[Secure-testing-commits] r1045 - sarge-checks/CAN
Joey Hess
joeyh@costa.debian.org
Wed, 11 May 2005 21:14:23 +0000
Author: joeyh
Date: 2005-05-11 21:14:20 +0000 (Wed, 11 May 2005)
New Revision: 1045
Modified:
sarge-checks/CAN/list
Log:
automatic CAN database update
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-05-11 20:59:54 UTC (rev 1044)
+++ sarge-checks/CAN/list 2005-05-11 21:14:20 UTC (rev 1045)
@@ -1,3 +1,73 @@
+CAN-2005-1512 (The Admin panel in PwsPHP 1.2.2 does not properly verify uploaded ...)
+ TODO: check
+CAN-2005-1511 (PwsPHP 1.2.2 allows remote attackers to bypass authentication and post ...)
+ TODO: check
+CAN-2005-1510 (PwsPHP 1.2.2 allows remote attackers to obtain sensitive information ...)
+ TODO: check
+CAN-2005-1509 (SQL injection vulnerability in profil.php in PwsPHP 1.2.2 allows ...)
+ TODO: check
+CAN-2005-1508 (Multiple cross-site scripting (XSS) vulnerabilities in PwsPHP 1.2.2 ...)
+ TODO: check
+CAN-2005-1507 (Buffer overflow in the Tomcat plugin in 4d WebSTAR 5.33 and 5.4 allows ...)
+ TODO: check
+CAN-2005-1506 (SQL injection vulnerability in out.php in CJ Ultra Plus 1.0.3 and ...)
+ TODO: check
+CAN-2005-1505 (The new account wizard in Mail.app 2.0 in Mac OS 10.4, when ...)
+ TODO: check
+CAN-2005-1504 (GameSpy SDK CD-Key Validation Toolkit, as used by many online games, ...)
+ TODO: check
+CAN-2005-1503 (Multiple SQL injection vulnerabilities in MidiCart PHP Shopping Cart ...)
+ TODO: check
+CAN-2005-1502 (Cross-site scripting (XSS) vulnerability in MidiCart PHP Shopping Cart ...)
+ TODO: check
+CAN-2005-1501 (MidiCart PHP Shopping Cart allows remote attackers to obtain sensitive ...)
+ TODO: check
+CAN-2005-1500 (Multiple SQL injection vulnerabilities in myBloggie 2.1.1 allow remote ...)
+ TODO: check
+CAN-2005-1499 (delcomment.php in myBloggie 2.1.1 allows remote attackers to delete ...)
+ TODO: check
+CAN-2005-1498 (Multiple cross-site scripting (XSS) vulnerabilities in myBloggie 2.1.1 ...)
+ TODO: check
+CAN-2005-1497 (index.php in myBloggie 2.1.1 allows remote attackers to obtain ...)
+ TODO: check
+CAN-2005-1496 (The DBMS_Scheduler in Oracle 10g allows remote attackers with CREATE ...)
+ TODO: check
+CAN-2005-1495 (Oracle Database 9i and 10g disables Fine Grained Audit (FGA) after the ...)
+ TODO: check
+CAN-2005-1494 (Multiple cross-site scripting (XSS) vulnerabilities in admin.cgi in ...)
+ TODO: check
+CAN-2005-1493 (Directory traversal vulnerability in SimpleCam 1.2 allows remote ...)
+ TODO: check
+CAN-2005-1492 (Cross-site scripting (XSS) vulnerability in user.cgi in Gossamer ...)
+ TODO: check
+CAN-2005-1491 (Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2 allows remote ...)
+ TODO: check
+CAN-2005-1490 (Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2, when the ...)
+ TODO: check
+CAN-2005-1489 (Unknown vulnerability in Merak Mail Server 8.0.3 with Icewarp Web Mail ...)
+ TODO: check
+CAN-2005-1488 (Multiple cross-site scripting (XSS) vulnerabilities in Merak Mail ...)
+ TODO: check
+CAN-2005-1487 (Multiple SQL injection vulnerabilities in FishCart 3.1 allow remote ...)
+ TODO: check
+CAN-2005-1486 (Multiple cross-site scripting vulnerabilities in FishCart 3.1 allow ...)
+ TODO: check
+CAN-2005-1485 (Golden FTP Server Pro allows 2.52 allows remote attackers to obtain ...)
+ TODO: check
+CAN-2005-1484 (Directory traversal vulnerability in Golden FTP server pro 2.52 allows ...)
+ TODO: check
+CAN-2005-1483 (Multiple cross-site scripting (XSS) vulnerabilities in ArticleLive ...)
+ TODO: check
+CAN-2005-1482 (ArticleLive 2005 allows remote attackers to gain privileges by ...)
+ TODO: check
+CAN-2005-1481 (Multiple SQL injection vulnerabilities in ASP Inline Corporate ...)
+ TODO: check
+CAN-2005-1480 (Directory traversal vulnerability in RaidenFTPD before 2.4.2241 allows ...)
+ TODO: check
+CAN-2005-1479 (SQL injection vulnerability in jgs_portal.php in JGS-Portal 3.0.1 and ...)
+ TODO: check
+CAN-2005-1478 (Format string vulnerability in dSMTP (dsmtp.exe) in DMail 3.1a allows ...)
+ TODO: check
CAN-2005-1516 (DList (dlist.exe) in DMail 3.1a allows remote attackers to bypass ...)
NOTE: not-for-us
CAN-2005-1515 (Integer signedness error in the qmail_put and substdio_put functions ...)