[Secure-testing-commits] r2190 - data/CAN

Joey Hess joeyh at costa.debian.org
Tue Sep 27 09:14:24 UTC 2005 

Author: joeyh
Date: 2005-09-27 09:14:18 +0000 (Tue, 27 Sep 2005)
New Revision: 2190

Modified:
   data/CAN/list
Log:
automatic CAN database update

Modified: data/CAN/list
===================================================================
--- data/CAN/list	2005-09-27 07:10:35 UTC (rev 2189)
+++ data/CAN/list	2005-09-27 09:14:18 UTC (rev 2190)
@@ -1,3 +1,37 @@
+CAN-2005-3060
+	NOTE: reserved
+CAN-2005-3059 (Multiple unspecified vulnerabilities in Opera 8.50 on Linux and ...)
+	TODO: check
+CAN-2005-3058
+	NOTE: reserved
+CAN-2005-3057
+	NOTE: reserved
+CAN-2005-3056
+	NOTE: reserved
+CAN-2005-3055 (Linux kernel 2.6.8 to 2.6.14-rc2 allows local users to cause a denial ...)
+	TODO: check
+CAN-2005-3054 (fopen_wrappers.c in PHP 4.4.0, and possibly other versions, does not ...)
+	TODO: check
+CAN-2005-3053 (The sys_set_mempolicy function in mempolicy.c in Linux kernel 2.6.x ...)
+	TODO: check
+CAN-2005-3052 (SQL injection vulnerability in module/down.inc.php in jportal 2.3.1 ...)
+	TODO: check
+CAN-2005-3051 (Stack-based buffer overflow in 7-Zip 3.13, 4.23, and 4.26 BETA allows ...)
+	TODO: check
+CAN-2005-3050 (PhpMyFaq 1.5.1 allows remote attackers to obtain sensitive information ...)
+	TODO: check
+CAN-2005-3049 (PhpMyFaq 1.5.1 stores data files under the web document root with ...)
+	TODO: check
+CAN-2005-3048 (Directory traversal vulnerability in index.php in PhpMyFaq 1.5.1 ...)
+	TODO: check
+CAN-2005-3047 (Multiple cross-site scripting (XSS) vulnerabilities in PhpMyFaq 1.5.1 ...)
+	TODO: check
+CAN-2005-3046 (SQL injection vulnerability in password.php in PhpMyFaq 1.5.1 allows ...)
+	TODO: check
+CAN-2005-3045 (SQL injection vulnerability in search.php in My Little Forum 1.5 and ...)
+	TODO: check
+CAN-2003-1232 (Emacs 21.2.1 does not prompt or warn the user before executing Lisp ...)
+	TODO: check
 CAN-2005-XXXX [egroupware unsafe use of /tmp for storing a log file]
 	- egroupware 1.0.0.009.dfsg-3-1 (bug #329597; low)
 CAN-2005-XXXX [SQL injection vulnerability in egroupware in account deletion]
@@ -346,7 +380,8 @@
 	NOT-FOR-US: MAXDev MD-Pro
 CAN-2005-2884 (Cross-site scripting (XSS) vulnerability in events.php in Land Down ...)
 	NOT-FOR-US: Land Down Under
-CAN-2005-2883 (Cross-site scripting (XSS) vulnerability in Unclassified NewsBoard ...)
+CAN-2005-2883
+	REJECTED
 	NOT-FOR-US: Unclassified News Board
 CAN-2005-2882 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
 	NOT-FOR-US: phpCommunityCalendar
@@ -379,7 +414,7 @@
 	- clamav 0.87-1 (bug #328660; medium)
 CAN-2005-2918 (The open_cmd_tube function in mount.c for gtkdiskfree 1.9.3 and ...)
 	- gtkdiskfree (bug #328566; low)
-CAN-2005-3044 [Two local kernel DoS through incorrect ioctl refcounter handling]
+CAN-2005-3044 (Multiple vulnerabilities in Linux kernel before 2.6.13.2 allow local ...)
 	TODO: Pinged Horms for 2.4
 	- linux-2.6 2.6.12-7 (medium)
 CAN-2005-2877 (The history (revision control) function in TWiki 02-Sep-2004 and ...)
@@ -733,32 +768,25 @@
 	RESERVED
 CAN-2005-2708
 	RESERVED
-CAN-2005-2707 [Firefox: Spoofing through clever construction of windows/tabs]
-	RESERVED
+CAN-2005-2707 (Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote ...)
 	- mozilla-firefox 1.0.7-1 (bug filed; medium)
 	- mozilla <unfixed> (bug filed; medium)
-CAN-2005-2706 [Firefox: Javascript execution with chrome privileges through about: subcommand]
-	RESERVED
+CAN-2005-2706 (Firefox before 1.0.7 and Mozilla before Suite 1.7.12 allows remote ...)
 	- mozilla-firefox 1.0.7-1 (bug filed; high)
 	- mozilla <unfixed> (bug filed; high)
-CAN-2005-2705 [Firefox: Integer overflow in Javascript engine]
-	RESERVED
+CAN-2005-2705 (Integer overflow in the JavaScript engine in Firefox before 1.0.7 and ...)
 	- mozilla-firefox 1.0.7-1 (bug filed; high)
 	- mozilla <unfixed> (bug filed; high)
-CAN-2005-2704 [Firefox: Incorrect chrome/javascript permission handling]
-	RESERVED
+CAN-2005-2704 (Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote ...)
 	- mozilla-firefox 1.0.7-1 (bug filed; medium)
 	- mozilla <unfixed> (bug filed; medium)
-CAN-2005-2703 [Firefox: Incorrect passing of XMLHttp requests]
-	RESERVED
+CAN-2005-2703 (Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote ...)
 	- mozilla-firefox 1.0.7-1 (bug filed; medium)
 	- mozilla <unfixed> (bug filed; medium)
-CAN-2005-2702 [Firefox: Arbitrary code execution through crafted Unicode sequences]
-	RESERVED
+CAN-2005-2702 (Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote ...)
 	- mozilla-firefox 1.0.7-1 (bug filed; high)
 	- mozilla <unfixed> (bug filed; high)
-CAN-2005-2701 [Firefox: Arbitrary code execution through crafted XBM through unspecified vuln]
-	RESERVED
+CAN-2005-2701 (Heap-based buffer overflow in Firefox before 1.0.7 and Mozilla Suite ...)
 	- mozilla-firefox 1.0.7-1 (bug filed; medium)
 	- mozilla <unfixed> (bug filed; medium)
 CAN-2005-2700 (ssl_engine_kernel.c in mod_ssl before 2.8.24, when using ...)

More information about the Secure-testing-commits mailing list