[Secure-testing-commits] r2421 - data/CAN
Joey Hess
joeyh at costa.debian.org
Mon Oct 17 21:07:55 UTC 2005
Author: joeyh
Date: 2005-10-17 21:07:50 +0000 (Mon, 17 Oct 2005)
New Revision: 2421
Modified:
data/CAN/list
Log:
automatic CAN database update
Modified: data/CAN/list
===================================================================
--- data/CAN/list 2005-10-17 20:08:15 UTC (rev 2420)
+++ data/CAN/list 2005-10-17 21:07:50 UTC (rev 2421)
@@ -1,3 +1,113 @@
+CAN-2005-3237 (Cross-site scripting (XSS) vulnerability in Cyphor 0.19 allows remote ...)
+ TODO: check
+CAN-2005-3236 (Multiple SQL injection vulnerabilities in Cyphor 0.19 allow remote ...)
+ TODO: check
+CAN-2005-3235 (Multiple interpretation error in unspecified versions of Proland ...)
+ TODO: check
+CAN-2005-3234 (Multiple interpretation error in unspecified versions of Grisoft AVG ...)
+ TODO: check
+CAN-2005-3233 (Multiple interpretation error in unspecified versions of Trustix ...)
+ TODO: check
+CAN-2005-3232 (Multiple interpretation error in unspecified versions of TheHacker ...)
+ TODO: check
+CAN-2005-3231 (Multiple interpretation error in unspecified versions of CAT Quick ...)
+ TODO: check
+CAN-2005-3230 (Multiple interpretation error in unspecified versions of Panda ...)
+ TODO: check
+CAN-2005-3229 (Multiple interpretation error in unspecified versions of ClamAV ...)
+ TODO: check
+CAN-2005-3228 (Multiple interpretation error in unspecified versions of Ikarus ...)
+ TODO: check
+CAN-2005-3227 (Multiple interpretation error in unspecified versions of UNA Antivirus ...)
+ TODO: check
+CAN-2005-3226 (Multiple interpretation error in unspecified versions of ArcaVir ...)
+ TODO: check
+CAN-2005-3225 (Multiple interpretation error in unspecified versions of (1) ...)
+ TODO: check
+CAN-2005-3224 (Multiple interpretation error in unspecified versions of AntiVir ...)
+ TODO: check
+CAN-2005-3223 (Multiple interpretation error in unspecified versions of Rising ...)
+ TODO: check
+CAN-2005-3222 (Multiple interpretation error in unspecified versions of VBA32 ...)
+ TODO: check
+CAN-2005-3221 (Multiple interpretation error in unspecified versions of Fortinet ...)
+ TODO: check
+CAN-2005-3220 (Multiple interpretation error in unspecified versions of Norman Virus ...)
+ TODO: check
+CAN-2005-3219 (Multiple interpretation error in unspecified versions of Avira ...)
+ TODO: check
+CAN-2005-3218 (Multiple interpretation error in unspecified versions of Dr.Web ...)
+ TODO: check
+CAN-2005-3217 (Multiple interpretation error in unspecified versions of Symantec ...)
+ TODO: check
+CAN-2005-3216 (Multiple interpretation error in unspecified versions of Sophos ...)
+ TODO: check
+CAN-2005-3215 (Multiple interpretation error in unspecified versions of McAfee ...)
+ TODO: check
+CAN-2005-3214 (Multiple interpretation error in unspecified versions of Avast ...)
+ TODO: check
+CAN-2005-3213 (Multiple interpretation error in unspecified versions of F-Prot ...)
+ TODO: check
+CAN-2005-3212 (Multiple interpretation error in unspecified versions of NOD32 ...)
+ TODO: check
+CAN-2005-3211 (Multiple interpretation error in unspecified versions of BitDefender ...)
+ TODO: check
+CAN-2005-3210 (Multiple interpretation error in unspecified versions of Kaspersky ...)
+ TODO: check
+CAN-2005-3209 (Aenovo products (1) aeNovo, (2) aeNovoShop, and (3) aeNovoWYSI store ...)
+ TODO: check
+CAN-2005-3208 (Multiple SQL injection vulnerabilities in (1) aeNovo, (2) aeNovoShop ...)
+ TODO: check
+CAN-2005-3207 (The forms servlet (f90servlet) in Oracle Forms 4.5.10.22 allows remote ...)
