Secure testing commits - Oct 2005 - r2322 - data/CAN

Author: joeyh
Date: 2005-10-06 09:14:18 +0000 (Thu, 06 Oct 2005)
New Revision: 2322

Modified:
   data/CAN/list
Log:
automatic CAN database update

Modified: data/CAN/list
==================================================================---
data/CAN/list	2005-10-06 08:58:04 UTC (rev 2321)
+++ data/CAN/list	2005-10-06 09:14:18 UTC (rev 2322)
@@ -1,3 +1,145 @@
+CAN-2005-3177 (CHKDSK in Microsoft Windows 2000 before Update Rollup 1 for SP4,
...)
+	TODO: check
+CAN-2005-3176 (Microsoft Windows 2000 before Update Rollup 1 for SP4 does not
record ...)
+	TODO: check
+CAN-2005-3175 (Microsoft Windows 2000 before Update Rollup 1 for SP4 allows a
local ...)
+	TODO: check
+CAN-2005-3174 (Microsoft Windows 2000 before Update Rollup 1 for SP4 allows
users to ...)
+	TODO: check
+CAN-2005-3173 (Microsoft Windows 2000 before Update Rollup 1 for SP4 does not
apply ...)
+	TODO: check
+CAN-2005-3172 (The WideCharToMultiByte function in Microsoft Windows 2000
before ...)
+	TODO: check
+CAN-2005-3171 (Microsoft Windows 2000 before Update Rollup 1 for SP4 records
Event ID ...)
+	TODO: check
+CAN-2005-3170 (The LDAP client on Microsoft Windows 2000 before Update Rollup 1
for ...)
+	TODO: check
+CAN-2005-3169 (Microsoft Windows 2000 before Update Rollup 1 for SP4, when the
"audit ...)
+	TODO: check
+CAN-2005-3168 (The SECEDIT command on Microsoft Windows 2000 before Update
Rollup 1 ...)
+	TODO: check
+CAN-2005-3167 (Incomplete blacklist vulnerability in MediaWiki before 1.4.11
does not ...)
+	TODO: check
+CAN-2005-3166 (Unspecified vulnerability in "edit submission
handling" for MediaWiki ...)
+	TODO: check
+CAN-2005-3165 (Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki
...)
+	TODO: check
+CAN-2005-3164 (Hitachi Cosminexus Application Server has unknown impact and
attack ...)
+	TODO: check
+CAN-2005-3163 (Unspecified vulnerability in Polipo 0.9.8 and earlier allows
attackers ...)
+	TODO: check
+CAN-2005-3162 (Multiple SQL injection vulnerabilities in PHP-Fusion 6.00.109
allow ...)
+	TODO: check
+CAN-2005-3161 (SQL injection vulnerability in PHP-Fusion before 6.00.110 allows
...)
+	TODO: check
+CAN-2005-3160 (Multiple SQL injection vulnerabilities in photogallery.php in
...)
+	TODO: check
+CAN-2005-3159 (SQL injection vulnerability in messages.php in PHP-Fusion allows
...)
+	TODO: check
+CAN-2005-3158 (SQL injection vulnerability in messages.php in PHP-Fusion
6.00.106 and ...)
+	TODO: check
+CAN-2005-3157 (SQL injection vulnerability in messages.php in PHP-Fusion
6.00.109 ...)
+	TODO: check
+CAN-2005-3156 (Directory traversal vulnerability in printfaq.php in EasyGuppy
(Guppy ...)
+	TODO: check
+CAN-2005-3155 (Buffer overflow in the W3C logging for MailEnable Enterprise 1.1
and ...)
+	TODO: check
+CAN-2005-3154 (Format string vulnerability in the logging funtionality in
BitDefender ...)
+	TODO: check
+CAN-2005-3153 (login.php in MyBloggie 2.1.3 beta allows remote attackers to
bypass a ...)
+	TODO: check
+CAN-2005-3152 (Multiple cross-site scripting (XSS) vulnerabilities in CubeCart
3.0.3 ...)
+	TODO: check
+CAN-2005-3151 (Buffer overflow in blenderplay in Blender Player 2.37a allows
...)
+	TODO: check
+CAN-2005-3150 (Format string vulnerability in the Log_Flush function in Weex
2.6.1.5, ...)
+	TODO: check
+CAN-2005-3149 (Uim 0.4.x before 0.4.9.1 and 0.5.0 and earlier does not properly
...)
