[Secure-testing-commits] r1036 - sarge-checks/CAN
Joey Hess
joeyh@costa.debian.org
Wed, 11 May 2005 09:14:22 +0000
Author: joeyh
Date: 2005-05-11 09:14:19 +0000 (Wed, 11 May 2005)
New Revision: 1036
Modified:
sarge-checks/CAN/list
Log:
automatic CAN database update
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-05-10 23:41:50 UTC (rev 1035)
+++ sarge-checks/CAN/list 2005-05-11 09:14:19 UTC (rev 1036)
@@ -1,3 +1,732 @@
+CAN-2005-1516 (DList (dlist.exe) in DMail 3.1a allows remote attackers to bypass ...)
+ TODO: check
+CAN-2005-1515 (Integer signedness error in the qmail_put and substdio_put functions ...)
+ TODO: check
+CAN-2005-1514 (commands.c in qmail, when running on 64 bit platforms with a large ...)
+ TODO: check
+CAN-2005-1513 (Integer overflow in the stralloc_readyplus function in qmail, when ...)
+ TODO: check
+CAN-2004-2067 (SQL injection vulnerability in controlpanel.php in JAWS 0.4 allows ...)
+ TODO: check
+CAN-2004-2066 (SQL injection vulnerability in session.php in LinPHA 0.9.4 allows ...)
+ TODO: check
+CAN-2004-2065 (DansGuardian 2.8 and earlier allows remote attackers to bypass the ...)
+ TODO: check
+CAN-2004-2064 (Cross-site scripting (XSS) vulnerability in lostBook 1.1 and ealier ...)
+ TODO: check
+CAN-2004-2063 (Cross-site scripting (XSS) vulnerability in antiboard.php in AntiBoard ...)
+ TODO: check
+CAN-2004-2062 (SQL injection vulnerability in antiboard.php in AntiBoard 0.7.2 and ...)
+ TODO: check
+CAN-2004-2061 (RiSearch 1.0.01 and RiSearch Pro 3.2.06 allows remote attackers to use ...)
+ TODO: check
+CAN-2004-2060 (ASPRunner 2.4 stores the database under the web root in the db ...)
+ TODO: check
+CAN-2004-2059 (Multiple cross-site scripting vulnerabilities in ASPRunner 2.4 allow ...)
+ TODO: check
+CAN-2004-2058 (ASPRunner 2.4 allows remote attackers to gain sensitive information ...)
+ TODO: check
+CAN-2004-2057 (SQL injection vulnerability in ASPRunner 2.4 allows remote attackers ...)
+ TODO: check
+CAN-2004-2056 (SQL injection vulnerability in action.php in Nucleus CMS 3.01 allows ...)
+ TODO: check
+CAN-2004-2055 (Cross-site scripting (XSS) vulnerability in search.php for PhpBB 2.0.4 ...)
+ TODO: check
+CAN-2004-2054 (CRLF injection vulnerability in PhpBB 2.0.4 and 2.0.9 allows remote ...)
+ TODO: check
+CAN-2004-2053 (PHP remote code injection vulnerability in index.php in EasyIns ...)
+ TODO: check
+CAN-2004-2052 (eSeSIX Thintune thin clients running firmware 2.4.38 and earlier ...)
+ TODO: check
+CAN-2004-2051 (The Phoenix browser in eSeSIX Thintune thin clients running firmware ...)
+ TODO: check
+CAN-2004-2050 (eSeSIX Thintune thin clients running firmware 2.4.38 and earlier allow ...)
+ TODO: check
+CAN-2004-2049 (eSeSIX Thintune thin clients running firmware 2.4.38 and earlier store ...)
+ TODO: check
+CAN-2004-2048 (radmin in eSeSIX Thintune thin clients running firmware 2.4.38 and ...)
+ TODO: check
+CAN-2004-2047 (Directory traversal vulnerability in EasyWeb FileManager 1.0 RC-1 for ...)
+ TODO: check
+CAN-2004-2046 (Unknown vulnerability in APC PowerChute Business Edition 6.0 through ...)
+ TODO: check
+CAN-2004-2045 (The HTTP administration interface on Conceptronic CADSLR1 ADSL router ...)
+ TODO: check
+CAN-2004-2044 (PHP-Nuke 7.3, and other products that use the PHP-Nuke codebase such ...)
+ TODO: check
+CAN-2004-2043 (Buffer overflow in ibserver for Firebird Database 1.0 and other ...)
+ TODO: check
+CAN-2004-2042 (Multiple SQL injection vulnerabilities in e107 0.615 allow remote ...)
+ TODO: check
+CAN-2004-2041 (PHP remote code injection vulnerability in secure_img_render.php in ...)
+ TODO: check
+CAN-2004-2040 (Multiple cross-site scripting (XSS) vulnerabilities in e107 0.615 ...)
+ TODO: check
+CAN-2004-2039 (e107 0.615 allows remote attackers to obtain sensitive information via ...)
+ TODO: check
+CAN-2004-2038 (Cross-site scripting (XSS) vulnerability in Land Down Under (LDU) ...)
+ TODO: check
+CAN-2004-2037 (Buffer overflow in Mollensoft Lightweight FTP Server 3.6 allows remote ...)
+ TODO: check
+CAN-2004-2036 (SQL injection vulnerability in the art_print function in print.inc.php ...)
+ TODO: check
+CAN-2004-2035 (MiniShare 1.3.2 allows remote attackers to cause a denial of service ...)
+ TODO: check
+CAN-2004-2034 (Buffer overflow in the (1) WTHoster and (2) WebDriver modules in ...)
+ TODO: check
+CAN-2004-2033 (Orenosv 0.5.9f allows remote attackers to cause a denial of service ...)
+ TODO: check
+CAN-2004-2032 (Netgear RP114 allows remote attackers to bypass the keyword based URL ...)
+ TODO: check
+CAN-2004-2031 (Cross-site scripting (XSS) vulnerability in user.php in e107 allows ...)
+ TODO: check
+CAN-2004-2030 (Multiple cross-site scripting (XSS) vulnerabilities in index.jsp for ...)
+ TODO: check
+CAN-2004-2029 (The Util_DecodeHTTPAuth function in BNBT BitTorrent Tracker Beta 7.5 ...)
+ TODO: check
+CAN-2004-2028 (Cross-site scripting (XSS) vulnerability in stats.php in e107 allows ...)
