[Secure-testing-commits] r2453 - data/CAN

Moritz Muehlenhoff jmm-guest at costa.debian.org
Wed Oct 19 15:29:35 UTC 2005 

Author: jmm-guest
Date: 2005-10-19 15:29:31 +0000 (Wed, 19 Oct 2005)
New Revision: 2453

Modified:
   data/CAN/list
Log:
more convertions to new syntax, one potential minor pine privacy issue


Modified: data/CAN/list
===================================================================
--- data/CAN/list	2005-10-19 15:11:26 UTC (rev 2452)
+++ data/CAN/list	2005-10-19 15:29:31 UTC (rev 2453)
@@ -4268,83 +4268,85 @@
 CAN-2002-1934 (Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 2.0.1 ...)
 	NOT-FOR-US: Pingtel Xpressa
 CAN-2002-1933 (The terminal services screensaver for Microsoft Windows 2000 does not ...)
-	NOTE: not-for-us
+	NOT-FOR-US: Microsoft
 CAN-2002-1932 (Microsoft Windows XP and Windows 2000, when configured to send ...)
-	NOTE: not-for-us
+	NOT-FOR-US: Microsoft
 CAN-2002-1931 (Cross-site scripting (XSS) vulnerability in PHP Arena paFileDB 1.1.3 ...)
-	NOTE: not-for-us
+	NOT-FOR-US: PHP Arena
 CAN-2002-1930 (Buffer overflow in AN HTTPd 1.38 through 1.4.1c allows remote ...)
-	NOTE: not-for-us
+	NOT-FOR-US: AN HTTPd
 CAN-2002-1929 (Cross-site scripting (XSS) vulnerability in pafiledb.php in PHP Arena ...)
-	NOTE: not-for-us
+	NOT-FOR-US: PHP Arena
 CAN-2002-1928 (602Pro LAN SUITE 2002 allows remote attackers to view the directory ...)
-	NOTE: not-for-us
+	NOT-FOR-US: 602Pro LAN SUITE
 CAN-2002-1927 (Aquonics File Manager 1.5 allows users with edit privileges to modify ...)
-	NOTE: not-for-us
+	NOT-FOR-US: Aquonics File Manager
 CAN-2002-1926 (Directory traversal vulnerability in source.php in Aquonics File ...)
-	NOTE: not-for-us
+	NOT-FOR-US: Aquonics File Manager
 CAN-2002-1925 (Tiny Personal Firewall 3.0 through 3.0.6 allows remote attackers to ...)
-	NOTE: not-for-us
+	NOT-FOR-US: Tiny Personal Firewall
 CAN-2002-1924 (PowerChute plus 5.0.2 creates a "Pwrchute" directory during ...)
-	NOTE: not-for-us
+	NOT-FOR-US: Powerchute
 CAN-2002-1923 (The default configuration in MySQL 3.20.32 through 3.23.52, when ...)
-	NOT-FOR-US: Windows specific
+	- mysql <not-affected> (Windows specific)
 CAN-2002-1922 (Cross-site scripting (XSS) vulnerability in global.php in Jelsoft ...)
-	NOTE: not-for-us
+	NOT-FOR-US: vBulletin
 CAN-2002-1921 (The default configuration of MySQL 3.20.32 through 3.23.52, when ...)
-	NOT-FOR-US: Windows specific
+	- mysql <not-affected> (Windows specific)
 CAN-2002-1920 (Buffer overflow in FtpXQ 2.5 allows remote attackers to cause a denial ...)
-	NOTE: not-for-us
+	NOT-FOR-US: FtpXQ
 CAN-2002-1919 (SQL injection vulnerability in shopadmin.asp in VP-ASP 4.0 allows ...)
-	NOTE: not-for-us
+	NOT-FOR-US: VS-ASP
 CAN-2002-1918 (Buffer overflow in Microsoft Active Data Objects (ADO) in Microsoft ...)
-	NOTE: not-for-us
+	NOT-FOR-US: Microsoft ADO
 CAN-2002-1917 (CRLF injection vulnerability in the &quot;User Profile: Send Email&quot; feature ...)
-	NOTE: not-for-us
+	NOT-FOR-US: Geeklog
 CAN-2002-1916 (Pirch and RusPirch, when auto-log is enabled, allows remote attackers ...)
-	NOTE: not-for-us
+	NOT-FOR-US: Pirch
 CAN-2002-1915 (tip on multiple BSD-based operating systems allows local users to ...)
