[Secure-testing-commits] r1038 - sarge-checks/CAN

Joey Hess joeyh@costa.debian.org
Wed, 11 May 2005 13:50:00 +0000 

Author: joeyh
Date: 2005-05-11 13:49:57 +0000 (Wed, 11 May 2005)
New Revision: 1038

Modified:
   sarge-checks/CAN/list
Log:
claim

also filed bug on firefox issues


Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list	2005-05-11 09:45:55 UTC (rev 1037)
+++ sarge-checks/CAN/list	2005-05-11 13:49:57 UTC (rev 1038)
@@ -98,12 +98,12 @@
 CAN-2004-2023 (SQL injection vulnerability in login.php in Zen Cart 1.1.2d, 1.1.4 ...)
 	TODO: check
 end claimed by djoume
+begin claimed by joeyh
 CAN-2004-2022 (Stack-based buffer overflow in ActivePerl for Win32 5.6.1 and 5.8.0 ...)
 	TODO: check
 CAN-2004-2021 (Directory traversal vulnerability in file_manager.php in osCommerce ...)
 	TODO: check
 CAN-2004-2020 (Multiple cross-site scripting (XSS) vulnerabilities in Php-Nuke 6.x ...)
-	TODO: check
 CAN-2004-2019 (The WebLinks module in Php-Nuke 6.x through 7.3 allows remote ...)
 	TODO: check
 CAN-2004-2018 (PHP remote code injection vulnerability in index.php in Php-Nuke 6.x ...)
@@ -344,6 +344,7 @@
 	TODO: check
 CAN-2004-1899 (The administration interface in Monit 1.4 through 4.2 allows remote ...)
 	TODO: check
+end claimed by joeyh
 CAN-2004-1898 (Stack-based buffer overflow in the administration interface in Monit ...)
 	TODO: check
 CAN-2004-1897 (Administration interface in Monit 1.4 through 4.2 allows remote ...)
@@ -694,7 +695,6 @@
 	TODO: check
 CAN-2003-1147
 	NOTE: rejected
-	TODO: check
 CAN-2003-1146 (Cross-site scripting (XSS) vulnerability in John Beatty Easy PHP Photo ...)
 	TODO: check
 CAN-2003-1145 (Cross-site scripting (XSS) vulnerability in friendmail.php in ...)
@@ -734,9 +734,9 @@
 CAN-2005-XXXX [phpbb2: Security issue in url/bbcode]
 	- phpbb2 (unfixed; bug #308282)
 CAN-2005-1477 (The install function in Firefox 1.0.3 allows remote web sites on the ...)
-	TODO: check
+	- mozilla-firefox (unfixed; bug filed)
 CAN-2005-1476 (Firefox 1.0.3 allows remote attackers to execute arbitrary Javascript ...)
-	TODO: check
+	- mozilla-firefox (unfixed; bug filed)
 CAN-2005-1475
 	NOTE: reserved
 CAN-2005-1474