+	TODO: check
+CAN-2005-3148 (StoreBackup before 1.19 in SUSE Linux does not properly set the
uid ...)
+	TODO: check
+CAN-2005-3147 (StoreBackup before 1.19 in SUSE Linux creates the backup root
with ...)
+	TODO: check
+CAN-2005-3146 (StoreBackup before 1.19 in SUSE Linux allows local users to
perform ...)
+	TODO: check
+CAN-2005-3145 (httpAdapter.c in sblim-sfcb before 0.9.2 allows remote attackers
to ...)
+	TODO: check
+CAN-2005-3144 (httpAdapter.c in sblim-sfcb before 0.9.2 allows remote attackers
to ...)
+	TODO: check
+CAN-2005-3143 (Unspecified vulnerability in the Mailbox Server for 4D WebStar
before ...)
+	TODO: check
+CAN-2005-3142 (Heap-based buffer overflow in Kaspersky Antivirus (KAV) 5.0 and
...)
+	TODO: check
+CAN-2005-3141 (Cerulean Studios Trillian 3.0 allows remote attackers to cause a
...)
+	TODO: check
+CAN-2005-3140 (Procom NetFORCE 800 4.02 M10 Build 20 and possibly other
versions ...)
+	TODO: check
+CAN-2005-3137 (The (1) cfmailfilter and (2) cfcron.in files for cfengine 1.6.5
allow ...)
+	TODO: check
+CAN-2005-3136 (Directory traversal vulnerability in Virtools Web Player
3.0.0.100 and ...)
+	TODO: check
+CAN-2005-3135 (Buffer overflow in Virtools Web Player 3.0.0.100 and earlier
allows ...)
+	TODO: check
+CAN-2005-3134 (Citrix Metaframe Presentation Server 3.0 and 4.0 allows remote
...)
+	TODO: check
+CAN-2005-3133 (Multiple directory traversal vulnerabilities in MERAK Mail
Server ...)
+	TODO: check
+CAN-2005-3132 (MERAK Mail Server 8.2.4r with Icewarp Web Mail 5.5.1, and
possibly ...)
+	TODO: check
+CAN-2005-3131 (Multiple cross-site scripting (XSS) vulnerabilities in MERAK
Mail ...)
+	TODO: check
+CAN-2005-3130 (SQL injection vulnerability in lucidCMS 1.0.11 allows remote
attackers ...)
+	TODO: check
+CAN-2005-3129 (Cross-site request forgery (CSRF) vulnerability in Serendipity
0.8.4 ...)
+	TODO: check
+CAN-2005-3128 (Cross-site scripting (XSS) vulnerability in add.php in Address
Add ...)
+	TODO: check
+CAN-2005-3127 (Cross-site scripting (XSS) vulnerability in index.php in
lucidCMS ...)
+	TODO: check
+CAN-2005-3126
+	NOTE: reserved
+CAN-2005-3125
+	NOTE: reserved
+CAN-2005-3124
+	NOTE: reserved
+CAN-2005-3123
+	NOTE: reserved
+CAN-2005-3122
+	NOTE: reserved
+CAN-2005-3121
+	NOTE: reserved
+CAN-2005-3120
+	NOTE: reserved
+CAN-2005-3119
+	NOTE: reserved
+CAN-2005-3118
+	NOTE: reserved
+	{DSA-845}
+	TODO: check
+CAN-2005-3117
+	NOTE: reserved
+CAN-2005-3116
+	NOTE: reserved
+CAN-2005-3115 (mpeg-tools before 1.5b-r2 creates multiple temporary files
insecurely, ...)
+	TODO: check
+CAN-2005-3114 (Buffer overflow in the ActiveX control for NateOn Messenger ...)
+	TODO: check
+CAN-2005-3113 (The ActiveX control for NateOn Messenger
(NateonDownloadManager.ocx) ...)
+	TODO: check
+CAN-2005-3112 (The "reset password" feature in Macromedia
Breeze 5.0 stores passwords ...)
+	TODO: check
+CAN-2005-3110 (Race condition in ebtables netfilter module (ebtables.c) in
Linux 2.6, ...)
+	TODO: check
+CAN-2005-3109 (The HFS and HFS+ (hfsplus) modules in Linux 2.6 allows attackers
to ...)
+	TODO: check
+CAN-2005-3108 (mm/ioremap.c in Linux 2.6 on 64-bit x86 systems allows local
users to ...)