-	NOTE: not-for-us
+	NOT-FOR-US: tip
 CAN-2002-1914 (dump 0.4 b10 through b29 allows local users to cause a denial of ...)
 	- dump 0.4b31-1
 CAN-2002-1913 (phptonuke.php in myPHPNuke 1.8.8 allows remote attackers to read ...)
-	NOTE: not-for-us
+	NOT-FOR-US: myPHPNuke
 CAN-2002-1912 (SkyStream EMR5000 1.16 through 1.18 does not drop packets or disable ...)
-	NOTE: not-for-us
+	NOT-FOR-US: SkyStream
 CAN-2002-1911 (ZoneAlarm Pro 3.0 and 3.1, when configured to block all traffic, ...)
-	NOTE: not-for-us
+	NOT-FOR-US: ZoneAlarm
 CAN-2002-1910 (Click2Learn Ingenium Learning Management System 5.1 and 6.1 uses weak ...)
-	NOTE: not-for-us
+	NOT-FOR-US: Ingenium Learning Management System
 CAN-2002-1909 (Click2Learn Ingenium Learning Management System 5.1 and 6.1 stores the ...)
-	NOTE: not-for-us
+	NOT-FOR-US: Ingenium Learning Management System
 CAN-2002-1908 (Microsoft IIS 5.0 and 5.1 allows remote attackers to cause a denial of ...)
-	NOTE: not-for-us
+	NOT-FOR-US:
 CAN-2002-1907 (TelCondex SimpleWebServer 2.06.20817 allows remote attackers to cause ...)
-	NOTE: not-for-us
+	NOT-FOR-US: TelCondex
 CAN-2002-1906 (The web server for Polycom ViaVideo 2.2 and 3.0 allows remote ...)
-	NOTE: not-for-us
+	NOT-FOR-US: ViaVideo
 CAN-2002-1905 (Buffer overflow in the web server of Polycom ViaVideo 2.2 and 3.0 ...)
-	NOTE: not-for-us
+	NOT-FOR-US: ViaVideo
 CAN-2002-1904 (Buffer overflow in the Log function in util.c in GazTek ghttpd 1.4 ...)
-	NOTE: not-for-us
+	NOT-FOR-US: ghttpd
 CAN-2002-1903 (Pine 4.2.1 through 4.4.4 puts Unix usernames and/or uid into Sender: ...)
-	NOTE: not-for-us
+	- pine <unfixed> (low)
+	TODO: Check, whether this still applies to current version, <unfixed> for now
+	NOTE: non-free
 CAN-2002-1902 (CGIForum 1.0 through 1.05 allows remote attackers to cause a denial of ...)
-	NOTE: not-for-us
+	NOT-FOR-US: CGIForum
 CAN-2002-1901 (Cross-site scripting (XSS) vulnerability in Bodo Bauer BBGallery 1.0 ...)
-	NOTE: not-for-us
+	NOT-FOR-US: BBGallery
 CAN-2002-1900 (Cross-site scripting (XSS) vulnerability in Pinboard 1.0 allows remote ...)
-	NOTE: not-for-us
+	NOT-FOR-US: Pinboard
 CAN-2002-1899 (Cross-site scripting (XSS) vulnerability in IceWarp Web Mail 3.3.3 and ...)
-	NOTE: not-for-us
+	NOT-FOR-US: IceWarp Web Mail
 CAN-2002-1898 (Terminal 1.3 in Apple Mac OS X 10.2 allows remote attackers to execute ...)
-	NOTE: not-for-us
+	NOT-FOR-US: Mac OS X
 CAN-2002-1897 (MyWebServer 1.0.2 allows remote attackers to cause a denial of service ...)
-	NOTE: not-for-us
+	NOT-FOR-US: MyWebserver
 CAN-2002-1896 (Buffer overflow in Alsaplayer 0.99.71, when installed setuid root, ...)
 	- alsaplayer 0.99.72-1
 CAN-2002-1895 (The servlet engine in Jakarta Apache Tomcat 3.3 and 4.0.4, when using ...)
-	NOT-FOR-US: Windows specific
+	- tomcat4 <not-affected> (Windows-specific Tomcat problems)
 CAN-2002-1894 (Cross-site scripting (XSS) vulnerability in viewtopic.php in phpBB ...)
 	- phpbb2 <not-affected> (Debian package not vulnerable, see #316071, 316295)
 CAN-2002-1893 (Cross-site scripting (XSS) vulnerability in ArGoSoft Mail Server Pro ...)

More information about the Secure-testing-commits mailing list