+ TODO: check
+CAN-2004-2027 (Buffer overflow in Icecast 2.0.0 and earlier allows remote attackers ...)
+ TODO: check
+CAN-2004-2026 (Format string vulnerability in the logmsg function in svc.c for Pound ...)
+ TODO: check
+CAN-2004-2025 (SQL injection vulnerability in application_top.php for Zen Cart 1.1.3 ...)
+ TODO: check
+CAN-2004-2024 (The distribution of Zen Cart 1.1.4 before patch 2 includes certain ...)
+ TODO: check
+CAN-2004-2023 (SQL injection vulnerability in login.php in Zen Cart 1.1.2d, 1.1.4 ...)
+ TODO: check
+CAN-2004-2022 (Stack-based buffer overflow in ActivePerl for Win32 5.6.1 and 5.8.0 ...)
+ TODO: check
+CAN-2004-2021 (Directory traversal vulnerability in file_manager.php in osCommerce ...)
+ TODO: check
+CAN-2004-2020 (Multiple cross-site scripting (XSS) vulnerabilities in Php-Nuke 6.x ...)
+ TODO: check
+CAN-2004-2019 (The WebLinks module in Php-Nuke 6.x through 7.3 allows remote ...)
+ TODO: check
+CAN-2004-2018 (PHP remote code injection vulnerability in index.php in Php-Nuke 6.x ...)
+ TODO: check
+CAN-2004-2017 (Multiple cross-site scripting (XSS) vulnerabilities in Turbo Traffic ...)
+ TODO: check
+CAN-2004-2016 (Stack-based buffer overflow in the HTTP server in NetChat 7.3 and ...)
+ TODO: check
+CAN-2004-2015 (Cross-site scripting (XSS) vulnerability in WebCT Campus Edition ...)
+ TODO: check
+CAN-2004-2014 (Wget 1.9 and 1.9.1 allows local users to overwrite arbitrary files via ...)
+ TODO: check
+CAN-2004-2013 (Integer overflow in the SCTP_SOCKOPT_DEBUG_NAME SCTP socket option in ...)
+ TODO: check
+CAN-2004-2012 (The systrace_exit function in the systrace utility for NetBSD-current ...)
+ TODO: check
+CAN-2004-2011 (msxml3.dll in Internet Explorer 6.0.2600.0 allows remote attackers to ...)
+ TODO: check
+CAN-2004-2010 (PHP remote code injection vulnerability in index.php in phpShop 0.7.1 ...)
+ TODO: check
+CAN-2004-2009 (NukeJokes 1.7 and 2 Beta allows remote attackers to obtain the full ...)
+ TODO: check
+CAN-2004-2008 (SQL injection vulnerability in modules.php in NukeJokes 1.7 and 2 Beta ...)
+ TODO: check
+CAN-2004-2007 (Cross-site scripting (XSS) vulnerability in modules.php in NukeJokes ...)
+ TODO: check
+CAN-2004-2006 (Trend Micro OfficeScan 3.0 - 6.0 has default permissions of "Everyone ...)
+ TODO: check
+CAN-2004-2005 (Buffer overflow in Eudora for Windows 5.2.1, 6.0.3, and 6.1 allows ...)
+ TODO: check
+CAN-2004-2004 (The Live CD in SUSE LINUX 9.1 Personal edition is configured without a ...)
+ TODO: check
+CAN-2004-2003 (Buffer overflow in the ssl_prcert function in the SSLway filter ...)
+ TODO: check
+CAN-2004-2002 (Unknown vulnerability in SGI IRIX 6.5 through 6.5.22m allows remote ...)
+ TODO: check
+CAN-2004-2001 (ifconfig "-arp" in SGI IRIX 6.5 through 6.5.22m does not properly ...)
+ TODO: check
+CAN-2004-2000 (SQL injection vulnerability in the Downloads module in Php-Nuke 6.x ...)
+ TODO: check
+CAN-2004-1999 (Cross-site scripting (XSS) vulnerability in the Downloads module in ...)
+ TODO: check
+CAN-2004-1998 (The Downloads module in Php-Nuke 6.x through 7.2 allows remote ...)
+ TODO: check
+CAN-2004-1997 (Kolab stores OpenLDAP passwords in plaintext in the slapd.conf file, ...)
+ TODO: check
+CAN-2004-1996 (Cross-site scripting (XSS) vulnerability in Simple Machines Forum ...)
+ TODO: check
+CAN-2004-1995 (Cross-Site Request Forgery (CSRF) vulnerability in FuseTalk 2.0 allows ...)
+ TODO: check
+CAN-2004-1994 (FuseTalk 4.0 allows remote attackers to ban other users via a direct ...)
+ TODO: check
+CAN-2004-1993 (The patch to the checklogin function in omail.pl for omail webmail ...)
+ TODO: check
+CAN-2004-1992 (Buffer overflow in Serv-U FTP server before 5.0.0.6 allows remote ...)
+ TODO: check
+CAN-2004-1991 (Directory traversal vulnerability in Aldo's Web Server (aweb) 1.5 ...)
+ TODO: check
+CAN-2004-1990 (Aldo's Web Server (aweb) 1.5 allows remote attackers to gain sensitive ...)
+ TODO: check
+CAN-2004-1989 (PHP remote code injection vulnerability in theme.php in Coppermine ...)
+ TODO: check
+CAN-2004-1988 (PHP remote code injection vulnerability in init.inc.php in Coppermine ...)
+ TODO: check
+CAN-2004-1987 (picmgmtbatch.inc.php in Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4 ...)
+ TODO: check
+CAN-2004-1986 (Directory traversal vulnerability in modules.php in Coppermine Photo ...)
+ TODO: check
+CAN-2004-1985 (Cross-site scripting (XSS) vulnerability in menu.inc.php in Coppermine ...)
+ TODO: check
+CAN-2004-1984 (Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4 allows remote attackers ...)
+ TODO: check
+CAN-2004-1983 (The arch_get_unmapped_area function in mmap.c in the PaX patches for ...)
+ TODO: check
+CAN-2004-1982 (Post.pl in YaBB 1 Gold SP 1.2 allows remote attackers to modify ...)
+ TODO: check
+CAN-2004-1981 (The web interface for Crystal Reports allows remote attackers to cause ...)
