[Secure-testing-commits] r1084 - sarge-checks/CAN

SALVETTI Djoumé djoume-guest@costa.debian.org
Tue, 17 May 2005 10:47:25 +0000


Author: djoume-guest
Date: 2005-05-17 10:47:22 +0000 (Tue, 17 May 2005)
New Revision: 1084

Modified:
   sarge-checks/CAN/list
Log:
* processed my block


Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list	2005-05-17 10:36:11 UTC (rev 1083)
+++ sarge-checks/CAN/list	2005-05-17 10:47:22 UTC (rev 1084)
@@ -805,116 +805,110 @@
 	NOTE: not-for-us
 CAN-2004-1792 (swnet.dll in YaSoft Switch Off 2.3 and earlier allows remote attackers ...)
 	NOTE: not-for-us
-begin claimed by djoume
 CAN-2004-1791 (The web management interface in Edimax AR-6004 ADSL Routers uses a ...)
-	TODO: check
+	NOTE: not-for-us (Edimax Router)
 CAN-2004-1790 (Cross-site scripting (XSS) vulnerability in the web management ...)
-	TODO: check
+	NOTE: not-for-us (Edimax Router)
 CAN-2004-1789 (Cross-site scripting (XSS) vulnerability in the web management ...)
-	TODO: check
+	NOTE: not-for-us (ZyWALL)
 CAN-2004-1788 (ASP-Nuke 1.3 and earlier places user credentials under the web ...)
-	TODO: check
+	NOTE: not-for-us (ASP-Nuke)
 CAN-2004-1787 (SQL injection vulnerability in PostCalendar 4.0.0 allows remote ...)
-	TODO: check
+	NOTE: not-for-us (PostCalendar)
 CAN-2004-1786 (PortalApp places user credentials under the web root with insufficient ...)
-	TODO: check
+	NOTE: not-for-us (PortalApp)
 CAN-2004-1785 (SQL injection vulnerability in calendar.php for Invision Power Board ...)
-	TODO: check
+	NOTE: not-for-us (Invision Power Board)
 CAN-2004-1784 (Buffer overflow in the web server of Webcam Watchdog 3.63 allows ...)
-	TODO: check
+	NOTE: not-for-us (web server of Webcam Watchdog)
 CAN-2004-1783 (Directory traversal vulnerability in Net2Soft Flash FTP Server 1.0 ...)
-	TODO: check
+	NOTE: not-for-us (Net2Soft Flash FTP Server)
 CAN-2004-1782 (athenareg.php in Athena Web Registration allows remote attackers to ...)
-	TODO: check
+	NOTE: not-for-us (Athena Web Registration)
 CAN-2004-1781 (Info Touch Surfnet kiosk allows local users to crash Surfnet and ...)
-	TODO: check
+	NOTE: not-for-us (Info Touch Surfnet kiosk)
 CAN-2004-1780 (Info Touch Surfnet kiosk allows local users to deposit extra time into ...)
-	TODO: check
+	NOTE: not-for-us (Info Touch Surfnet kiosk)
 CAN-2004-1779 (Cross-site scripting (XSS) vulnerability in board.php for ThWboard ...)
-	TODO: check
+	NOTE: not-for-us (ThWboard)
 CAN-2003-1202 (The checklogin function in omail.pl for omail webmail 0.98.4 and ...)
-	TODO: check
+	NOTE: not-for-us (omail webmail)
 CAN-2003-1201 (ldbm_back_exop_passwd in the back-ldbm backend in passwd.c for ...)
-	TODO: check
+	- openldap2 2.1.17-1
 CAN-2003-1200 (Stack-based buffer overflow in FORM2RAW.exe in Alt-N MDaemon 6.5.2 ...)
-	TODO: check
+	NOTE: not-for-us (MDaemon)
 CAN-2003-1199 (Cross-site scripting (XSS) vulnerability in MyProxy 20030629 allows ...)
-	TODO: check
+	NOTE: not-for-us (MyProxy)
 CAN-2003-1198 (connection.c in Cherokee web server before 0.4.6 allows remote ...)
-	TODO: check
-CAN-2003-1197 (Cross-site scripting (XSS) vulnerability in index.php for ...)
-	TODO: check
+	- cherokee 0.4.21b01-1
 CAN-2003-1196 (SQL injection vulnerability in viewtopic.asp in VieBoard 2.6 allows ...)
-	TODO: check
+	NOTE: not-for-us (VieBoard)
 CAN-2003-1195 (SQL injection vulnerability in getmember.asp in VieBoard 2.6 Beta 1 ...)
-	TODO: check
+	NOTE: not-for-us (VieBoard)
 CAN-2003-1194 (Cross-site scripting (XSS) vulnerability in Booby .1 through 0.2.3 ...)
-	TODO: check
+	NOTE: not-for-us (Booby)
 CAN-2003-1193 (Multiple SQL injection vulnerabilities in the Portal DB (1) List of ...)
-	TODO: check
+	NOTE: not-for-us (Portal DB)
 CAN-2003-1192 (Stack-based buffer overflow in IA WebMail Server 3.1.0 allows remote ...)
-	TODO: check
+	NOTE: not-for-us (IA WebMail Server)
 CAN-2003-1191 (chatbox.php in e107 0.554 and 0.603 allows remote attackers to cause a ...)
-	TODO: check
+	NOTE: not-for-us (e107)
 CAN-2003-1190 (Cross-site scripting (XSS) vulnerability in PHPRecipeBook 1.24 through ...)
-	TODO: check
+	NOTE: not-for-us (PHPRecipeBook)
