[Secure-testing-commits] r1048 - sarge-checks/CAN

SALVETTI Djoumé djoume-guest@costa.debian.org
Thu, 12 May 2005 21:56:18 +0000


Author: djoume-guest
Date: 2005-05-12 21:56:13 +0000 (Thu, 12 May 2005)
New Revision: 1048

Modified:
   sarge-checks/CAN/list
Log:
* processed and claimed.


Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list	2005-05-12 21:00:12 UTC (rev 1047)
+++ sarge-checks/CAN/list	2005-05-12 21:56:13 UTC (rev 1048)
@@ -539,102 +539,102 @@
 	NOTE: not-for-us
 CAN-2004-1840 (Multiple cross-site scripting (XSS) vulnerabilities in MS Analysis ...)
 	NOTE: not-for-us
-begin claimed by djoume
 CAN-2004-1839 (MS Analysis module 2.0 for PHP-Nuke allows remote attackers to obtain ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1838 (Directory traversal vulnerability in xweb 1.0 allows remote attackers ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1837 (Cross-site scripting (XSS) vulnerability in Mod_survey 3.0.x before ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1836 (SQL injection vulnerability in index.php in Invision Power Top Site ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1835 (Multiple SQL injection vulnerabilities in index.php in Invision ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1834 (mod_disk_cache in Apache 2.0 through 2.0.49 stores client headers, ...)
-	TODO: check
+	- apache2 2.0.53-1
 CAN-2004-1833 (The admin.ib file in Borland Interbase 7.1 for Linux has default world ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1832 (Buffer overflow in the GUI admin service in Mac OS X Server 10.3 ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1831 (Buffer overflow in Chrome 1.2.0.0 and earlier allows remote attackers ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1830 (Error Manager 2.1 for PHP-Nuke 6.0 allow remote attackers to obtain ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1829 (Multiple cross-site scripting (XSS) vulnerabilities in error.php in ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1828 (Vcard 2.9 and possibly other versions does not require authorization ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1827 (Cross-site scripting (XSS) vulnerability in YaBB 1 Gold(SP1.3) and ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1826 (SQL injection vulnerability in index.php in Mambo Open Source 4.5 ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1825 (Cross-site scripting (XSS) vulnerability in index.php in Mambo Open ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1824 (Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin before ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1823 (Multiple cross-site scripting (XSS) vulnerabilities in Jelsoft ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1822 (Multiple cross-site scripting (XSS) vulnurabilities in Phorum 3.1 ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1821 (SQL injection vulnerability in 4nalbum 0.92 for PHP-Nuke 6.5 through ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1820 (PHP remote code injection vulnerability in displaycategory.php in ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1819 (4nalbum 0.92 for PHP-Nuke 6.5 through 7.0 allows remote attackers to ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1818 (Cross-site scripting (XSS) vulnerability in nmimage.php in 4nalbum ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1817 (Cross-site scripting (XSS) vulnerability in modules.php in Php-Nuke ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1816 (Unknown vulnerability in Sun Java System Application Server 7.0 Update ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1815 (Unknown vulnerability in ColdFusion MX 6.0 and 6.1, and JRun 4.0, when ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1814 (Directory traversal vulnerability in VocalTec VGW4/8 Gateway 8.0 ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1813 (VocalTec VGW4/8 Gateway 8.0 allows remote attackers to bypass ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1812 (Multiple stack-based buffer overflows in Agent Common Services (1) ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1811 (The SSL HTTP Server in HP Web-enabled Management Software 5.0 through ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1810 (The Javascript engine in Opera 7.23 allows remote attackers to cause a ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1809 (Cross-site scripting (XSS) vulnerability in phpBB 2.0.6d and earlier ...)
-	TODO: check
+	- phpbb2 2.0.10-1
+	NOTE: probably fixed in 2.0.6d-3
 CAN-2004-1808 (Extcompose in metamail does not verify the output file before writing ...)
-	TODO: check
+	- metamail (unfixed, bug filed)
 CAN-2004-1807 (Cross-site scripting (XSS) vulnerability in index.cfm in CFWebstore ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1806 (SQL injection vulnerability in index.cfm in CFWebstore 5.0 allows ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1805 (Format string vulnerability in games using the Epic Games Unreal ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1804 (wMCam server 2.1.348 allows remote attackers to cause a denial of ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1802 (Chat Anywhere 2.72 and earlier allows remote attackers to hide their ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1801 (Directory traversal vulnerability in PWebServer 0.3.3 allows remote ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1800 (Unknown vulnerability in Sysbotz SimpleData 4.0.1 and possibly earlier ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1799 (PF in certain OpenBSD versions, when stateful filtering is enabled, ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1798 (RealOne player 6.0.11.868 allows remote attackers to execute arbitrary ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1797 (Cross-site scripting (XSS) vulnerability in search.php for FreznoShop ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1796 (PHP remote code injection vulnerability in HotNews 0.7.2 and earlier ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1795 (Info Touch Surfnet kiosk allows local users to access the underlying ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1794 (Cross-site scripting (XSS) vulnerability in the VCard4J Toolkit allows ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1793 (Stack-based buffer overflow in swnet.dll in YaSoft Switch Off 2.3 and ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1792 (swnet.dll in YaSoft Switch Off 2.3 and earlier allows remote attackers ...)
-	TODO: check
-end claimed by djoume
+	NOTE: not-for-us
+begin claimed by djoume
 CAN-2004-1791 (The web management interface in Edimax AR-6004 ADSL Routers uses a ...)
 	TODO: check
 CAN-2004-1790 (Cross-site scripting (XSS) vulnerability in the web management ...)
@@ -743,6 +743,7 @@
 	TODO: check
 CAN-2003-1162 (index.php in Tritanium Bulletin Board 1.2.3 allows remote attackers to ...)
 	TODO: check
+end claimed by djoume
 CAN-2003-1161 (exit.c in Linux kernel 2.6-test9-CVS, as stored on kernel.bkbits.net, ...)
 	TODO: check
 CAN-2003-1160 (FlexWATCH Network video server 132 allows remote attackers to bypass ...)