+ TODO: check
+CAN-2004-1980 (Directory traversal vulnerability in glossary.php in PROPS 0.6.1 ...)
+ TODO: check
+CAN-2004-1979 (Cross-site scripting (XSS) vulnerability in do_search.php in PROPS ...)
+ TODO: check
+CAN-2004-1978 (Cross-site scripting (XSS) vulnerability in help.php in Moodle before ...)
+ TODO: check
+CAN-2004-1977 (3com NBX IP VOIP NetSet Configuration Manager allows remote attackers ...)
+ TODO: check
+CAN-2004-1976 (SMC Barricade broadband router 7008ABR and 7004VBR enable remote ...)
+ TODO: check
+CAN-2004-1975 (Cross-site scripting (XSS) vulnerability in the category module in ...)
+ TODO: check
+CAN-2004-1974 (paFileDB 3.1 allows remote attackers to gain sensitive information via ...)
+ TODO: check
+CAN-2004-1973 (DiGi Web Server allows remote attackers to cause a denial of service ...)
+ TODO: check
+CAN-2004-1972 (SQL injection vulnerability in modules.php in PHP-Nuke Video Gallery ...)
+ TODO: check
+CAN-2004-1971 (modules.php in PHP-Nuke Video Gallery Module 0.1 Beta 5 allows remote ...)
+ TODO: check
+CAN-2004-1970 (Samsung SmartEther SS6215S switch, and possibly other Samsung ...)
+ TODO: check
+CAN-2004-1969 (The avatar upload capability in Open Bulletin Board (OpenBB) 1.0.6 and ...)
+ TODO: check
+CAN-2004-1968 (The readmsg action in myhome.php in Open Bulletin Board (OpenBB) 1.0.6 ...)
+ TODO: check
+CAN-2004-1967 (Cross-site request forgery (CSRF) vulnerabilities in (1) ...)
+ TODO: check
+CAN-2004-1966 (Multiple SQL injection vulnerabilities in Open Bulletin Board (OpenBB) ...)
+ TODO: check
+CAN-2004-1965 (Multiple cross-site scripting (XSS) vulnerabilities in Open Bulletin ...)
+ TODO: check
+CAN-2004-1964 (Cross-site scripting (XSS) vulnerability in nqt.php in Network Query ...)
+ TODO: check
+CAN-2004-1963 (nqt.php in Network Query Tool (NQT) 1.6 allows remote attackers to ...)
+ TODO: check
+CAN-2004-1962 (SQL injection vulnerability in index.php in Protector System 1.15b1 ...)
+ TODO: check
+CAN-2004-1961 (blocker.php in Protector System 1.15b1 allows remote attackers to ...)
+ TODO: check
+CAN-2004-1960 (Cross-site scripting (XSS) vulnerability in blocker_query.php in ...)
+ TODO: check
+CAN-2004-1959 (blocker_query.php in Protector System 1.15b1 for PHP-Nuke allows ...)
+ TODO: check
+CAN-2004-1958 (Directory traversal vulnerability in manifest.ini in Unreal engine ...)
+ TODO: check
+CAN-2004-1957 (Multiple cross-site scripting (XSS) vulnerabilities in PostNuke 0.726 ...)
+ TODO: check
+CAN-2004-1956 (PostNuke 0.7.2.6 allows remote attackers to gain information via a ...)
+ TODO: check
+CAN-2004-1955 (SQL injection vulnerability in modules.php in phProfession 2.5 allows ...)
+ TODO: check
+CAN-2004-1954 (Cross-site scripting (XSS) vulnerability in modules.php in ...)
+ TODO: check
+CAN-2004-1953 (phProfession 2.5 allows remote attackers to gain sensitive information ...)
+ TODO: check
+CAN-2004-1952 (SQL injection vulnerability in Advanced Guestbook 2.2 allows remote ...)
+ TODO: check
+CAN-2004-1951 (xine 1.x alpha, 1.x beta, and 1.0rc through 1.0rc3a, and xine-ui ...)
+ TODO: check
+CAN-2004-1950 (phpBB 2.0.8a and earlier trusts the IP address that is in the ...)
+ TODO: check
+CAN-2004-1949 (SQL injection vulnerability in PostNuke 7.2.6 and earlier allows ...)
+ TODO: check
+CAN-2004-1948 (NcFTP client 3.1.6 and 3.1.7, when the username and password are ...)
+ TODO: check
+CAN-2004-1947 (The AVXSCANONLINE.AvxScanOnlineCtrl.1 ActiveX control in BitDefender ...)
+ TODO: check
+CAN-2004-1946 (Format string vulnerability in the PRINT_ERROR function in common.c ...)
+ TODO: check
+CAN-2004-1945 (Buffer overflow in Kinesphere eXchange POP3 allows remote attackers to ...)
+ TODO: check
+CAN-2004-1944 (Eudora 6.1 and 6.0.3 for Windows allows remote attackers to cause a ...)
+ TODO: check
+CAN-2004-1943 (PHP remote code injection vulnerability in album_portal.php in phpBB ...)
+ TODO: check
+CAN-2004-1942 (The Solaris 9 patches 113579-02 through 113579-05, and 114342-02 ...)
+ TODO: check
+CAN-2004-1941 (Fastream NETFile FTP/Web Server 6.5.1.980 allows remote attackers to ...)
+ TODO: check
+CAN-2004-1940 (sipclient.cpp in KPhone 4.0.1 and earlier allows remote attackers to ...)
+ TODO: check
+CAN-2004-1939 (Cross-site scripting (XSS) vulnerability in Zaep AntiSpam 2.0 allows ...)
+ TODO: check
+CAN-2004-1938 (SQL injection vulnerability in userlogin.php in Phorum 3.4.7 allows ...)
+ TODO: check
+CAN-2004-1937 (Multiple directory traversal vulnerabilities in Nuked-KlaN 1.4b and ...)
+ TODO: check
+CAN-2004-1936 (ZoneAlarm Pro 4.5.538.001 and possibly other versions allows remote ...)
+ TODO: check
+CAN-2004-1935 (Cross-site scripting (XSS) vulnerability in SCT Campus Pipeline allows ...)
+ TODO: check
+CAN-2004-1934 (PHP remote code injection vulnerability in affich.php in Gemitel 3.50 ...)