 CAN-2003-1189 (Unknown vulnerability in Nokia IPSO 3.7, configured as IP Clusters, ...)
-	TODO: check
+	NOTE: not-for-us (Nokia IPSO)
 CAN-2003-1188 (Unichat allows remote attackers to cause a denial of service (crash) ...)
-	TODO: check
+	NOTE: not-for-us (Unichat)
 CAN-2003-1187 (Cross-site scripting (XSS) vulnerability in include.php in PHPKIT ...)
-	TODO: check
+	NOTE: not-for-us (PHPKIT)
 CAN-2003-1186 (Buffer overflow in TelCondex SimpleWebServer 2.12.30210 Build3285 ...)
-	TODO: check
+	NOTE: not-for-us (TelCondex SimpleWebServer)
 CAN-2003-1185 (Multiple SQL injection vulnerabilities in ThWboard before Beta 2.8.2 ...)
-	TODO: check
+	NOTE: not-for-us (ThWboard)
 CAN-2003-1184 (Multiple cross-site scripting (XSS) vulnerabilities in ThWboard Beta ...)
-	TODO: check
+	NOTE: not-for-us (ThWboard)
 CAN-2003-1183 (The WebCache component in Oracle Files 9.0.3.1.0, 9.0.3.2.0, and ...)
-	TODO: check
+	NOTE: not-for-us (Oracle Collaboration Suite)
 CAN-2003-1182 (Cross-site scripting (XSS) vulnerability in MPM Guestbook 1.2 allows ...)
-	TODO: check
+	NOTE: not-for-us (MPM Guestbook)
 CAN-2003-1181 (Advanced Poll 2.0.2 allows remote attackers to obtain sensitive ...)
-	TODO: check
+	NOTE: not-for-us (Advanced Poll)
 CAN-2003-1180 (Directory traversal vulnerability in Advanced Poll 2.0.2 allows remote ...)
-	TODO: check
+	NOTE: not-for-us (Advanced Poll)
 CAN-2003-1179 (Multiple PHP remote code injection vulnerabilities in Advanced Poll ...)
-	TODO: check
+	NOTE: not-for-us (Advanced Poll)
 CAN-2003-1178 (comments.php in Advanced Poll 2.0.2 allows remote attackers to execute ...)
-	TODO: check
+	NOTE: not-for-us (Advanced Poll)
 CAN-2003-1177 (Buffer overflow in the base64 decoder in MERCUR Mailserver 4.2 before ...)
-	TODO: check
+	NOTE: not-for-us (MERCUR Mailserver)
 CAN-2003-1176 (post_message_form.asp in Web Wiz Forums 6.34 through 7.5, when quote ...)
-	TODO: check
+	NOTE: not-for-us (Web Wiz Forums)
 CAN-2003-1175 (Cross-site scripting (XSS) vulnerability in index.php in Sympoll 1.5 ...)
-	TODO: check
+	NOTE: not-for-us (Sympoll)
 CAN-2003-1174 (Buffer overflow in NullSoft Shoutcast Server 1.9.2 allows local users ...)
-	TODO: check
+	NOTE: not-for-us (NullSoft Shoutcast Server)
 CAN-2003-1173 (Centrinity FirstClass 7.1 allows remote attackers to access sensitive ...)
-	TODO: check
+	NOTE: not-for-us (Centrinity FirstClass)
 CAN-2003-1172 (Directory traversal vulnerability in the view-source sample file in ...)
-	TODO: check
+	NOTE: not-for-us (Apache Software Foundation Cocoon)
 CAN-2003-1171 (Heap-based buffer overflow in the sec_filter_out function in ...)
-	TODO: check
+	- libapache-mod-security 1.8.4-1
 CAN-2003-1170 (Format string vulnerability in main.cpp in kpopup 0.9.1 and 0.9.5pre2 ...)
-	TODO: check
+	NOTE: not-for-us (kpopup)
 CAN-2003-1169 (DATEV Nutzungskontrolle 2.1 and 2.2 has insecure write permissions for ...)
-	TODO: check
-CAN-2003-1168 (HTTP Commander 4.0 allows remote attackers to obtain sensitive ...)
-	TODO: check
+	NOTE: not-for-us (DATEV Nutzungskontrolle)
 CAN-2003-1167 (misc.cpp in KPopup 0.9.1 trusts the PATH variable when executing ...)
-	TODO: check
+	NOTE: not-for-us (kpopup)
 CAN-2003-1166 (Directory traversal vulnerability in (1) Openfile.aspx and (2) ...)
-	TODO: check
+	NOTE: not-for-us (HTTP Commander)
 CAN-2003-1165 (Buffer overflow in BRS WebWeaver 1.06 and earlier allows remote ...)
-	TODO: check
+	NOTE: not-for-us (BRS WebWeaver)
 CAN-2003-1164 (Cross-site scripting (XSS) vulnerability in Mldonkey 2.5-4 allows ...)
-	TODO: check
+	- mldonkey 2.5.11-1
 CAN-2003-1163 (hash.c in Ganglia gmond 2.5.3 allows remote attackers to cause a ...)
-	TODO: check
+	NOTE: not-for-us (Ganglia gmond)
 CAN-2003-1162 (index.php in Tritanium Bulletin Board 1.2.3 allows remote attackers to ...)
-	TODO: check
-end claimed by djoume
+	NOTE: not-for-us (Tritanium Bulletin Board)
 CAN-2003-1161 (exit.c in Linux kernel 2.6-test9-CVS, as stored on kernel.bkbits.net, ...)
 	NOTE: ancient and unreleased source code with backdoor
 CAN-2003-1160 (FlexWATCH Network video server 132 allows remote attackers to bypass ...)