[Secure-testing-commits] r954 - sarge-checks/CAN
Moritz Muehlenhoff
jmm-guest@costa.debian.org
Sun, 01 May 2005 20:42:44 +0000
Author: jmm-guest
Date: 2005-05-01 20:42:40 +0000 (Sun, 01 May 2005)
New Revision: 954
Modified:
sarge-checks/CAN/list
Log:
Trimming the list of TODOs:
Add some historic fixes.
Some generic and thus unfixable protocol weaknesses.
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-05-01 20:20:16 UTC (rev 953)
+++ sarge-checks/CAN/list 2005-05-01 20:42:40 UTC (rev 954)
@@ -372,17 +372,14 @@
NOTE: not-for-us (Commercial SSH)
CAN-2001-1473 (The SSH-1 protocol allows remote servers conduct man-in-the-middle ...)
NOTE: SSH1 protocol design flaw issue, proper fix is to use the SSH2 protocol
- TODO: check whether that's properly documented
CAN-2001-1472 (SQL injection vulnerability in prefs.php in phpBB 1.4.0 and 1.4.1 ...)
- TODO: check
+ - phpbb2 2.0.6c-1
CAN-2001-1471 (prefs.php in phpBB 1.4.0 and earlier allows remote authenticated users ...)
- TODO: check
+ - phpbb2 2.0.6c-1
CAN-2001-1470 (The IDEA cipher as implemented by SSH1 does not protect the final ...)
NOTE: SSH1 protocol design flaw issue, proper fix is to use the SSH2 protocol
- TODO: check
CAN-2001-1469 (The RC4 stream cipher as used by SSH1 allows remote attackers to ...)
NOTE: SSH1 protocol design flaw issue, proper fix is to use the SSH2 protocol
- TODO: check
CAN-2001-1468 (PHP remote code injection vulnerability in checklogin.php in ...)
NOTE: not-for-us (phpSecurePages)
CAN-2001-1467 (mkpasswd in expect 5.2.8, as used by Red Hat Linux 6.2 through 7.0, ...)
@@ -432,9 +429,9 @@
CAN-2001-1445 (Unknown vulnerability in the SMTP server in Lotus Domino 5.0 through ...)
NOTE: not-for-us (Lotus Domino)
CAN-2001-1444 (The Kerberos Telnet protocol, as implemented by KTH Kerberos IV and ...)
- TODO: check
+ NOTE: Generic protocol flaw
CAN-2001-1443 (KTH Kerberos IV and Kerberos V (Heimdal) for Telnet clients do not ...)
- TODO: check
+ NOTE: Generic protocol flaw
CAN-2001-1442 (Buffer overflow in innfeed for ISC InterNetNews (INN) before 2.3.0 ...)
- inn2 2.3.3+20020922-1
TODO: Verify whether this applies to inn as well
@@ -459,9 +456,9 @@
CAN-2000-1222 (AIX sysback before 4.2.1.13 uses a relative path to find and execute ...)
NOTE: not-for-us (AIX)
CAN-2000-1221 (The line printer daemon (lpd) in the lpr package in multiple Linux ...)
- TODO: check
+ - lpr 0.48-1
CAN-2000-1220 (The line printer daemon (lpd) in the lpr package in multiple Linux ...)
- TODO: check
+ - lpr 0.48-1
CAN-2000-1219 (The -ftrapv compiler option in gcc and g++ 3.3.3 and earlier does not ...)
- gcc-3.3 3.3.4-1
CAN-2000-1218 (The default configuration for the domain name resolver for Microsoft ...)
@@ -509,6 +506,7 @@
CAN-2005-1185 (MMFWLaunch.exe in Musicmatch Jukebox 10.00.2047 and earlier does not ...)
NOTE: not-for-us (Musicmatch)
CAN-2005-1184 (The TCP/IP stack in multiple operating systems allows remote attackers ...)
+ NOTE: This looks rather obscure -jmm
TODO: check
CAN-2005-1183 (Cross-site scripting (XSS) vulnerability in mvnForum 1.0 RC4 allows ...)
NOTE: not-for-us (mvnForum)