[Secure-testing-commits] r685 - sarge-checks/CAN
Joey Hess
joeyh@costa.debian.org
Wed, 30 Mar 2005 09:14:27 +0000
Author: joeyh
Date: 2005-03-30 09:14:23 +0000 (Wed, 30 Mar 2005)
New Revision: 685
Modified:
sarge-checks/CAN/list
Log:
automatic CAN database update
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-03-30 05:58:12 UTC (rev 684)
+++ sarge-checks/CAN/list 2005-03-30 09:14:23 UTC (rev 685)
@@ -1,3 +1,45 @@
+CAN-2005-0936 (Cross-site scripting vulnerability in products1h.php in ESMI PayPal ...)
+ TODO: check
+CAN-2005-0935 (Multiple SQL injection vulnerabilities in ESMI PayPal Storefront ...)
+ TODO: check
+CAN-2005-0934 (Multiple cross-site scripting (XSS) vulnerabilities in WackoWiki R4 ...)
+ TODO: check
+CAN-2005-0933 (Directory traversal vulnerability in auxpage.php for phpCOIN 1.2.1b ...)
+ TODO: check
+CAN-2005-0932 (Multiple SQL injection vulnerabilities in phpCOIN 1.2.1b and earlier ...)
+ TODO: check
+CAN-2005-0931 (PHP remote code injection vulnerability in The Includer 1.0 and 1.1 ...)
+ TODO: check
+CAN-2005-0930 (Cross-site scripting (XSS) vulnerability in message.php in Chatness ...)
+ TODO: check
+CAN-2005-0929 (SQL injection vulnerability in PhotoPost PHP Pro 5.x may allow remote ...)
+ TODO: check
+CAN-2005-0928 (Multiple cross-site scripting (XSS) vulnerabilities in PhotoPost PHP ...)
+ TODO: check
+CAN-2005-0927 (Unknown vulnerability in subs.pl for WebAPP 0.9.9 through 0.9.9.2 has ...)
+ TODO: check
+CAN-2005-0926 (Buffer overflow in Sylpheed before 1.0.4 allows remote attackers to ...)
+ TODO: check
+CAN-2005-0925 (Cross-site scripting (XSS) vulnerability in Ublog 1.0 through 1.0.4 ...)
+ TODO: check
+CAN-2005-0924 (Cross-site scripting (XSS) vulnerability in Adventia E-Data 2.0 allows ...)
+ TODO: check
+CAN-2005-0923 (The SmartScan feature in the Auto-Protect module for Symantec Norton ...)
+ TODO: check
+CAN-2005-0922 (Unknown vulnerability in the Auto-Protect module in Symantec Norton ...)
+ TODO: check
+CAN-2005-0921 (Microsoft Outlook 2002 Connector for IBM Lotus Domino 2.0 allows local ...)
+ TODO: check
+CAN-2005-0920 (Multiple SQL injection vulnerabilities in Bugtracker.NET 2.0.1 allow ...)
+ TODO: check
+CAN-2005-0919 (Adventia Chat 3.1 and Server Pro 3.0 allows remote attackers to inject ...)
+ TODO: check
+CAN-2005-0918
+ NOTE: reserved
+CAN-2005-0917 (PHP remote code injection vulnerability in index_header.php for ...)
+ TODO: check
+CAN-2005-0916 (AIO in the Linux kernel 2.6.11 on the PPC64 or IA64 architectures with ...)
+ TODO: check
CAN-2005-0915 (Webmasters-Debutants WD Guestbook 2.8 allows remote attackers to ...)
NOTE: not-for-us (Webmasters-Debutants WD Guestbook)
CAN-2005-0914 (Multiple cross-site scripting (XSS) vulnerabilities in CPG Dragonfly ...)
@@ -457,8 +499,7 @@
- ethereal 0.10.10-1
CAN-2005-0764 [Buffer overflow with overly long escape sequences in rxvt-unicode]
- rxvt-unicode 5.3-1
-CAN-2005-0763
- NOTE: reserved
+CAN-2005-0763 (Buffer overflow in Midnight Commander (mc) 4.5.55 and earlier may ...)
{DSA-698-1}
CAN-2005-0762 [imagemagick SGI heap overflow allows arbitrary code execution]
- imagemagick 5:6.0.0-1
@@ -1700,6 +1741,7 @@
CAN-2005-0470 (Buffer overflow in wpa_supplicant before 0.2.7 allows remote attackers ...)
- wpasupplicant 0.3.8-1
CAN-2005-0469 (Buffer overflow in the slc_add_reply function in various BSD-based ...)
+ {DSA-699-1 DSA-697-1}
{ DSA-697-1}
CAN-2005-0468 (Heap-based buffer overflow in the env_opt_add function in telnet.c for ...)
TODO: check
@@ -2454,7 +2496,7 @@
NOTE: not-for-us (ARCserve Backup)
CAN-2005-0259 (phpBB 2.0.11, and possibly other versions, with remote avatars and ...)
- phpbb2 2.0.12-1
-CAN-2005-0258 (Directory traversal vulnerability in usercp_register.php for phpBB ...)
+CAN-2005-0258 (Directory traversal vulnerability in (1) usercp_register.php and (2) ...)
- phpbb2 2.0.12-1
CAN-2005-0257
NOTE: reserved
@@ -3078,7 +3120,7 @@
NOTE: not-for-us (Microsoft)
CAN-2005-0046
NOTE: reserved
-CAN-2005-0045 (The Server Message Block (SMB) implementation for Windows 2000, XP, ...)
+CAN-2005-0045 (The Server Message Block (SMB) implementation for Windows NT 4.0, ...)
NOTE: not-for-us (Microsoft)
CAN-2005-0044 (The OLE component in Windows 98, 2000, XP, and Server 2003, and ...)
NOTE: not-for-us (Microsoft)