[Secure-testing-commits] r964 - sarge-checks/CAN

Joey Hess joeyh@costa.debian.org
Tue, 03 May 2005 09:14:56 +0000


Author: joeyh
Date: 2005-05-03 09:14:43 +0000 (Tue, 03 May 2005)
New Revision: 964

Modified:
   sarge-checks/CAN/list
Log:
automatic CAN database update

Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list	2005-05-03 06:53:37 UTC (rev 963)
+++ sarge-checks/CAN/list	2005-05-03 09:14:43 UTC (rev 964)
@@ -1,3 +1,71 @@
+CAN-2005-1398 (phpcart.php in PHPCart 3.2 allows remote attackers to change product ...)
+	TODO: check
+CAN-2005-1397 (SQL injection vulnerability in search.php for PHP-Calendar before ...)
+	TODO: check
+CAN-2005-1396 (Race condition in Ce/Ceterm (aka ARPUS/Ce) 2.5.4 and earlier allows ...)
+	TODO: check
+CAN-2005-1395 (Buffer overflow in Ce/Ceterm (aka ARPUS/Ce) 2.5.4 and earlier may ...)
+	TODO: check
+CAN-2005-1394 (Format string vulnerability in ArcGIS for ESRI ArcInfo Workstation 9.0 ...)
+	TODO: check
+CAN-2005-1393 (Multiple buffer overflows in ArcGIS for ESRI ArcInfo Workstation 9.0 ...)
+	TODO: check
+CAN-2005-1392 (The SQL install script in phpMyAdmin 2.6.2 is created with ...)
+	TODO: check
+CAN-2005-1391 (Buffer overflow in the add_port function in APSIS Pound 1.8.2 and ...)
+	TODO: check
+CAN-2005-1390 (Squid before 2.5.STABLE7, when using persistent connections, allows ...)
+	TODO: check
+CAN-2005-1389 (HTTP response splitting vulnerability in Squid before 2.5.STABLE7, ...)
+	TODO: check
+CAN-2005-1388 (Cross-site scripting (XSS) vulnerability in SURVIVOR before 0.9.6 ...)
+	TODO: check
+CAN-2005-1387 (Cocktail 3.5.4 and possibly earlier in Mac OS X passes the ...)
+	TODO: check
+CAN-2005-1386 (PHP-Nuke 7.6 and earlier allows remote attackers to obtain sensitive ...)
+	TODO: check
+CAN-2005-1385 (Safari 1.3 allows remote attackers to cause a denial of service ...)
+	TODO: check
+CAN-2005-1384 (Multiple SQL injection vulnerabilities in phpCoin 1.2.2 allow remote ...)
+	TODO: check
+CAN-2005-1383 (The OHS component 1.0.2 through 10.x, when UseWebcacheIP is disabled, ...)
+	TODO: check
+CAN-2005-1382 (The webcacheadmin module in Oracle Webcache 9i allows remote attackers ...)
+	TODO: check
+CAN-2005-1381 (Multiple cross-site scripting (XSS) vulnerabilities in Oracle Webcache ...)
+	TODO: check
+CAN-2005-1380 (Cross-site scripting (XSS) vulnerability in BEA Admin Console 8.1 ...)
+	TODO: check
+CAN-2005-1379 (The LAM runtime environment package (lam-runtime-7.0.6-2mdk) on ...)
+	TODO: check
+CAN-2005-1378 (SQL injection vulnerability in posting_notes.php in the notes module ...)
+	TODO: check
+CAN-2005-1377 (Multiple PHP remote code injection vulnerabilities in Claroline 1.5.3 ...)
+	TODO: check
+CAN-2005-1376 (Multiple directory traversal vulnerabilities in (1) document.php or ...)
+	TODO: check
+CAN-2005-1375 (Multiple SQL injection vulnerabilities in Claroline 1.5.3 through 1.6 ...)
+	TODO: check
+CAN-2005-1374 (Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.5.3 ...)
+	TODO: check
+CAN-2005-1373 (Multiple SQL injection vulnerabilities in index.php in Dream4 Koobi ...)
+	TODO: check
+CAN-2005-1372 (nvstatsmngr.exe process in BakBone NetVault 7.1 does not properly drop ...)
+	TODO: check
+CAN-2005-1371 (BPFTPServer service in BulletProof FTP Server 2.4.0.31 does not ...)
+	TODO: check
+CAN-2005-1370 (Unknown vulnerability in Radia Management Agent (RMA) in HP OpenView ...)
+	TODO: check
+CAN-2005-1369 (The (1) it87 and (2) via686a drivers in I2C for Linux 2.6.x before ...)
+	TODO: check
+CAN-2005-1368 (The key_user_lookup function in security/keys/key.c in Linux kernel ...)
+	TODO: check
+CAN-2005-1367
+	NOTE: reserved
+CAN-2005-1366
+	NOTE: reserved
+CAN-2005-1365
+	NOTE: reserved
 CAN-2005-XXXX [Insecure mailbox generation in passwd's useradd
 	- shadow (unfixed; bug #307259)
 CAN-2005-XXXX [Insecure tempfile generation in shadow's vipw] 
@@ -7118,7 +7186,7 @@
 	NOTE: rejected
 CAN-2004-0074 (Multiple buffer overflows in xsok 1.02 allows local users to gain ...)
 	NOTE: turned out not to be vulnerable. See bug #278777
-CAN-2004-0073 (PHP remote code injection vulnerability in config.php for ...)
+CAN-2004-0073 (PHP remote code injection vulnerability in (1) config.php and (2) ...)
 	NOTE: not-for-us (EasyDynamicPages)
 CAN-2004-0072 (Directory traversal vulnerability in Accipiter Direct Server 6.0 ...)
 	NOTE: not-for-us (Accipiter Direct Server 6.0)