+ TODO: check
+CAN-2004-1933 (Citadel/UX 5.00 through 6.14 installs the database directory and files ...)
+ TODO: check
+CAN-2004-1932 (SQL injection vulnerability in (1) auth.php and (2) admin.php in ...)
+ TODO: check
+CAN-2004-1930 (Cross-site scripting (XSS) vulnerability in the cookiedecode function ...)
+ TODO: check
+CAN-2004-1929 (SQL injection vulnerability in the bblogin function in functions.php ...)
+ TODO: check
+CAN-2004-1928 (The image upload feature in Tiki CMS/Groupware (TikiWiki) 1.8.1 and ...)
+ TODO: check
+CAN-2004-1927 (Directory traversal vulnerability in the map feature (tiki-map.phtml) ...)
+ TODO: check
+CAN-2004-1926 (Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote ...)
+ TODO: check
+CAN-2004-1925 (Multiple SQL injection vulnerabilities in Tiki CMS/Groupware ...)
+ TODO: check
+CAN-2004-1924 (Multiple cross-site scripting (XSS) vulnerabilities in Tiki ...)
+ TODO: check
+CAN-2004-1923 (Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote ...)
+ TODO: check
+CAN-2004-1922 (Microsoft Internet Explorer 5.5 and 6.0 allocates memory based on the ...)
+ TODO: check
+CAN-2004-1921 (X-Micro WLAN 11b Broadband Router 1.6.0.1 has a hardcoded "1502" ...)
+ TODO: check
+CAN-2004-1920 (X-Micro WLAN 11b Broadband Router 1.2.2, 1.2.2.3, 1.2.2.4, and 1.6.0.0 ...)
+ TODO: check
+CAN-2004-1919 (The hash_strcmp function in hasch.c in Crackalaka 1.0.8 allows remote ...)
+ TODO: check
+CAN-2004-1918 (RSniff 1.0 allows remote attackers to cause a denial of service ...)
+ TODO: check
+CAN-2004-1917 (Format string vulnerability in test_func_func in LCDProc 0.4.1 and ...)
+ TODO: check
+CAN-2004-1916 (Multiple buffer overflows in LCDProc 0.4.1, and possibly other 0.4.x ...)
+ TODO: check
+CAN-2004-1915 (Buffer overflow in the parse_all_client_messages function in LCDproc ...)
+ TODO: check
+CAN-2004-1914 (SQL injection vulnerability in modules.php in NukeCalendar 1.1.a, as ...)
+ TODO: check
+CAN-2004-1913 (Cross-site scripting (XSS) vulnerability in modules.php in ...)
+ TODO: check
+CAN-2004-1912 (The (1) modules.php, (2) block-Calendar.php, (3) block-Calendar1.php, ...)
+ TODO: check
+CAN-2004-1911 (Cross-site scripting (XSS) vulnerability in AzDGDatingLite 2.1.1 ...)
+ TODO: check
+CAN-2004-1910 (rufsi.dll in Symantec Virus Detection allows remote attackers to cause ...)
+ TODO: check
+CAN-2004-1909 (Claim Anti-Virus (ClamAV) 0.68 and earlier allows remote attackers to ...)
+ TODO: check
+CAN-2004-1908 (McFreeScan.CoMcFreeScan.1 ActiveX object in Mcafee FreeScan allows ...)
+ TODO: check
+CAN-2004-1907 (The Web Filtering functionality in Kerio Personal Firewall (KPF) ...)
+ TODO: check
+CAN-2004-1906 (Mcafee FreeScan allows remote attackers to cause a denial of service ...)
+ TODO: check
+CAN-2004-1905 (ascontrol.dll in Panda ActiveScan 5.0 allows remote attackers to cause ...)
+ TODO: check
+CAN-2004-1904 (Buffer overflow in ascontrol.dll in Panda ActiveScan 5.0 allows remote ...)
+ TODO: check
+CAN-2004-1903 (Buffer overflow in blaxxun 3D 7.0 allows remote attackers to execute ...)
+ TODO: check
+CAN-2004-1902 (The Citrix MetaFrame Password Manager 2.0, when a central credential ...)
+ TODO: check
+CAN-2004-1901 (Portage before 2.0.50-r3 allows local users to overwrite arbitrary ...)
+ TODO: check
+CAN-2004-1900 (Format string vulnerability in the logging function in IGI 2 Covert ...)
+ TODO: check
+CAN-2004-1899 (The administration interface in Monit 1.4 through 4.2 allows remote ...)
+ TODO: check
+CAN-2004-1898 (Stack-based buffer overflow in the administration interface in Monit ...)
+ TODO: check
+CAN-2004-1897 (Administration interface in Monit 1.4 through 4.2 allows remote ...)
+ TODO: check
+CAN-2004-1896 (Heap-based buffer overflow in in_mod.dll in Nullsoft Winamp 2.91 ...)
+ TODO: check
+CAN-2004-1895 (YaST Online Update (YOU) in SuSE 9.0 allows local users to overwrite ...)
+ TODO: check
+CAN-2004-1894 (TEXutil in ConTEXt, when executed with the --silent option, allows ...)
+ TODO: check
+CAN-2004-1893 (Dreamweaver MX, when "Using Driver On Testing Server" or "Using DSN on ...)
+ TODO: check
+CAN-2004-1892 (Stack-based buffer overflow in DecodeBase16 function, as used in the ...)
+ TODO: check
+CAN-2004-1891 (The ftp_syslog function in ftpd in SGI IRIX 6.5.20 "doesn't work with ...)
+ TODO: check
+CAN-2004-1890 (Unknown vulnerability in ftpd in SGI IRIX 6.5.20 through 6.5.23 allows ...)
+ TODO: check
+CAN-2004-1889 (Unknown vulnerability in ftpd in SGI IRIX 6.5.20 through 6.5.23 allows ...)
+ TODO: check
+CAN-2004-1888 (display.cgi in Aborior Encore WebForum allows remote to execute ...)
+ TODO: check
+CAN-2004-1887 (ImgSvr 0.4 allows remote attackers to view directories or download ...)
+ TODO: check
+CAN-2004-1886 (Ipswitch WS_FTP Server 4.0.2 allows remote attackers to cause a denial ...)
+ TODO: check
+CAN-2004-1885 (Ipswitch WS_FTP Server 4.0.2 allows remote authenticated users to ...)