+	TODO: check
+CAN-2005-3107 (fs/exec.c in Linux 2.6, when one thread is tracing another
thread that ...)
+	TODO: check
+CAN-2005-3106 (Race condition in Linux 2.6, when threads are sharing memory
mapping ...)
+	TODO: check
+CAN-2005-3105 (The mrpotect code (mprotect.c) in Linux 2.6 on Itanium IA64
Montecito ...)
+	TODO: check
 CAN-2005-XXXX [horde3 maintainer scripts don''t set sufficiently strict
permissions on config files]
 	- horde3 <unfixed> (bug #332289)
 CAN-2005-XXXX [horde3 permits arbitrary command execution before being finally
configured]
@@ -67,12 +209,11 @@
 	- fuzz 0.6-7.1 (bug #183047)
 CAN-2005-XXXX [DoS triggering endless loops in findutils -follow option]
 	- findutils 4.2.22-1 (bug #313081)
-CAN-2005-3138 [bugzilla''s config.cgi exposes information to user not
logged in]
+CAN-2005-3138 (Bugzilla 2.18rc1 through 2.18.3, 2.19 through 2.20rc2, and 2.21
allows ...)
 	- bugzilla 2.18.4-1 (bug #331206; medium)
-CAN-2005-3139 [bugzilla: bypass of restricted bugs]
+CAN-2005-3139 (Bugzilla 2.19.1 through 2.20rc2 and 2.21, with user matching
turned on ...)
 	- bugzilla 2.18.4-1 (bug #331206; medium)
-CAN-2005-2966 [Arbitrary code execution in import of SVG files in dia]
-	RESERVED
+CAN-2005-2966 (The Python SVG import plugin (diasvg_import.py) for DIA 0.94 and
...)
 	- dia 0.94.0-15 (bug #330890; medium)
 CAN-2005-XXXX [Serendipity account hijacking through CSRF]
 	- serendipity <itp> (bug #312413)
@@ -128,7 +269,7 @@
 	TODO: file a bug, it''s not really clear, whether this has security
implications
 CAN-2005-3088
 	RESERVED
-CAN-2005-3111 [backupninja insecure temp file]
+CAN-2005-3111 (The handler code for backupninja 0.8 and earlier creates
temporary ...)
 	- backupninja 0.8-2 (medium)
 CAN-2005-XXXX [microcode.ctl downloads microcode w/o user confirmation]
 	- microcode.ctl <unfixed> (bug #282583; low)
@@ -210,8 +351,8 @@
 CAN-1999-XXXX [Insecure access control on GNU Mach''s IO ports]
 	- gnumach <unfixed> (bug #46709)
 	NOTE: Nearly six years old :-)
-CAN-2005-3060
-	RESERVED
+CAN-2005-3060 (Buffer overflow in getconf in IBM AIX 5.2 to 5.3 allows local
users to ...)
+	TODO: check
 CAN-2005-3059 (Multiple unspecified vulnerabilities in Opera 8.50 on Linux and
...)
 	NOT-FOR-US: Opera
 CAN-2005-3058
@@ -439,15 +580,12 @@
 	RESERVED
 	{DSA-844}
 	- mod-auth-shadow 1.4-2 (bug #323789; medium)
-CAN-2005-2962
-	RESERVED
+CAN-2005-2962 (The post-installation script for ntlmaps before 0.9.9 sets ...)
 	{DSA-830-1}
-CAN-2005-2961 [prozilla buffer overflow]
-	RESERVED
+CAN-2005-2961 (Buffer overflow in the get_string_ahref function for ProZilla
1.3.7.4 ...)
 	{DSA-834-1}
 	NOTE: prozilla is not in sarge or etch
-CAN-2005-2960 [cfengine temporary file race]
-	RESERVED
+CAN-2005-2960 (cfengine 1.6.5 and 2.1.16 allows local users to overwrite
arbitrary ...)
 	{DSA-836-1 DSA-835-1}
 	- cfengine <unfixed>
 CAN-2005-2959 [Sudo does not sanitize SHELLOPTS and PS4 shell env vars before
starting sudoed apps]
@@ -610,8 +748,7 @@
 CAN-2005-2945 (arc 5.21j and earlier create temporary files with world-readable
...)
 	{DSA-843-1}
 	- arc 5.21m-1 (bug #329053; low)
-CAN-2005-2917 [DoS vulnerability in squid''s NMTL auth code]
-	RESERVED
+CAN-2005-2917 (Squid 2.5.STABLE10 and earlier, while performing NTLM
authentication, ...)
