[Secure-testing-commits] r1148 - sarge-checks/CAN

Moritz Muehlenhoff jmm-guest@costa.debian.org
Wed, 25 May 2005 09:40:12 +0000 

Author: jmm-guest
Date: 2005-05-25 09:40:10 +0000 (Wed, 25 May 2005)
New Revision: 1148

Modified:
   sarge-checks/CAN/list
Log:
processed first block, claim new


Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list	2005-05-25 09:22:07 UTC (rev 1147)
+++ sarge-checks/CAN/list	2005-05-25 09:40:10 UTC (rev 1148)
@@ -1,42 +1,41 @@
-begin claimed by jmm
 CAN-2005-1750 (SQL injection vulnerability in login.asp in ezdwc NewsletterEz 3.0 ...)
-	TODO: check
+	NOTE: not-for-us (ezwdc NewsletterEz)
 CAN-2005-1749 (Buffer overflow in BEA WebLogic Server and WebLogic Express 6.1 ...)
-	TODO: check
+	NOTE: not-for-us (BEA Weblogic)
 CAN-2005-1748 (The embedded LDAP server in BEA WebLogic Server and Express 8.1 ...)
-	TODO: check
+	NOTE: not-for-us (BEA Weblogic)
 CAN-2005-1747 (Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic ...)
-	TODO: check
+	NOTE: not-for-us (BEA Weblogic)
 CAN-2005-1746 (The cluster cookie parsing code in BEA WebLogic Server 7.0 through ...)
-	TODO: check
+	NOTE: not-for-us (BEA Weblogic)
 CAN-2005-1745 (The UserLogin control in BEA WebLogic Portal 8.1 through Service Pack ...)
-	TODO: check
+	NOTE: not-for-us (BEA Weblogic)
 CAN-2005-1744 (BEA WebLogic Server and WebLogic Express 7.0 through Service Pack 5 ...)
-	TODO: check
+	NOTE: not-for-us (BEA Weblogic)
 CAN-2005-1743 (BEA WebLogic Server and WebLogic Express 8.1 through Service Pack 3 ...)
-	TODO: check
+	NOTE: not-for-us (BEA Weblogic)
 CAN-2005-1742 (BEA WebLogic Server and WebLogic Express 8.1 SP2 and SP3 allows users ...)
-	TODO: check
+	NOTE: not-for-us (BEA Weblogic)
 CAN-2005-1741 (Gearbox Software Halo Combat Evolved 1.6 allows remote attackers to ...)
-	TODO: check
+	NOTE: not-for-us (Halo)
 CAN-2005-1740 (fixproc in Net-snmp 5.x before 5.2.1-r1 creates temporary files ...)
 	- net-snmp (unfixed; bug filed)
 CAN-2005-1739 (The XWD Decoder in ImageMagick before 6.2.2.3, and GraphicsMagick ...)
 	- imagemagick (unfixed; bug #310690)
 CAN-2005-1738 (Multiple format string vulnerabilities in the (1) logPrintBadfile ...)
-	TODO: check
+	NOTE: not-for-us (Iron Bars Shell)
 CAN-2005-1737 (Multiple unknown vulnerabilities in PROMS 0.11 allow "non-authorized ...)
-	TODO: check
+	NOTE: not-for-us (PROMS)
 CAN-2005-1736 (PROMS 0.11 does not properly handle "certain combinations of rights," ...)
-	TODO: check
+	NOTE: not-for-us (PROMS)
 CAN-2005-1735 (Multiple cross-site scripting (XSS) vulnerabilities in PROMS before ...)
-	TODO: check
+	NOTE: not-for-us (PROMS)
 CAN-2005-1734 (Multiple SQL injection vulnerabilities in PROMS before 0.11 allow ...)
-	TODO: check
+	NOTE: not-for-us (PROMS)
 CAN-2005-1733 (Cookie Cart stores the password file under the web document root with ...)
-	TODO: check
+	NOTE: not-for-us (Cookie Cart)
 CAN-2005-1732 (Cookie Cart allows remote attackers to read the Order Notification ...)