+ TODO: check
+CAN-2005-3206 (iSQL*Plus (isqlplus) for Oracle9i Database Server Release 2 9.0.2.4 ...)
+ TODO: check
+CAN-2005-3205 (Cross-site scripting (XSS) vulnerability in iSQL*Plus (iSQLPlus) in ...)
+ TODO: check
+CAN-2005-3204 (Cross-site scripting (XSS) vulnerability in Oracle XML DB 9iR2 allows ...)
+ TODO: check
+CAN-2005-3203 (The manual installation of Oracle HTML DB (HTMLDB) 1.3 through 1.3.6 ...)
+ TODO: check
+CAN-2005-3202 (Multiple cross-site scripting (XSS) vulnerabilities in Oracle HTML DB ...)
+ TODO: check
+CAN-2005-3201 (SQL injection vulnerability in news.php for Utopia News Pro 1.1.3 when ...)
+ TODO: check
+CAN-2005-3200 (Multiple cross-site scripting (XSS) vulnerabilities in Utopia News Pro ...)
+ TODO: check
+CAN-2005-3199 (Multiple SQL injection vulnerabilities in aradmin.asp for aspReady FAQ ...)
+ TODO: check
+CAN-2005-3198 (Webroot Desktop Firewall before 1.3.0build52 allows local users to ...)
+ TODO: check
+CAN-2005-3197 (Stack-based buffer overflow in PWIWrapper.dll for Webroot Desktop ...)
+ TODO: check
+CAN-2005-3196 (Planet Technology Corp FGSW2402RS switch with firmware 1.2 has a ...)
+ TODO: check
+CAN-2005-3195 (Buffer overflow in xloadimage 4.1 and earlier, and xli, might allow ...)
+ TODO: check
+CAN-2005-3194 (Multiple buffer overflows in ALZip 6.12 (Korean), 6.1 (International), ...)
+ TODO: check
+CAN-2005-3193
+ NOTE: reserved
+CAN-2005-3192
+ NOTE: reserved
+CAN-2005-3191
+ NOTE: reserved
+CAN-2005-3190 (Buffer overflow in Computer Associates (CA) iGateway 3.0 and 4.0 ...)
+ TODO: check
+CAN-2005-3189
+ NOTE: reserved
+CAN-2005-3188
+ NOTE: reserved
+CAN-2005-3187
+ NOTE: reserved
+CAN-2005-3186
+ NOTE: reserved
+CAN-2005-3184
+ NOTE: reserved
+CAN-2005-3183 (The HTBoundary_put_block function in HTBound.c for W3C libwww ...)
+ TODO: check
+CAN-2005-3182
+ NOTE: reserved
CAN-2005-XXXX [unsafe temporary file creation in flexbackup default config]
- flexbackup <unfixed> (bug #334350; low)
CAN-2005-XXXX [xscreensaver does not maintain screen locks during upgrade]
@@ -10,14 +120,14 @@
- zope2.8 2.8.1-7
CAN-2005-XXXX [gallery2: Information disclosure through missing input sanitising]
- gallery 2.0.1-1 (medium)
-CAN-2005-3185 [Buffer overflow in curl's NTLM auth code]
+CAN-2005-3185 (Stack-based buffer overflow in the ntlm_output function in http-ntlm.c ...)
- wget 1.10.2-1 (medium)
- curl 7.15.0-1 (bug #333734; medium)
CAN-2005-3239 [Stack overflow in clamav's DOC processing]
- clamav <unfixed> (bug #333566)
CAN-2005-XXXX [Local file inclusion in phpmyadmin]
- phpmyadmin 4:2.6.4-pl2-1 (bug #333433; high)
-CAN-2005-3181 [kernel: Mem leak in audit_syscall interface]
+CAN-2005-3181 (Linux kernel before 2.6.13.4, when CONFIG_AUDITSYSCALL is enabled, ...)
- linux-2.6 2.6.12-11
NOTE: Might as well be 2.6.13-2, depending on the next upload
- kernel-source-2.4.27 2.4.27-12
@@ -25,24 +135,23 @@
CAN-2005-XXXX [Missing safemode checks in PHP's _php_image_output functions]
- php5 5.0.5-2
- php4 4:4.4.0-3
-CAN-2005-3180 [kernel: Information leakage in orinoco driver]
+CAN-2005-3180 (The Orinoco driver (orinoco.c) in Linux kernel 2.6.13 and earlier does ...)
