -9587,7 +9654,7 @@
CAN-2002-0212 (The login for Hosting Controller 1.1 through 1.4.1 returns different ...)
CAN-2002-0210 (setlicense for TOLIS Group Backup and Restore Utility (BRU) 17.0 ...)
CAN-2002-0208 (PGP Security PGPfire 7.1 for Windows alters the system's TCP/IP stack ...)
-CAN-2002-0206 (index.php in Francisco Burzi PHP-Nuke 5.3.1 and earlier allows remote ...)
+CAN-2002-0206 (index.php in Francisco Burzi PHP-Nuke 5.3.1 and earlier, and possibly ...)
CAN-2002-0205 (Cross-site scripting (CSS) vulnerability in error.asp for Plumtree ...)
CAN-2002-0204 (Buffer overflow in GNU Chess (gnuchess) 5.02 and earlier, if modified ...)
CAN-2002-0203 (ttawebtop.cgi in Tarantella Enterprise 3.20 on SPARC Solaris and ...)