+ TODO: check
+CAN-2004-1884 (Ipswitch WS_FTP Server 4.0.2 has a backdoor XXSESS_MGRYY username with ...)
+ TODO: check
+CAN-2004-1883 (Multiple buffer overflows in Ipswitch WS_FTP Server 4.0.2 (1) allow ...)
+ TODO: check
+CAN-2004-1882 (Cross-site scripting (XSS) vulnerability in popuplargeimage.asp in ...)
+ TODO: check
+CAN-2004-1881 (SQL injection vulnerability in (1) mailorder.asp or (2) payonline.asp ...)
+ TODO: check
+CAN-2004-1880 (Memory leak in the back-bdb backend for OpenLDAP 2.1.12 and earlier ...)
+ TODO: check
+CAN-2004-1879 (Cross-site scripting (XSS) vulnerability in PHPKIT 1.6.03 allows ...)
+ TODO: check
+CAN-2004-1878 (LINBOX LIN:BOX allows remote attackers to bypass authentication, ...)
+ TODO: check
+CAN-2004-1877 (The p_submit_url value in the sample login form in the Oracle 9i ...)
+ TODO: check
+CAN-2004-1876 (The "%f" feature in the VirusEvent directive in Clam AntiVirus daemon ...)
+ TODO: check
+CAN-2004-1875 (Multiple cross-site scripting (XSS) vulnerabilities in cPanel ...)
+ TODO: check
+CAN-2004-1874 (Multiple cross-site scripting (XSS) vulnerabilities in (1) deliver.asp ...)
+ TODO: check
+CAN-2004-1873 (SQL injection vulnerability in category.asp in A-CART Pro and A-CART ...)
+ TODO: check
+CAN-2004-1872 (Cross-site scripting (XSS) vulnerability in WebCT Campus Edition ...)
+ TODO: check
+CAN-2004-1871 (Multiple cross-site scripting (XSS) vulnerabilities in PhotoPost PHP ...)
+ TODO: check
+CAN-2004-1870 (Multiple SQL injection vulnerabilities in PhotoPost PHP Pro 4.6.x and ...)
+ TODO: check
+CAN-2004-1869 (Etherlords I 1.07 and earlier and Etherlords II 1.03 and earlier ...)
+ TODO: check
+CAN-2004-1868 (Stack-based buffer overflow in WinSig.exe in eSignal 7.5 and 7.6 ...)
+ TODO: check
+CAN-2004-1867 (Cross-site scripting (XSS) vulnerability in guest.cgi in Fresh Guest ...)
+ TODO: check
+CAN-2004-1866 (nstxd in Nstx 1.1 beta3 and earlier allows remote attackers to cause a ...)
+ TODO: check
+CAN-2004-1865 (Cross-site scripting (XSS) vulnerability in the administration panel ...)
+ TODO: check
+CAN-2004-1864 (SQL injection vulnerability in Extreme Messageboard (XMB) 1.9 beta ...)
+ TODO: check
+CAN-2004-1863 (Cross-site scripting (XSS) vulnerability in editprofile.php in Extreme ...)
+ TODO: check
+CAN-2004-1862 (Multiple cross-site scripting (XSS) vulnerabilities in Extreme ...)
+ TODO: check
+CAN-2004-1861 (Invision NetSupport School Pro uses a weak encryption algorithm to ...)
+ TODO: check
+CAN-2004-1860 (Buffer overflow in Check Point Smartview Tracker in Check Point NG AI ...)
+ TODO: check
+CAN-2004-1859 (Directory traversal vulnerability in Trend Micro Interscan Web ...)
+ TODO: check
+CAN-2004-1858 (HP Web Jetadmin 7.5.2546 allows remote attackers to cause a denial of ...)
+ TODO: check
+CAN-2004-1857 (Directory traversal vulnerability in setinfo.hts in HP Web Jetadmin ...)
+ TODO: check
+CAN-2004-1856 (devices_update_printer_fw_upload.hts in HP Web JetAdmin 7.5.2546, when ...)
+ TODO: check
+CAN-2004-1855 (Dark Age of Camelot before 1.68 live patch does not sign the RSA ...)
+ TODO: check
+CAN-2004-1854 (Buffer overflow in the logging function in Picophone 1.63 and earlier ...)
+ TODO: check
+CAN-2004-1853 (Buffer overflow in Terminator 3: War of the Machines 1.0 allows remote ...)
+ TODO: check
+CAN-2004-1852 (DameWare Mini Remote Control 3.x before 3.74 and 4.x before 4.2 ...)
+ TODO: check
+CAN-2004-1851 (Dameware Mini Remote Control 4.1.0.0 uses insufficiently random data ...)
+ TODO: check
+CAN-2004-1850 (The Rage 1.01 and earlier allows remote attackers to cause a denial of ...)
+ TODO: check
+CAN-2004-1849 (Multiple cross-site scripting (XSS) vulnerabilities in cPanel 9.1.0 ...)
+ TODO: check
+CAN-2004-1848 (Ipswitch WS_FTP Server 4.0.2 allows remote authenticated users to ...)
+ TODO: check
+CAN-2004-1847 (News Manager Lite 2.5 allows remote attackers to bypass authentication ...)
+ TODO: check
+CAN-2004-1846 (Multiple SQL injection vulnerabilities in News Manager Lite 2.5 allow ...)
+ TODO: check
+CAN-2004-1845 (Multiple cross-site scripting (XSS) vulnerabilities in News Manager ...)
+ TODO: check
+CAN-2004-1844 (Cross-site scripting (XSS) vulnerability in Member Management System ...)
+ TODO: check
+CAN-2004-1843 (SQL injection vulnerability in Member Management System 2.1 allows ...)
+ TODO: check
+CAN-2004-1842 (Cross-site request forgery (CSRF) vulnerability in Php-Nuke 6.x ...)
+ TODO: check
+CAN-2004-1841 (SQL injection vulnerability in MS Analysis module 2.0 for PHP-Nuke ...)
+ TODO: check
+CAN-2004-1840 (Multiple cross-site scripting (XSS) vulnerabilities in MS Analysis ...)
+ TODO: check
+CAN-2004-1839 (MS Analysis module 2.0 for PHP-Nuke allows remote attackers to obtain ...)
+ TODO: check
+CAN-2004-1838 (Directory traversal vulnerability in xweb 1.0 allows remote attackers ...)