- linux-2.6 2.6.12-11
NOTE: Might as well be 2.6.13-2, depending on the next upload
- kernel-source-2.4.27 2.4.27-12
NOTE: CVE requested
-CAN-2005-3119 [kernel: mem leak in request_key_auth]
- RESERVED
+CAN-2005-3119 (Memory leak in the request_key_auth_destroy function in ...)
- linux-2.6 2.6.13-2
- kernel-source-2.4.27 <not-affected>
NOTE: 2.6.12 itself not affected, fixed in SVN
-CAN-2005-3179 [kernel: Insecure sysfs perms expose DRM debug mode to unprivileged users]
+CAN-2005-3179 (drm.c in Linux kernel 2.6.10 to 2.6.13 creates a debug file in sysfs ...)
- linux-2.6 2.6.12-11
NOTE: Might as well be 2.6.13-2, depending on the next upload
- kernel-source-2.4.27 <not-affected>
NOTE: CVE requested
CAN-2005-XXXX [DoS vulnerability in msg id parsing of spampd]
- spampd <unfixed> (bug #332259; low)
-CAN-2005-3178 [Multiple buffer overflows in xloadimage]
+CAN-2005-3178 (Buffer overflow in xloadimage 4.1 and earlier, and xli, might allow ...)
{DSA-859-1 DSA-858-1}
- xloadimage 4.1-15 (bug #332524; medium)
- xli <unfixed> (medium)
@@ -175,13 +284,12 @@
RESERVED
- lynx <unfixed> (bug #334423; high)
- lynx-cur <unfixed> (bug #334423; high)
-CAN-2005-3118
- RESERVED
+CAN-2005-3118 (Mason before 1.0.0 does not install the init script after the user ...)
{DSA-845-1}
NOTE: reserved
- mason 1.0.0-3
CAN-2005-3117
- RESERVED
+ REJECTED
NOTE: reserved
CAN-2005-3116
RESERVED
@@ -210,7 +318,7 @@
- kernel-source-2.6.8 2.6.8-16sarge1
CAN-2005-3106 (Race condition in Linux 2.6, when threads are sharing memory mapping ...)
- kernel-source-2.6.8 2.6.8-16sarge1
-CAN-2005-3105 (The mrpotect code (mprotect.c) in Linux 2.6 on Itanium IA64 Montecito ...)
+CAN-2005-3105 (The mprotect code (mprotect.c) in Linux 2.6 on Itanium IA64 Montecito ...)
- kernel-source-2.6.8 2.6.8-16sarge1
- kernel-source-2.4.27 <unfixed> (bug #332569; medium)
CAN-2005-XXXX [horde3 maintainer scripts don't set sufficiently strict permissions on config files]
@@ -384,9 +492,10 @@
- interchange 5.2.1-1 (bug #329705; medium)
CAN-2005-3071 (Unspecified vulnerability in Unix File System (UFS) on Solaris 8 and ...)
NOT-FOR-US: Solaris
-CAN-2005-3070 (HylaFax 4.2.1 and earlier on Debian GNU/Linux does not create or ...)
+CAN-2005-3070 (HylaFax 4.2.1 and earlier does not create or verify ownership of the ...)
- hylafax 1:4.2.2+rc1 (bug #329384; low)
CAN-2005-3069 (xferfaxstats in HylaFax 4.2.1 and earlier allows local users to ...)
+ {DSA-865-1}
- hylafax 1:4.2.2+rc1 (bug #329384; low)
CAN-2005-3068 (Unspecified vulnerability in Eric Integrated Development Environment ...)
- eric 3.7.2-1 (bug #330608; unknown)
@@ -586,8 +695,7 @@
NOT-FOR-US: HP Tru64
CAN-2005-2991 (ncompress 4.2.4 and earlier allows local users to overwrite arbitrary ...)
- ncompress <unfixed> (bug #329052; unimportant)
-CAN-2005-2992 [Another arc tempfile issue]
- RESERVED
+CAN-2005-2992 (arc 5.21j and earlier allows local users to overwrite arbitrary files ...)
