[Secure-testing-commits] r2455 - data/CAN
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Wed Oct 19 20:09:12 UTC 2005
Author: jmm-guest
Date: 2005-10-19 20:09:09 +0000 (Wed, 19 Oct 2005)
New Revision: 2455
Modified:
data/CAN/list
Log:
more corrections towards new data format
Modified: data/CAN/list
===================================================================
--- data/CAN/list 2005-10-19 15:34:46 UTC (rev 2454)
+++ data/CAN/list 2005-10-19 20:09:09 UTC (rev 2455)
@@ -4349,83 +4349,83 @@
CAN-2002-1894 (Cross-site scripting (XSS) vulnerability in viewtopic.php in phpBB ...)
- phpbb2 <not-affected> (Debian package not vulnerable, see #316071, 316295)
CAN-2002-1893 (Cross-site scripting (XSS) vulnerability in ArGoSoft Mail Server Pro ...)
- NOTE: not-for-us
+ NOT-FOR-US: ArGoSoft Mail Server
CAN-2002-1892 (NETGEAR FVS318 running firmware 1.1 stores the username and password ...)
- NOTE: not-for-us
+ NOT-FOR-US: Netgear hardware
CAN-2002-1891 (Buffer overflow in IRCIT 0.3.1 IRC client allows remote attackers to ...)
- NOTE: not-for-us
+ NOT-FOR-US: IRCIT
CAN-2002-1890 (rhmask 1.0-9 in Red Hat Linux 7.1 allows local users to overwrite ...)
NOT-FOR-US: RedHat specific
CAN-2002-1889 (Off-by-one buffer overflow in the context_action function in context.c ...)
- NOTE: not-for-us
+ NOT-FOR-US: Logsurfer
CAN-2002-1888 (CommonName Toolbar 3.5.2.0 sends unqualified domain name requests to ...)
- NOTE: not-for-us
+ NOT-FOR-US: CommonName Toolbar
CAN-2002-1887 (PHP remote code injection vulnerability in customize.php for ...)
- NOTE: not-for-us
+ NOT-FOR-US: phpMyNewsletter
CAN-2002-1886 (TightAuction 3.0 stores config.inc under the web document root with ...)
- NOTE: not-for-us
+ NOT-FOR-US: TightAuction
CAN-2002-1885 (PHP remote code injection vulnerability in showhits.php3 for ...)
- NOTE: not-for-us
+ NOT-FOR-US: PPhlogger
CAN-2002-1884 (index.php in Py-Membres 3.1 allows remote attackers to log in as an ...)
- NOTE: not-for-us
+ NOT-FOR-US: Py-Membres
CAN-2002-1883 (Trolltech Qt Assistant 1.0 in Trolltech Qt 3.0.3, when loaded from the ...)
- qt-x11-free 2:3.0.4-1
CAN-2002-1882 (Unknown vulnerability in AolSecurityPrivate.class in Oracle E-Business ...)
- NOTE: not-for-us
+ NOT-FOR-US: Oracle
CAN-2002-1881 (Macromedia Flash Player 4.0 r12 through 6.0.47.0 allows remote ...)
- flashplugin-nonfree 6.0.61.0-1
CAN-2002-1880 (LokwaBB 1.2.2 allows remote attackers to read arbitrary messages by ...)
- NOTE: not-for-us
+ NOT-FOR-US: LokwaBB
CAN-2002-1879 (SQL injection vulnerability in LokwaBB 1.2.2 allows remote attackers ...)
- NOTE: not-for-us
+ NOT-FOR-US: LokwaBB
CAN-2002-1878 (PHP remote code injection vulnerability in w-Agora 4.1.3 allows remote ...)
- NOTE: not-for-us
+ NOT-FOR-US: w-Agora
CAN-2002-1877 (NETGEAR FM114P allows remote attackers to bypass access restrictions ...)
- NOTE: not-for-us
+ NOT-FOR-US: Netgear hardware
CAN-2002-1876 (Microsoft Exchange 2000 allows remote authenticated attackers to cause ...)
- NOTE: not-for-us
+ NOT-FOR-US: Microsoft
CAN-2002-1875 (Entercept Agent 2.5 agent for Windows, released before May 21, 2002, ...)
- NOTE: not-for-us
+ NOT-FOR-US: Entercept Agent
CAN-2002-1874 (astrocam.cgi in AstroCam 1.7.1 through 2.1.2 allows remote attackers ...)
- NOTE: not-for-us
+ NOT-FOR-US: Astrocam
CAN-2002-1873 (Microsoft Exchange 2000, when used with Microsoft Remote Procedure ...)
- NOTE: not-for-us
+ NOT-FOR-US: Microsoft
CAN-2002-1872 (Microsoft SQL Server 6.0 through 2000, with SQL Authentication ...)