+ TODO: check
+CAN-2004-1837 (Cross-site scripting (XSS) vulnerability in Mod_survey 3.0.x before ...)
+ TODO: check
+CAN-2004-1836 (SQL injection vulnerability in index.php in Invision Power Top Site ...)
+ TODO: check
+CAN-2004-1835 (Multiple SQL injection vulnerabilities in index.php in Invision ...)
+ TODO: check
+CAN-2004-1834 (mod_disk_cache in Apache 2.0 through 2.0.49 stores client headers, ...)
+ TODO: check
+CAN-2004-1833 (The admin.ib file in Borland Interbase 7.1 for Linux has default world ...)
+ TODO: check
+CAN-2004-1832 (Buffer overflow in the GUI admin service in Mac OS X Server 10.3 ...)
+ TODO: check
+CAN-2004-1831 (Buffer overflow in Chrome 1.2.0.0 and earlier allows remote attackers ...)
+ TODO: check
+CAN-2004-1830 (Error Manager 2.1 for PHP-Nuke 6.0 allow remote attackers to obtain ...)
+ TODO: check
+CAN-2004-1829 (Multiple cross-site scripting (XSS) vulnerabilities in error.php in ...)
+ TODO: check
+CAN-2004-1828 (Vcard 2.9 and possibly other versions does not require authorization ...)
+ TODO: check
+CAN-2004-1827 (Cross-site scripting (XSS) vulnerability in YaBB 1 Gold(SP1.3) and ...)
+ TODO: check
+CAN-2004-1826 (SQL injection vulnerability in index.php in Mambo Open Source 4.5 ...)
+ TODO: check
+CAN-2004-1825 (Cross-site scripting (XSS) vulnerability in index.php in Mambo Open ...)
+ TODO: check
+CAN-2004-1824 (Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin before ...)
+ TODO: check
+CAN-2004-1823 (Multiple cross-site scripting (XSS) vulnerabilities in Jelsoft ...)
+ TODO: check
+CAN-2004-1822 (Multiple cross-site scripting (XSS) vulnurabilities in Phorum 3.1 ...)
+ TODO: check
+CAN-2004-1821 (SQL injection vulnerability in 4nalbum 0.92 for PHP-Nuke 6.5 through ...)
+ TODO: check
+CAN-2004-1820 (PHP remote code injection vulnerability in displaycategory.php in ...)
+ TODO: check
+CAN-2004-1819 (4nalbum 0.92 for PHP-Nuke 6.5 through 7.0 allows remote attackers to ...)
+ TODO: check
+CAN-2004-1818 (Cross-site scripting (XSS) vulnerability in nmimage.php in 4nalbum ...)
+ TODO: check
+CAN-2004-1817 (Cross-site scripting (XSS) vulnerability in modules.php in Php-Nuke ...)
+ TODO: check
+CAN-2004-1816 (Unknown vulnerability in Sun Java System Application Server 7.0 Update ...)
+ TODO: check
+CAN-2004-1815 (Unknown vulnerability in ColdFusion MX 6.0 and 6.1, and JRun 4.0, when ...)
+ TODO: check
+CAN-2004-1814 (Directory traversal vulnerability in VocalTec VGW4/8 Gateway 8.0 ...)
+ TODO: check
+CAN-2004-1813 (VocalTec VGW4/8 Gateway 8.0 allows remote attackers to bypass ...)
+ TODO: check
+CAN-2004-1812 (Multiple stack-based buffer overflows in Agent Common Services (1) ...)
+ TODO: check
+CAN-2004-1811 (The SSL HTTP Server in HP Web-enabled Management Software 5.0 through ...)
+ TODO: check
+CAN-2004-1810 (The Javascript engine in Opera 7.23 allows remote attackers to cause a ...)
+ TODO: check
+CAN-2004-1809 (Cross-site scripting (XSS) vulnerability in phpBB 2.0.6d and earlier ...)
+ TODO: check
+CAN-2004-1808 (Extcompose in metamail does not verify the output file before writing ...)
+ TODO: check
+CAN-2004-1807 (Cross-site scripting (XSS) vulnerability in index.cfm in CFWebstore ...)
+ TODO: check
+CAN-2004-1806 (SQL injection vulnerability in index.cfm in CFWebstore 5.0 allows ...)
+ TODO: check
+CAN-2004-1805 (Format string vulnerability in games using the Epic Games Unreal ...)
+ TODO: check
+CAN-2004-1804 (wMCam server 2.1.348 allows remote attackers to cause a denial of ...)
+ TODO: check
+CAN-2004-1802 (Chat Anywhere 2.72 and earlier allows remote attackers to hide their ...)
+ TODO: check
+CAN-2004-1801 (Directory traversal vulnerability in PWebServer 0.3.3 allows remote ...)
+ TODO: check
+CAN-2004-1800 (Unknown vulnerability in Sysbotz SimpleData 4.0.1 and possibly earlier ...)
+ TODO: check
+CAN-2004-1799 (PF in certain OpenBSD versions, when stateful filtering is enabled, ...)
+ TODO: check
+CAN-2004-1798 (RealOne player 6.0.11.868 allows remote attackers to execute arbitrary ...)
+ TODO: check
+CAN-2004-1797 (Cross-site scripting (XSS) vulnerability in search.php for FreznoShop ...)
+ TODO: check
+CAN-2004-1796 (PHP remote code injection vulnerability in HotNews 0.7.2 and earlier ...)
+ TODO: check
+CAN-2004-1795 (Info Touch Surfnet kiosk allows local users to access the underlying ...)
+ TODO: check
+CAN-2004-1794 (Cross-site scripting (XSS) vulnerability in the VCard4J Toolkit allows ...)
+ TODO: check
+CAN-2004-1793 (Stack-based buffer overflow in swnet.dll in YaSoft Switch Off 2.3 and ...)
+ TODO: check
+CAN-2004-1792 (swnet.dll in YaSoft Switch Off 2.3 and earlier allows remote attackers ...)
+ TODO: check
+CAN-2004-1791 (The web management interface in Edimax AR-6004 ADSL Routers uses a ...)
+ TODO: check
+CAN-2004-1790 (Cross-site scripting (XSS) vulnerability in the web management ...)
+ TODO: check
+CAN-2004-1789 (Cross-site scripting (XSS) vulnerability in the web management ...)