{DSA-843-1}
- arc 5.21m-1 (low)
CAN-2005-XXXX [freeradius buffer overflows and SQL injection]
@@ -644,17 +752,15 @@
- mozilla-firefox <not-affected> (Debian ships a non-vulnerable wrapper script)
- mozilla <not-affected> (Debian ships a non-vulnerable wrapper script)
- mozilla-thunderbird 1.0.6-4 (bug #329667; bug #329664; high)
-CAN-2005-2967 [Format string vulnerability in xine-libs CDDB code]
- RESERVED
+CAN-2005-2967 (Format string vulnerability in input_cdda.c in xine-lib 1-beta through ...)
+ {DSA-863-1}
- xine-lib <unfixed> (bug #332919; bug #333682; medium)
-CAN-2005-2965 [Insecure temp files in graphviz]
- RESERVED
+CAN-2005-2965 (graphviz before 2.2.1 allows local users to overwrite arbitrary files ...)
{DSA-857-1}
- graphviz 2.2.1-1sarge1 (low)
CAN-2005-2964 (Stack-based buffer overflow in AbiWord before 2.2.10 allows attackers ...)
- abiword 2.2.10-1 (bug #329839; medium)
-CAN-2005-2963 [Mod-Authshadow: Incorrect enforcement of AuthShadow when 'require group' is set]
- RESERVED
+CAN-2005-2963 (The mod_auth_shadow module 1.0 through 1.5 and 2.0 for Apache with ...)
{DSA-844-1}
- mod-auth-shadow 1.4-2 (bug #323789; medium)
CAN-2005-2962 (The post-installation script for ntlmaps before 0.9.9 sets ...)
@@ -698,11 +804,10 @@
NOTE: haven't been presented yet
CAN-2005-2944 (The perform_file_save function in GNOME Workstation Command Center ...)
NOT-FOR-US: GNOME Workstation Command Center
-CAN-2005-2943 [Buffer overflow in xmail]
- RESERVED
+CAN-2005-2943 (Stack-based buffer overflow in sendmail in XMail before 1.22 allows ...)
- xmail <unfixed> (bug #333863; medium)
CAN-2005-2942
- RESERVED
+ REJECTED
CAN-2005-2941
RESERVED
CAN-2005-2940
@@ -711,16 +816,15 @@
RESERVED
CAN-2005-2938
RESERVED
-CAN-2005-2937
- RESERVED
+CAN-2005-2937 (Heap-based buffer overflow in Kaspersky Anti-Virus Engine, as used in ...)
+ TODO: check
CAN-2005-2936
RESERVED
CAN-2005-2935 (AntiSpywareMain.exe in Microsoft AntiSpyware does not quote the C ...)
NOT-FOR-US: Microsoft AntiSpyware
CAN-2005-2934
RESERVED
-CAN-2005-2933 [uwimapd: post-authentication buffer overflow]
- RESERVED
+CAN-2005-2933 (Buffer overflow in the mail_valid_net_parse_work function in mail.c ...)
{DSA-861-1}
- uw-imap 7:2002edebian1-12 (medium; bug #332215)
CAN-2005-2932
@@ -737,8 +841,8 @@
RESERVED
CAN-2005-2926
RESERVED
-CAN-2005-2925
- RESERVED
+CAN-2005-2925 (runpriv in SGI IRIX allows local users to bypass intended restrictions ...)
+ TODO: check
CAN-2005-2924
RESERVED
CAN-2005-2923
@@ -877,7 +981,7 @@
REJECTED
NOTE: rejected, initially ipt_recent related
CAN-2005-2878 (Format string vulnerability in search.c in the imap4d server in GNU ...)
- {DSA-841-1}
+ {DSA-841-1 DTSA-20-1}
- mailutils 1:0.6.90-2.1etch1 (bug #327424; high)
CAN-2005-2870 (Unknown vulnerability in the net-svc script on Solaris 10 allows ...)
NOT-FOR-US: Solaris
@@ -1191,8 +1295,8 @@
CAN-2005-2717 (PHP remote file inclusion vulnerability in WebCalendar before 1.0.1 ...)
{DSA-799-1}
- webcalendar 0.9.45-7 (bug #326223; medium)
-CAN-2005-2715
- RESERVED
+CAN-2005-2715 (Format string vulnerability in the Java user interface service ...)