-	TODO: check
+	NOTE: not-for-us (Cookie Cart)
 CAN-2005-1731
 	NOTE: reserved
 CAN-2005-1730
@@ -62,38 +61,39 @@
 CAN-2005-1720
 	NOTE: reserved
 CAN-2005-1719 (Unknown vulnerability in ALWIL avast! antivirus 4 (4.6.6230) and ...)
-	TODO: check
+	NOTE: not-for-us (avast! antivirus)
 CAN-2005-1718 (Buffer overflow in LS Games War Times 1.03 and earlier allows remote ...)
-	TODO: check
+	NOTE: not-for-us (War Times)
 CAN-2005-1717 (ZyXEL Prestige 650R-31 router running ZyNOS FW v3.40(KO.1) allows ...)
-	TODO: check
+	NOTE: not-for-us (Zyxel hardware)
 CAN-2005-1716 (TOPo 2.2 (2.2.178) stores data files in the data directory under the ...)
-	TODO: check
+	NOTE: not-for-us (TOPo)
 CAN-2005-1715 (Cross-site scripting (XSS) vulnerability in index.php for TOPo 2.2 ...)
-	TODO: check
+	NOTE: not-for-us (TOPo)
 CAN-2005-1714 (Cross-site scripting (XSS) vulnerability in NetWin SurgeMail 3.0c2 ...)
-	TODO: check
+	NOTE: not-for-us (SurgeMail)
 CAN-2005-1713 (Multiple cross-site scripting (XSS) vulnerabilities in Serendipity 0.8 ...)
-	TODO: check
+	NOTE: not-for-us (Serendipity)
 CAN-2005-1712 (Unknown vulnerability in Serendipity 0.8, when used with multiple ...)
-	TODO: check
+	NOTE: not-for-us (Serendipity)
 CAN-2005-1711 (Gibraltar Firewall 2.2 and earlier, when using the ClamAV update to ...)
-	TODO: check
+	NOTE: not-for-us (Gibraltar Firewall)
+	TODO: check, whether gibraltar-bootcd is in any way related/affected
 CAN-2005-1710 (Multiple cross-site scripting (XSS) vulnerabilities in Blue Coat ...)
-	TODO: check
+	NOTE: not-for-us (Blue Coat)
 CAN-2005-1709 (Unknown vulnerability in Blue Coat Reporter before 7.1.2 allows remote ...)
-	TODO: check
+	NOTE: not-for-us (Blue Coat)
 CAN-2005-1708 (Unknown vulnerability in Blue Coat Reporter before 7.1.2 allows ...)
-	TODO: check
+	NOTE: not-for-us (Blue Coat)
 CAN-2005-1707 (The fn_show_postinst function in Gentoo webapp-config before 1.10-r14 ...)
-	TODO: check
+	NOTE: not-for-us (Gentoo)
 CAN-2005-1706 (Unknown vulnerability in MailScanner 4.41.3 and earlier, related to ...)
-	TODO: check
+	- mailscanner (unfixed)
 CAN-2005-1705 (gdb before 6.3 searches the current working directory to load the ...)
-	TODO: check
-end claimed by jmm
+	- gdb (unfixed)
 CAN-2005-1704 (Integer overflow in the BFD library for gdb before 6.3 allows ...)
 	- gdb (unfixed; bug #308624)
+begin claimed by jmm
 CAN-2005-1703 (Warrior Kings: Battles 1.23 and earlier allows remote attackers to ...)
 	TODO: check
 CAN-2005-1702 (Format string vulnerability in Warrior Kings: Battles 1.23 and earlier ...)
@@ -210,6 +210,7 @@
 	TODO: check
 CAN-2004-2086 (Stack-based buffer overflow in results.stm for Sambar Server before ...)
 	TODO: check
+end claimed by jmm
 CAN-2004-2085 (Multiple cross-site scripting (XSS) vulnerabilities in Brad Fears ...)
 	TODO: check
 CAN-2004-2084 (Cross-site scripting (XSS) vulnerability in search.php in JShop ...)