[Secure-testing-commits] r984 - sarge-checks/CAN

Moritz Muehlenhoff jmm-guest@costa.debian.org
Wed, 04 May 2005 09:51:48 +0000 

Author: jmm-guest
Date: 2005-05-04 09:51:45 +0000 (Wed, 04 May 2005)
New Revision: 984

Modified:
   sarge-checks/CAN/list
Log:
lots of not-for-us


Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list	2005-05-04 09:32:48 UTC (rev 983)
+++ sarge-checks/CAN/list	2005-05-04 09:51:45 UTC (rev 984)
@@ -46,45 +46,44 @@
 	TODO: check
 CAN-2005-1430 (Mac OS X 10.3.x and earlier uses insecure permissions for a pseudo ...)
 	NOTE: not-for-us (Mac OS X)
-begin claimed by jmm
 CAN-2005-1429 (SQL injection vulnerability in login.asp in WWWguestbook 1.1 allows ...)
-	TODO: check
+	NOTE: not-for-us (WWWguestbook)
 CAN-2005-1428 (edit_image.asp in Uapplication Uphotogallery allows remote attackers ...)
-	TODO: check
+	NOTE: not-for-us (Uapplication Uphotogallery)
 CAN-2005-1427 (Uapplication Uphotogallery stores the database under the web document ...)
-	TODO: check
+	NOTE: not-for-us (Uapplication Uphotogallery)
 CAN-2005-1426 (Uapplication Ublog Reload stores the database under the web document ...)
-	TODO: check
+	NOTE: not-for-us (Uapplication Ublog)
 CAN-2005-1425 (Uapplication Uguestbook stores the database under the web document ...)
-	TODO: check
+	NOTE: not-for-us (Uapplication Uguestbook)
 CAN-2005-1424 (StumbleInside GoText 1.01 stores sensitive username, mail address,and ...)
-	TODO: check
+	NOTE: not-for-us (GoText)
 CAN-2005-1423 (Directory traversal vulnerability in the mail program in 602LAN SUITE ...)
-	TODO: check
+	NOTE: not-for-us (602 LAN SUITE)
 CAN-2005-1422 (Raysoft/Raybase Video Cam Server 1.0.0 beta allows remote attackers to ...)
-	TODO: check
+	NOTE: not-for-us (Raysoft Video Cam Server)
 CAN-2005-1421 (Directory traversal vulnerability in Raysoft/Raybase Video Cam Server ...)
-	TODO: check
+	NOTE: not-for-us (Raysoft Video Cam Server)
 CAN-2005-1420 (Raysoft/Raybase Video Cam Server 1.0.0 beta allows remote attackers to ...)
-	TODO: check
+	NOTE: not-for-us (Raysoft Video Cam Server)
 CAN-2005-1419 (SQL injection vulnerability in the admin login panel for Ocean12 ...)
-	TODO: check
+	NOTE: not-for-us (Ocean12 Mailing list manager)
 CAN-2005-1418 (NetLeaf Limited NotJustBrowsing 1.0.3 stores the View Lock Password in ...)
-	TODO: check
+	NOTE: not-for-us (Netleaf)
 CAN-2005-1417 (Multiple SQL injection vulnerabilities in MaxWebPortal 2.x, 1.35, and ...)
-	TODO: check
+	NOTE: not-for-us (MaxWebPortal)
 CAN-2005-1416 (Directory traversal vulnerability in 04WebServer 1.81 allows remote ...)
-	TODO: check
+	NOTE: not-for-us (04WebServer)
 CAN-2005-1415 (Buffer overflow in GlobalSCAPE Secure FTP Server 3.0.2 allows remote ...)
-	TODO: check
+	NOTE: not-for-us (GlobalSCAPE Secure FTP Server)
 CAN-2005-1414 (ExoticSoft FilePocket 1.2 stores sensitive proxy information, ...)
-	TODO: check
+	NOTE: not-for-us (FilePocket)
 CAN-2005-1413 (Multiple SQL injection vulnerabilities in enVivo!CMS allow remote ...)
-	TODO: check
+	NOTE: not-for-us (enVivo)
 CAN-2005-1412 (SQL injection vulnerability in verify.asp for Ecomm Professional ...)
-	TODO: check
+	NOTE: not-for-us (ECommPro)
 CAN-2005-1411 (Cybration ICUII 7.0 stores passwords in plaintext in the ...)
-	TODO: check
+	NOTE: not-for-us (ICUII)
 CAN-2005-1410 (The tsearch2 module in PostgreSQL 7.4 through 8.0.x declares the (1) ...)
 	TODO: check
 CAN-2005-1409 (PostgreSQL 7.3.x through 8.0.x gives public EXECUTE access to certain ...)
@@ -92,28 +91,27 @@
 CAN-2005-1408
 	NOTE: reserved
 CAN-2005-1407 (Skype for Windows 1.2.0.0 to 1.2.0.46 allows local users to bypass the ...)
-	TODO: check
+	NOTE: not-for-us (Skype)
 CAN-2005-1406
 	NOTE: reserved
 CAN-2005-1405 (HTTP response splitting vulnerability in the @SetHTTPHeader function ...)
-	TODO: check
+	NOTE: not-for-us (Lotus Domino)
 CAN-2005-1404 (MyPHP Forum 1.0 allows remote attackers to spoof the username by ...)
-	TODO: check
+	NOTE: not-for-us (MyPHP Forum)
 CAN-2005-1403 (Multiple cross-site scripting (XSS) vulnerabilities in JustWilliam's ...)
-	TODO: check
+	NOTE: not-for-us (JW Amazon Web Store)
 CAN-2005-1402 (Integer signedness error in certain older versions of the NeL library, ...)
-	TODO: check
+	NOTE: not-for-us (NeL libarary)
 CAN-2005-1401 (Format string vulnerability in the client for Mtp-Target 1.2.2 and ...)
-	TODO: check
+	NOTE: not-for-us (Mtp-Target)
 CAN-2005-1400
 	NOTE: reserved
 CAN-2005-1399
 	NOTE: reserved
 CAN-2004-1778 (Skype 0.92.0.12 and 1.0.0.1 for Linux, and possibly other versions, ...)
-	TODO: check
+	NOTE: not-for-us (Skype)
 CAN-2004-1777 (A "range check error" in Skype for Windows before 0.98.0.28 allows ...)
-	TODO: check
-end claimed by jmm
+	NOTE: not-for-us (Skype)
 CAN-2005-1398 (phpcart.php in PHPCart 3.2 allows remote attackers to change product ...)
 	NOTE: not-for-us (PHPCart)
 CAN-2005-1397 (SQL injection vulnerability in search.php for PHP-Calendar before ...)