[Secure-testing-commits] r2439 - data/CAN

Joey Hess joeyh at costa.debian.org
Tue Oct 18 09:14:21 UTC 2005 

Author: joeyh
Date: 2005-10-18 09:14:17 +0000 (Tue, 18 Oct 2005)
New Revision: 2439

Modified:
   data/CAN/list
Log:
automatic update

Modified: data/CAN/list
===================================================================
--- data/CAN/list	2005-10-18 08:10:15 UTC (rev 2438)
+++ data/CAN/list	2005-10-18 09:14:17 UTC (rev 2439)
@@ -1,3 +1,29 @@
+CAN-2005-3251 (Directory traversal vulnerability in the gallery script in Gallery 2.0 ...)
+	TODO: check
+CAN-2005-3250 (Unknown vulnerability in Solaris 10 allows local users to cause a ...)
+	TODO: check
+CAN-2005-3249
+	RESERVED
+CAN-2005-3248
+	RESERVED
+CAN-2005-3247
+	RESERVED
+CAN-2005-3246
+	RESERVED
+CAN-2005-3245
+	RESERVED
+CAN-2005-3244
+	RESERVED
+CAN-2005-3243
+	RESERVED
+CAN-2005-3242
+	RESERVED
+CAN-2005-3241
+	RESERVED
+CAN-2005-3240
+	RESERVED
+CAN-2005-3238 (Multiple unspecified vulnerabilities in Solaris 10 SCTP Socket Option ...)
+	TODO: check
 CAN-2005-XXXX [local root via loadkeys]
 	- linux-2.6 <unfixed> (bug #334113; medium)
 	- kernel-source-2.4.27 <unfixed> (medium)
@@ -86,7 +112,8 @@
 	NOT-FOR-US: Webroot Desktop Firewall
 CAN-2005-3196 (Planet Technology Corp FGSW2402RS switch with firmware 1.2 has a ...)
 	NOT-FOR-US: Planet Technology switch
-CAN-2005-3195 (Buffer overflow in xloadimage 4.1 and earlier, and xli, might allow ...)
+CAN-2005-3195
+	REJECTED
 	NOTE: This is a duplicate from CAN-2005-3178, will be rejected
 CAN-2005-3194 (Multiple buffer overflows in ALZip 6.12 (Korean), 6.1 (International), ...)
 	NOT-FOR-US: ALZip
@@ -127,7 +154,7 @@
 CAN-2005-3185 (Stack-based buffer overflow in the ntlm_output function in http-ntlm.c ...)
 	- wget 1.10.2-1 (medium)
 	- curl 7.15.0-1 (bug #333734; medium)
-CAN-2005-3239 [Stack overflow in clamav's DOC processing]
+CAN-2005-3239 (The OLE2 unpacker in clamd in ClamAV 0.87-1 allows remote attackers to ...)
 	- clamav <unfixed> (bug #333566)
 CAN-2005-XXXX [Local file inclusion in phpmyadmin]
 	- phpmyadmin 4:2.6.4-pl2-1 (bug #333433; high)
@@ -278,8 +305,7 @@
 	RESERVED
 CAN-2005-3121
 	RESERVED
-CAN-2005-3120 [lynx: buffer overflow in nntp:// handling]
-	RESERVED
+CAN-2005-3120 (Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and ...)
 	- lynx <unfixed> (bug #334423; high)
 	- lynx-cur 2.8.6-16 (bug #334423; high)
 CAN-2005-3118 (Mason before 1.0.0 does not install the init script after the user ...)
@@ -3971,7 +3997,7 @@
 	NOTE: only affects cupsys source package, not used in binary
 	- cupsys <unfixed> (bug #324464; unimportant)
 	- poppler 0.4.0-1 (low)
-CAN-2005-2096 (Buffer overflow in zlib 1.2 and later versions allows remote attackers ...)
+CAN-2005-2096 (zlib 1.2 and later versions allows remote attackers to cause a denial ...)
 	{DSA-797-2 DSA-797-1 DSA-740-1}
 	NOTE: Several packages ship embedded copies of zlib, there are a lot probably more
 	NOTE: Florian Weimer is doing a comprehensive audit using clamav
@@ -7606,7 +7632,7 @@
 	NOTE: CVE id requested from mitre
 CAN-2005-1245 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.2, ...)
 	- mediawiki 1.4.9 (bug #276057)
-CAN-2005-1244 (Directory traversal vulnerability in the third party tool from NetIQ, ...)
+CAN-2005-1244 (** DISPUTED ** ...)
 	NOT-FOR-US: AS/400 FTP server addon
 CAN-2005-1243 (Directory traversal vulnerability in the third party tool from ...)
 	NOT-FOR-US: AS/400 FTP server addon

More information about the Secure-testing-commits mailing list