- NOTE: not-for-us
+ NOT-FOR-US: Microsoft
CAN-2002-1871 (pkgadd in Sun Solaris 2.5.1 through 8 installs files setuid/setgid ...)
- NOTE: not-for-us
+ NOT-FOR-US: Solaris
CAN-2002-1870 (Simple Web Server (SWS) 0.0.4 through 0.1.0 does not properly handle ...)
- NOTE: not-for-us
+ NOT-FOR-US: Simple Web Server
CAN-2002-1869 (Heysoft EventSave 5.1 and 5.2 and Heysoft EventSave+ 5.1 and 5.2 does ...)
- NOTE: not-for-us
+ NOT-FOR-US: Heysoft EventSave
CAN-2002-1868 (Dispair 0.1 and 0.2 allows remote attackers to execute arbitrary shell ...)
- NOTE: not-for-us
+ NOT-FOR-US: Dispair
CAN-2002-1867 (The default configuration of BizDesign ImageFolio 2.23 through 2.26 ...)
- NOTE: not-for-us
+ NOT-FOR-US: ImageFolio
CAN-2002-1866 (Simple Web Server (SWS) 0.0.4 through 0.1.0 does not close file ...)
- NOTE: not-for-us
+ NOT-FOR-US: Simple Web Server
CAN-2002-1865 (Buffer overflow in the Embedded HTTP server, as used in (1) D-Link ...)
- NOTE: not-for-us
+ NOT-FOR-US: Embedded HTTP server
CAN-2002-1864 (Directory traversal vulnerability in Simple Web Server (SWS) 0.0.4 ...)
- NOTE: not-for-us
+ NOT-FOR-US: Simple Web Server
CAN-2002-1863 (Iomega Network Attached Storage (NAS) A300U, and possibly other ...)
- NOTE: not-for-us
+ NOT-FOR-US: Iomega NAS
CAN-2002-1862 (SmartMail Server 2.0 allows remote attackers to cause a denial of ...)
- NOTE: not-for-us
+ NOT-FOR-US: SmartMail Server
CAN-2002-1861 (Sybase Enterprise Application Server 4.0, when running on Windows, ...)
- NOTE: not-for-us
+ NOT-FOR-US: Sybase ASE
CAN-2002-1860 (Pramati Server 3.0, when running on Windows, allows remote attackers ...)
- NOTE: not-for-us
+ NOT-FOR-US: Pramati
CAN-2002-1859 (Orion Application Server 1.5.3, when running on Windows, allows remote ...)
- NOTE: not-for-us
+ NOT-FOR-US: Orion
CAN-2002-1858 (Oracle Oracle9i Application Server 1.0.2.2 and 9.0.2 through ...)
- NOTE: not-for-us
+ NOT-FOR-US: Oracle
CAN-2002-1857 (jo! jo Webserver 1.0, when running on Windows, allows remote attackers ...)
- NOTE: not-for-us
+ NOT-FOR-US: jo! jo Webserver
CAN-2002-1856 (HP Application Server 8.0, when running on Windows, allows remote ...)
- NOTE: not-for-us
+ NOT-FOR-US: HP Application Server
CAN-2002-1855 (Macromedia JRun 3.0 through 4.0, when running on Windows, allows ...)
- NOTE: not-for-us
+ NOT-FOR-US: Macromedia JRun
CAN-2002-1854 (Rlaj whois CGI script (whois.cgi) 1.0 allows remote attackers to ...)
NOTE: not-for-us
CAN-2002-1853 (Cross-site scripting (XSS) vulnerability in MyNewsGroups 0.4 and 0.4.1 ...)
@@ -4481,11 +4481,11 @@
CAN-2002-1828 (Savant Webserver 3.1 allows remote attackers to cause a denial of ...)
NOTE: not-for-us
CAN-2002-1827 (Sendmail 8.9.0 through 8.12.3 allows local users to cause a denial of ...)
- NOT-FOR-US: Sendmail not in Debian before 8.13
+ - sendmail 8.12-4
CAN-2002-1826 (grsecurity 1.9.4 for Linux kernel 2.4.18 allows local users to bypass ...)
NOTE: kernel 2.4.18
CAN-2002-1825 (Format string vulnerability in PerlRTE_example1.pl in WASD 7.1, 7.2.0 ...)
- NOT-FOR-US: WAD
+ NOT-FOR-US: WASD
CAN-2002-1824 (Microsoft Internet Explorer 6.0, when handling an expired CA-CERT in a ...)
NOT-FOR-US: MSIE
CAN-2002-1823 (Buffer overflow in the HttpGetRequest function in Zeroo HTTP server ...)
More information about the Secure-testing-commits
mailing list