 	{DSA-828-1}
 	- squid 2.5.10-6 (unknown)
 CAN-2005-XXXX [user password file created by gajim is world-redable]
@@ -639,7 +776,7 @@
 CAN-2005-2877 (The history (revision control) function in TWiki 02-Sep-2004 and
...)
 	NOTE: proactively fixed by the robustness patch
 	- twiki 20040902-2
-CAN-2005-2876 (umount in util-linux 2.8 to 2.12q, 2.13-pre1, and 2.13-pre2
allows ...)
+CAN-2005-2876 (umount in util-linux 2.8 to 2.12q, 2.13-pre1, and 2.13-pre2, and
other ...)
 	{DSA-825-1 DSA-823-1}
 	- util-linux 2.12p-8 (bug #328141; bug #329063; medium)
 	- loop-aes-utils 2.12p-9 (bug #328626; medium)
@@ -797,8 +934,8 @@
 	NOT-FOR-US: BNBT EasyTracker
 CAN-2005-2805 (forum_post.php in e107 0.6 allows remote attackers to post to
...)
 	NOT-FOR-US: e107
-CAN-2005-2804
-	RESERVED
+CAN-2005-2804 (Integer overflow in the registry parsing code in GroupWise
6.5.3, and ...)
+	TODO: check
 CAN-2005-2803 (Cross-site scripting (XSS) vulnerability in Hiki 0.8.1 to 0.8.2
allows ...)
 	- hiki 0.8.3-1
 CAN-2005-2800 (Memory leak in the seq_file implemenetation in the SCSI procfs
...)
@@ -889,8 +1026,8 @@
 	RESERVED
 CAN-2005-2759
 	RESERVED
-CAN-2005-2758
-	RESERVED
+CAN-2005-2758 (Integer signedness error in the administrative interface for
Symantec ...)
+	TODO: check
 CAN-2005-2757
 	RESERVED
 CAN-2005-2756
@@ -1139,8 +1276,7 @@
 	- masqmail <unfixed> (high; bug #329307)
 CAN-2005-2661
 	RESERVED
-CAN-2005-2660
-	RESERVED
+CAN-2005-2660 (apachetop 0.12.5 and earlier, when running in debug mode, allows
local ...)
 	{DSA-839-1}
 	- apachetop 0.12.5-3 (unknown)
 CAN-2005-2659
@@ -2124,10 +2260,8 @@
 CAN-2005-XXXX [clamav-getfile: Insecure use of temporary files]
 	- clamav-getfiles 0.5-1 (bug #321446; medium)
 CAN-2005-XXXX [cgiwrap: Minimum UID does not include all system users]
-	{DTSA-6-1}
 	- cgiwrap 3.9-3.1 (bug #316881; low)
 CAN-2005-XXXX [cgiwrap: CGIs can be used to disclose system information]
-	{DTSA-6-1}
 	- cgiwrap 3.9-3.1 (bug #316901; low)
 CAN-2004-2162 (Multiple cross-site scripting (XSS) vulnerabilities in TUTOS 1.1
allow ...)
 	- tutos 1.1.20031017-2.1 (bug #318633; medium)
@@ -8938,7 +9072,7 @@
 	NOT-FOR-US: Hosting Controller
 CAN-2005-0693 (Buffer overflow in JoWood Chaser 1.50 and earlier allows remote
...)
 	NOT-FOR-US: JoWood Chaser (for Windows)
-CAN-2005-0692 (Cross-site scripting (XSS) vulnerability in PHP-Fusion 5.x
allows ...)
+CAN-2005-0692 (Cross-site scripting (XSS) vulnerability in fusion_core.php for
...)
 	NOT-FOR-US: PHP-Fusion 
 CAN-2005-0691 (PHP remote code injection vulnerability in article mode for ...)
 	NOT-FOR-US: SocialMPN 
@@ -11436,8 +11570,7 @@
 	RESERVED
 CAN-2005-0024
 	RESERVED
-CAN-2005-0023 [gnome-pty-helper: writes arbitrary utmp records]
-	RESERVED
+CAN-2005-0023 (gnome-pty-helper in GNOME libzvt2 and libvte4 allows local users
to ...)
 	- gnome-libs <unfixed> (bug #329156)
 	- vte <unfixed> (bug #330907)
 CAN-2005-0022 (Buffer overflow in the spa_base64_to_bits function in Exim
before ...)