+ TODO: check
CAN-2005-2714
RESERVED
CAN-2005-2713
@@ -1356,8 +1460,7 @@
CAN-2005-2662 (masqmail before 0.2.18 allows remote attackers to execute arbitrary ...)
{DSA-848-1}
- masqmail 0.2.20-1sarge1 (high; bug #329307)
-CAN-2005-2661 [format string vulnerability in up-imapproxy]
- RESERVED
+CAN-2005-2661 (Format string vulnerability in the ParseBannerAndCapability function ...)
{DSA-852-1}
- up-imapproxy 1.2.4-2 (high)
CAN-2005-2660 (apachetop 0.12.5 and earlier, when running in debug mode, allows local ...)
@@ -1621,7 +1724,8 @@
- phpgroupware 0.9.14.002
CAN-2004-2405 (Buffer overflow in multiple F-Secure Anti-Virus products, including ...)
NOT-FOR-US: F-Secure Anti-Virus
-CAN-2004-2404 (blog.cgi in Leif Wright Web Blog 1.1.5 allows remote attackers to ...)
+CAN-2004-2404
+ REJECTED
NOT-FOR-US: Leif Wright Web Blog
CAN-2004-2403 (Cross-site request forgery (CSRF) vulnerability in YaBB 1 GOLD SP ...)
NOT-FOR-US: YaBB
@@ -1645,7 +1749,7 @@
NOTE: shadow is a different code base, and does not have this problem
CAN-2004-2393 (Java Secure Socket Extension (JSSE) 1.0.3 through 1.0.3_2 does not ...)
NOT-FOR-US: Sun JSSE
-CAN-2004-2392 (libuser 0.51.7, as used in Mandrake Linux 9.1 through 10.0 and ...)
+CAN-2004-2392 (libuser 0.51.7 allows attackers to cause a denial of service (crash or ...)
NOT-FOR-US: libuser
CAN-2004-2391 (Jabber Gadu-Gadu Transport (a.k.a. jabber-gg-transport) 2.0.x before ...)
NOT-FOR-US: jabber-gg-transport
@@ -2123,7 +2227,7 @@
- php4 4:4.3.10-16 (bug #323366; high)
TODO: check php5
CAN-2005-2497
- RESERVED
+ REJECTED
CAN-2005-2496 (The xntpd ntp (ntpd) daemon before 4.2.0b, when run with the -u option ...)
{DSA-801-1}
NOTE: I suspect DSA-801 is fixed by the non-root patches from Ubuntu??
@@ -2664,9 +2768,8 @@
RESERVED
CAN-2005-2338
RESERVED
-CAN-2005-2337 [Incorrect handling of "safe levels" in Ruby]
- RESERVED
- {DSA-862-1 DSA-860-1}
+CAN-2005-2337 (Ruby 1.6.x up to 1.6.8, 1.8.x up to 1.8.2, and 1.9.0 development up to ...)
+ {DSA-864-1 DSA-862-1 DSA-860-1}
- ruby1.6 1.6.8-13 (medium)
- ruby1.8 1.8.3-1 (medium)
- ruby1.9 1.9.0+20050921-1 (medium)
@@ -3787,9 +3890,9 @@
RESERVED
CAN-2005-2129
RESERVED
-CAN-2005-2128
- RESERVED
-CAN-2005-2127 (The Microsoft DDS Library Shape Control (Msdds.dll) COM object allows ...)
+CAN-2005-2128 (QUARTZ.DLL in Microsoft Windows Media Player 9 allows remote attackers ...)
+ TODO: check
+CAN-2005-2127 (Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers ...)
NOT-FOR-US: Windows
CAN-2005-2126
RESERVED
@@ -3803,10 +3906,10 @@
RESERVED
CAN-2005-2121
RESERVED
-CAN-2005-2120
- RESERVED
-CAN-2005-2119
- RESERVED
+CAN-2005-2120 (Stack-based buffer overflow in the Plug and Play (PnP) service ...)
+ TODO: check
+CAN-2005-2119 (The MIDL_user_allocate function in the Microsoft Distributed ...)
+ TODO: check
CAN-2005-2118
RESERVED
CAN-2005-2117
@@ -3841,8 +3944,8 @@
- drupal 4.5.4-1 (bug #316362)
CAN-2005-2105 (Cisco IOS 12.2T through 12.4 allows remote attackers to bypass ...)
