[Secure-testing-commits] r1009 - sarge-checks/CAN
Moritz Muehlenhoff
jmm-guest@costa.debian.org
Fri, 06 May 2005 09:49:55 +0000
Author: jmm-guest
Date: 2005-05-06 09:49:52 +0000 (Fri, 06 May 2005)
New Revision: 1009
Modified:
sarge-checks/CAN/list
Log:
ethereal and leafnode CANified.
leafnode2 vulns not affecting Debian.
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-05-06 09:16:32 UTC (rev 1008)
+++ sarge-checks/CAN/list 2005-05-06 09:49:52 UTC (rev 1009)
@@ -1,47 +1,45 @@
-begin claimed by jmm
CAN-2005-1470 (Multiple unknown vulnerabilities in the (1) TZSP, (2) MGCP, (3) ISUP, ...)
- TODO: check
+ - ethereal 0.10.11-1
CAN-2005-1469 (Unknown vulnerability in the GSM dissector in Ethereal before 0.10.11 ...)
- TODO: check
+ - ethereal 0.10.11-1
CAN-2005-1468 (Multiple unknown vulnerabilities in the (1) WSP, (2) Q.931, (3) H.245, ...)
- TODO: check
+ - ethereal 0.10.11-1
CAN-2005-1467 (Unknown vulnerability in the NDPS dissector in Ethereal before 0.10.11 ...)
- TODO: check
+ - ethereal 0.10.11-1
CAN-2005-1466 (Unknown vulnerability in the DICOM dissector in Ethereal before ...)
- TODO: check
+ - ethereal 0.10.11-1
CAN-2005-1465 (Unknown vulnerability in the NCP dissector in Ethereal before 0.10.11 ...)
- TODO: check
+ - ethereal 0.10.11-1
CAN-2005-1464 (Multiple unknown vulnerabilities in the (1) KINK, (2) L2TP, (3) MGCP, ...)
- TODO: check
+ - ethereal 0.10.11-1
CAN-2005-1463 (Multiple format string vulnerabilities in the (1) DHCP and (2) ANSI A ...)
- TODO: check
+ - ethereal 0.10.11-1
CAN-2005-1462 (Double-free vulnerability in the ICEP dissector in Ethereal before ...)
- TODO: check
+ - ethereal 0.10.11-1
CAN-2005-1461 (Multiple buffer overflows in the (1) SIP, (2) CMIP, (3) CMP, (4) CMS, ...)
- TODO: check
+ - ethereal 0.10.11-1
CAN-2005-1460 (Multiple unknown dissectors in Ethereal before 0.10.11 allow remote ...)
- TODO: check
+ - ethereal 0.10.11-1
CAN-2005-1459 (Multiple unknown vulnerabilities in the (1) WSP, (2) BER, (3) SMB, (4) ...)
- TODO: check
+ - ethereal 0.10.11-1
CAN-2005-1458 (Multiple unknown "other problems" in the KINK dissector in Ethereal ...)
- TODO: check
+ - ethereal 0.10.11-1
CAN-2005-1457 (Multiple unknown vulnerabilities in the (1) AIM, (2) LDAP, (3) ...)
- TODO: check
+ - ethereal 0.10.11-1
CAN-2005-1456 (Multiple unknown vulnerabilities in the (1) DHCP and (2) Telnet ...)
- TODO: check
+ - ethereal 0.10.11-1
CAN-2005-1455
NOTE: reserved
CAN-2005-1454
NOTE: reserved
CAN-2005-1453 (fetchnews in leafnode 1.9.48 to 1.11.1 allows remote NNTP servers to ...)
- TODO: check
+ - leafnode 1.11.2.rel-1
CAN-2004-2069 (sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly other versions, ...)
TODO: check
CAN-2004-2068 (fetchnews in leafnode 1.9.47 and earlier allows remote attackers to ...)
- TODO: check
+ NOTE: not-for-us (Leafnode2 development branch)
CAN-2002-1661 (The leafnode server in leafnode 1.9.20 to 1.9.29 allows remote ...)
- TODO: check
-end claimed by jmm
+ NOTE: not-for-us (Leafnode2 development branch)
CAN-2005-XXXX [Missing input validation in xtradius]
- xtradius (unfixed; bug #307796)
CAN-2005-XXXX [fai tempfile vulnerability]
@@ -55,11 +53,7 @@
CAN-2005-XXXX [eskuel: No authentication at all]
- eskuel (unfixed; bug #163653)
CAN-2005-XXXX [48 new vulnerabilities in Ethereal]
- - ethereal 0.10.11-1
-CAN-2005-XXXX [Buffer overflow in elog]
- elog 2.5.7+r1558-2
-CAN-2005-XXXX [Minor DoS vulnerability in leafnode's fetchnews]
- - leafnode 1.11.2.rel-1
CAN-2005-XXXX [Unspeficied security issue in ipsec-tool's single DES support]
- ipsec-tools 0.5.2-1
CAN-2005-1452 (Serendipity before 0.8 allows Chief users to "hide plugins installed ...)