[Secure-testing-commits] r1143 - sarge-checks/CAN
Moritz Muehlenhoff
jmm-guest@costa.debian.org
Wed, 25 May 2005 08:03:40 +0000
Author: jmm-guest
Date: 2005-05-25 08:03:37 +0000 (Wed, 25 May 2005)
New Revision: 1143
Modified:
sarge-checks/CAN/list
Log:
new issues: qpopper and net-snmp
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-05-25 07:11:45 UTC (rev 1142)
+++ sarge-checks/CAN/list 2005-05-25 08:03:37 UTC (rev 1143)
@@ -1,3 +1,5 @@
+CAN-2005-XXXX [Insecure tempfile handling in net-snmp's fixproc]
+ - net-snmp (unfixed)
CAN-2005-XXXX [Two DoS condition in ekg]
- ekg 1:1.5+20050411-3
CAN-2005-XXXX [lcrash affected by libbfd integer overflows]
@@ -2010,10 +2012,12 @@
CAN-2005-1153 (Firefox before 1.0.3 and Mozilla Suite before 1.7.7, when blocking a ...)
- mozilla-firefox 1.0.3-1
- mozilla 1.7.7-1
-CAN-2005-1152
+CAN-2005-1152 [Qpopper can be forced to create group or world writable files]
NOTE: reserved
-CAN-2005-1151
+ - qpopper (unfixed)
+CAN-2005-1151 [Insufficient privilege drop in qpopper]
NOTE: reserved
+ - qpopper (unfixed)
CAN-2005-1150 (Unknown vulnerability in Sun Java System Web Server 6.0 SP7 and ...)
NOTE: not-for-us (Sun Java)
CAN-2005-1149 (SQL injection vulnerability in admin/login.asp in aspclick.it ACNews ...)