NOT-FOR-US: IOS
-CAN-2005-2104
- RESERVED
+CAN-2005-2104 (sysreport before 1.3.7 allows local users to obtain sensitive ...)
+ TODO: check
CAN-2005-2103 (Buffer overflow in the AIM and ICQ module in Gaim before 1.5.0 allows ...)
{DTSA-5-1}
- gaim 1:1.4.0-5 (high; bug #323706)
@@ -4588,12 +4691,12 @@
NOT-FOR-US: MSIE
CAN-2005-1988 (Unknown vulnerability in Internet Explorer 5.0, 5.5, and 6.0 allows ...)
NOT-FOR-US: MSIE
-CAN-2005-1987
- RESERVED
+CAN-2005-1987 (Collaboration Data Objects (CDO), as used in Microsoft Windows and ...)
+ TODO: check
CAN-2005-1986
RESERVED
-CAN-2005-1985
- RESERVED
+CAN-2005-1985 (The Client Service for NetWare (CSNW) on Microsoft Windows 2000 SP4, ...)
+ TODO: check
CAN-2005-1984 (Buffer overflow in the Print Spooler service (Spoolsv.exe) for ...)
NOT-FOR-US: Spoolsv.exe
CAN-2005-1983 (Stack-based buffer overflow in the Plug and Play (PnP) service for ...)
@@ -4602,12 +4705,12 @@
NOT-FOR-US: Microsoft
CAN-2005-1981 (Unknown vulnerability in Microsoft Windows 2000 Server and Windows ...)
NOT-FOR-US: Microsoft
-CAN-2005-1980
- RESERVED
-CAN-2005-1979
- RESERVED
-CAN-2005-1978
- RESERVED
+CAN-2005-1980 (Distributed Transaction Controller in Microsoft Windows allows remote ...)
+ TODO: check
+CAN-2005-1979 (Distributed Transaction Controller in Microsoft Windows allows remote ...)
+ TODO: check
+CAN-2005-1978 (COM+ in Microsoft Windows does not properly "create and use memory ...)
+ TODO: check
CAN-2005-1977
RESERVED
CAN-2005-1976
@@ -5386,8 +5489,7 @@
- linux-2.6 2.6.12-1 (medium)
NOTE: Fixed in the 2.6.11 stable series and merged into 2.6.12
NOTE: 2.6 only, not in 2.4
-CAN-2005-1764 [Unspecified DoS vulnerability on amd64]
- RESERVED
+CAN-2005-1764 (Linux 2.6.11 on 64-bit x86 (x86_64) platforms does not use a guard ...)
NOTE: horms says not vulnerable in 2.4.27 or 2.6.8 as far as he can tell
CAN-2005-1763 (Buffer overflow in ptrace in the Linux Kernel for 64-bit architectures ...)
- kernel-source-2.6.8 2.6.8-17
@@ -10478,7 +10580,7 @@
NOTE: see cyrus-sasl-2.1.18-cvs-1.172.patch in there
NOTE: cyrus-sasl2 already has patch applied
NOTE: cyrus-sasl code seems too old for any of the problems to apply
-CAN-2005-0372 (Directory traversal vulnerability in gftp 2.0.18 and earlier for GTK+ ...)
+CAN-2005-0372 (Directory traversal vulnerability in gftp before 2.0.18 for GTK+ ...)
{DSA-686-1}
- gftp 2.0.18-1
NOTE: CVE entry claims that 2.0.18 is vulnerable, but this is wrong.
@@ -11382,7 +11484,7 @@
- maxdb-7.5.00 7.5.00.18
CAN-2005-0110 (Internet Explorer 6 on Windows XP SP2 allows remote attackers to ...)
NOT-FOR-US: MSIE
-CAN-2005-0109 (Hyper-Threading technology, as used in FreeBSD other operating systems ...)
+CAN-2005-0109 (Hyper-Threading technology, as used in FreeBSD and other operating ...)
NOTE: According to Linus Torvalds and others on linux-kernel this is a theoretical
NOTE: attack, paranoid people should disable hyper threading
- kfreebsd5-source 5.3-11
More information about the Secure-testing-commits
mailing list