+ TODO: check
+CAN-2004-1788 (ASP-Nuke 1.3 and earlier places user credentials under the web ...)
+ TODO: check
+CAN-2004-1787 (SQL injection vulnerability in PostCalendar 4.0.0 allows remote ...)
+ TODO: check
+CAN-2004-1786 (PortalApp places user credentials under the web root with insufficient ...)
+ TODO: check
+CAN-2004-1785 (SQL injection vulnerability in calendar.php for Invision Power Board ...)
+ TODO: check
+CAN-2004-1784 (Buffer overflow in the web server of Webcam Watchdog 3.63 allows ...)
+ TODO: check
+CAN-2004-1783 (Directory traversal vulnerability in Net2Soft Flash FTP Server 1.0 ...)
+ TODO: check
+CAN-2004-1782 (athenareg.php in Athena Web Registration allows remote attackers to ...)
+ TODO: check
+CAN-2004-1781 (Info Touch Surfnet kiosk allows local users to crash Surfnet and ...)
+ TODO: check
+CAN-2004-1780 (Info Touch Surfnet kiosk allows local users to deposit extra time into ...)
+ TODO: check
+CAN-2004-1779 (Cross-site scripting (XSS) vulnerability in board.php for ThWboard ...)
+ TODO: check
+CAN-2003-1202 (The checklogin function in omail.pl for omail webmail 0.98.4 and ...)
+ TODO: check
+CAN-2003-1201 (ldbm_back_exop_passwd in the back-ldbm backend in passwd.c for ...)
+ TODO: check
+CAN-2003-1200 (Stack-based buffer overflow in FORM2RAW.exe in Alt-N MDaemon 6.5.2 ...)
+ TODO: check
+CAN-2003-1199 (Cross-site scripting (XSS) vulnerability in MyProxy 20030629 allows ...)
+ TODO: check
+CAN-2003-1198 (connection.c in Cherokee web server before 0.4.6 allows remote ...)
+ TODO: check
+CAN-2003-1197 (Cross-site scripting (XSS) vulnerability in index.php for ...)
+ TODO: check
+CAN-2003-1196 (SQL injection vulnerability in viewtopic.asp in VieBoard 2.6 allows ...)
+ TODO: check
+CAN-2003-1195 (SQL injection vulnerability in getmember.asp in VieBoard 2.6 Beta 1 ...)
+ TODO: check
+CAN-2003-1194 (Cross-site scripting (XSS) vulnerability in Booby .1 through 0.2.3 ...)
+ TODO: check
+CAN-2003-1193 (Multiple SQL injection vulnerabilities in the Portal DB (1) List of ...)
+ TODO: check
+CAN-2003-1192 (Stack-based buffer overflow in IA WebMail Server 3.1.0 allows remote ...)
+ TODO: check
+CAN-2003-1191 (chatbox.php in e107 0.554 and 0.603 allows remote attackers to cause a ...)
+ TODO: check
+CAN-2003-1190 (Cross-site scripting (XSS) vulnerability in PHPRecipeBook 1.24 through ...)
+ TODO: check
+CAN-2003-1189 (Unknown vulnerability in Nokia IPSO 3.7, configured as IP Clusters, ...)
+ TODO: check
+CAN-2003-1188 (Unichat allows remote attackers to cause a denial of service (crash) ...)
+ TODO: check
+CAN-2003-1187 (Cross-site scripting (XSS) vulnerability in include.php in PHPKIT ...)
+ TODO: check
+CAN-2003-1186 (Buffer overflow in TelCondex SimpleWebServer 2.12.30210 Build3285 ...)
+ TODO: check
+CAN-2003-1185 (Multiple SQL injection vulnerabilities in ThWboard before Beta 2.8.2 ...)
+ TODO: check
+CAN-2003-1184 (Multiple cross-site scripting (XSS) vulnerabilities in ThWboard Beta ...)
+ TODO: check
+CAN-2003-1183 (The WebCache component in Oracle Files 9.0.3.1.0, 9.0.3.2.0, and ...)
+ TODO: check
+CAN-2003-1182 (Cross-site scripting (XSS) vulnerability in MPM Guestbook 1.2 allows ...)
+ TODO: check
+CAN-2003-1181 (Advanced Poll 2.0.2 allows remote attackers to obtain sensitive ...)
+ TODO: check
+CAN-2003-1180 (Directory traversal vulnerability in Advanced Poll 2.0.2 allows remote ...)
+ TODO: check
+CAN-2003-1179 (Multiple PHP remote code injection vulnerabilities in Advanced Poll ...)
+ TODO: check
+CAN-2003-1178 (comments.php in Advanced Poll 2.0.2 allows remote attackers to execute ...)
+ TODO: check
+CAN-2003-1177 (Buffer overflow in the base64 decoder in MERCUR Mailserver 4.2 before ...)
+ TODO: check
+CAN-2003-1176 (post_message_form.asp in Web Wiz Forums 6.34 through 7.5, when quote ...)
+ TODO: check
+CAN-2003-1175 (Cross-site scripting (XSS) vulnerability in index.php in Sympoll 1.5 ...)
+ TODO: check
+CAN-2003-1174 (Buffer overflow in NullSoft Shoutcast Server 1.9.2 allows local users ...)
+ TODO: check
+CAN-2003-1173 (Centrinity FirstClass 7.1 allows remote attackers to access sensitive ...)
+ TODO: check
+CAN-2003-1172 (Directory traversal vulnerability in the view-source sample file in ...)
+ TODO: check
+CAN-2003-1171 (Heap-based buffer overflow in the sec_filter_out function in ...)
+ TODO: check
+CAN-2003-1170 (Format string vulnerability in main.cpp in kpopup 0.9.1 and 0.9.5pre2 ...)
+ TODO: check
+CAN-2003-1169 (DATEV Nutzungskontrolle 2.1 and 2.2 has insecure write permissions for ...)
+ TODO: check
+CAN-2003-1168 (HTTP Commander 4.0 allows remote attackers to obtain sensitive ...)
+ TODO: check
+CAN-2003-1167 (misc.cpp in KPopup 0.9.1 trusts the PATH variable when executing ...)
+ TODO: check
+CAN-2003-1166 (Directory traversal vulnerability in (1) Openfile.aspx and (2) ...)
+ TODO: check
+CAN-2003-1165 (Buffer overflow in BRS WebWeaver 1.06 and earlier allows remote ...)
+ TODO: check
+CAN-2003-1164 (Cross-site scripting (XSS) vulnerability in Mldonkey 2.5-4 allows ...)
+ TODO: check
+CAN-2003-1163 (hash.c in Ganglia gmond 2.5.3 allows remote attackers to cause a ...)
+ TODO: check
+CAN-2003-1162 (index.php in Tritanium Bulletin Board 1.2.3 allows remote attackers to ...)
+ TODO: check
+CAN-2003-1161 (exit.c in Linux kernel 2.6-test9-CVS, as stored on kernel.bkbits.net, ...)
+ TODO: check
+CAN-2003-1160 (FlexWATCH Network video server 132 allows remote attackers to bypass ...)
+ TODO: check
+CAN-2003-1159 (Plug and Play Web Server Proxy 1.0002c allows remote attackers to ...)
+ TODO: check
+CAN-2003-1158 (Multiple buffer overflows in the FTP service in Plug and Play Web ...)
+ TODO: check
+CAN-2003-1157 (Cross-site scripting (XSS) vulnerability in login.asp in Citrix ...)
+ TODO: check
+CAN-2003-1156 (Java Runtime Environment (JRE) and Software Development Kit (SDK) ...)
+ TODO: check
+CAN-2003-1155 (X-CD-Roast 0.98 alpha10 through alpha14 allows local users to ...)
+ TODO: check
+CAN-2003-1154 (MAILsweeper for SMTP 4.3 allows remote attackers to bypass virus ...)
+ TODO: check
+CAN-2003-1153 (byteHoard 0.7 and 0.71 allows remote attackers to list arbitrary files ...)
+ TODO: check
+CAN-2003-1152 (WebTide 7.04 allows remote attackers to list arbitrary directories via ...)
+ TODO: check
+CAN-2003-1151 (Cross-site scripting (XSS) vulnerability in Fastream NETFile Server ...)
+ TODO: check
+CAN-2003-1150 (Buffer overflow in the portmapper service (PMAP.NLM) in Novell NetWare ...)
+ TODO: check
+CAN-2003-1149 (Cross-site scripting (XSS) vulnerability in Symantec Norton Internet ...)
+ TODO: check
+CAN-2003-1148 (PHP remote code injection vulnerability in (1) config.inc.php and (2) ...)
+ TODO: check
+CAN-2003-1147
+ NOTE: rejected
+ TODO: check
+CAN-2003-1146 (Cross-site scripting (XSS) vulnerability in John Beatty Easy PHP Photo ...)
+ TODO: check
+CAN-2003-1145 (Cross-site scripting (XSS) vulnerability in friendmail.php in ...)
+ TODO: check
+CAN-2003-1144 (Buffer overflow in the log viewing interface in Perception LiteServe ...)
+ TODO: check
+CAN-2003-1143 (Croteam Serious Sam demo test 2 2.1a, Serious Sam: the First Encounter ...)
+ TODO: check
+CAN-2003-1142 (Help in NIPrint LPD-LPR Print Server 4.10 and earlier executes Windows ...)
+ TODO: check
+CAN-2003-1141 (Buffer overflow in NIPrint 4.10 allows remote attackers to execute ...)
+ TODO: check
+CAN-2003-1140 (Buffer overflow in Musicqueue 1.2.0 allows local users to execute ...)
+ TODO: check
+CAN-2003-1139 (Musicqueue 1.2.0 allows local users to overwrite arbitrary files by ...)
+ TODO: check
+CAN-2003-1138 (The default configuration of Apache 2.0.40, as shipped with Red Hat ...)
+ TODO: check
+CAN-2003-1137 (Charles Steinkuehler sh-httpd 0.3 and 0.4 allows remote attackers to ...)
+ TODO: check
+CAN-2003-1136 (Cross-site scripting (XSS) vulnerability in Chi Kien Uong Guestbook ...)
+ TODO: check
+CAN-2003-1135 (Buffer overflow in Yahoo! Messenger 5.6 allows remote attackers to ...)
+ TODO: check
+CAN-2003-1134 (Sun Java 1.3.1, 1.4.1, and 1.4.2 allows local users to cause a denial ...)
+ TODO: check
+CAN-2003-1133 (Rit Research Labs The Bat! 1.0.11 through 2.0 creates new accounts ...)
+ TODO: check
+CAN-2002-1660 (calendar.php in vBulletin 2.0.3 and earlier allows remote attackers to ...)
+ TODO: check
+CAN-2002-1659 (user_profile.asp in PortalApp 2.2 allows local users to gain ...)
+ TODO: check
+CAN-2001-1477 (The Domain gateway in BEA Tuxedo 7.1 does not perform authorization ...)
+ TODO: check
CAN-2005-XXXX [kfreebsd5-source: FreeBSD Security Advisory FreeBSD-SA-05:04.ifconf]
- kfreebsd5-source 5.3-10
CAN-2005-XXXX [phpbb2: Security issue in url/bbcode]
@@ -4529,8 +5258,8 @@
NOTE: reserved
CAN-2005-0040
NOTE: reserved
-CAN-2005-0039
- NOTE: reserved
+CAN-2005-0039 (Certain configurations of IPsec, when using Encapsulating Security ...)
+ TODO: check
CAN-2005-0038
NOTE: reserved
CAN-2005-0037
@@ -6694,8 +7423,8 @@
NOTE: reserved
CAN-2004-0463
NOTE: reserved
-CAN-2004-0462
- NOTE: reserved
+CAN-2004-0462 (The built-in web servers for multiple networking devices do not set ...)
+ TODO: check
CAN-2004-0461 (The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when ...)
NOTE: debian probably not vulnerable
- dhcp3 3.0.1
@@ -8829,7 +9558,7 @@
- mnogosearch-common 3.2.11
CAN-2003-0435 (Buffer overflow in net_swapscore for typespeed 0.4.1 and earlier ...)
{DSA-322}
-CAN-2003-0434 (Various PDF viewers including Adobe Acrobat 5.06 and Xpdf 1.01 allow ...)
+CAN-2003-0434 (Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 ...)
NOTE: various pdf viewers
NOTE: kpdf does not seem to support hyperlinks; so not vulnerable
NOTE: gpdf 2.8.0 does not seem to be vulnerable