thr3ads.net - Secure testing commits - [Secure-testing-commits] r2421

If this information is useful, please help other people find it:
Share via:
Joey Hess
2005-Oct-17 21:08 UTC
[Secure-testing-commits] r2421 - data/CAN

Author: joeyh
Date: 2005-10-17 21:07:50 +0000 (Mon, 17 Oct 2005)
New Revision: 2421

Modified:
   data/CAN/list
Log:
automatic CAN database update

Modified: data/CAN/list
==================================================================---
data/CAN/list	2005-10-17 20:08:15 UTC (rev 2420)
+++ data/CAN/list	2005-10-17 21:07:50 UTC (rev 2421)
@@ -1,3 +1,113 @@
+CAN-2005-3237 (Cross-site scripting (XSS) vulnerability in Cyphor 0.19 allows
remote ...)
+	TODO: check
+CAN-2005-3236 (Multiple SQL injection vulnerabilities in Cyphor 0.19 allow
remote ...)
+	TODO: check
+CAN-2005-3235 (Multiple interpretation error in unspecified versions of Proland
...)
+	TODO: check
+CAN-2005-3234 (Multiple interpretation error in unspecified versions of Grisoft
AVG ...)
+	TODO: check
+CAN-2005-3233 (Multiple interpretation error in unspecified versions of Trustix
...)
+	TODO: check
+CAN-2005-3232 (Multiple interpretation error in unspecified versions of
TheHacker ...)
+	TODO: check
+CAN-2005-3231 (Multiple interpretation error in unspecified versions of CAT
Quick ...)
+	TODO: check
+CAN-2005-3230 (Multiple interpretation error in unspecified versions of Panda
...)
+	TODO: check
+CAN-2005-3229 (Multiple interpretation error in unspecified versions of ClamAV
...)
+	TODO: check
+CAN-2005-3228 (Multiple interpretation error in unspecified versions of Ikarus
...)
+	TODO: check
+CAN-2005-3227 (Multiple interpretation error in unspecified versions of UNA
Antivirus ...)
+	TODO: check
+CAN-2005-3226 (Multiple interpretation error in unspecified versions of ArcaVir
...)
+	TODO: check
+CAN-2005-3225 (Multiple interpretation error in unspecified versions of (1)
...)
+	TODO: check
+CAN-2005-3224 (Multiple interpretation error in unspecified versions of AntiVir
...)
+	TODO: check
+CAN-2005-3223 (Multiple interpretation error in unspecified versions of Rising
...)
+	TODO: check
+CAN-2005-3222 (Multiple interpretation error in unspecified versions of VBA32
...)
+	TODO: check
+CAN-2005-3221 (Multiple interpretation error in unspecified versions of
Fortinet ...)
+	TODO: check
+CAN-2005-3220 (Multiple interpretation error in unspecified versions of Norman
Virus ...)
+	TODO: check
+CAN-2005-3219 (Multiple interpretation error in unspecified versions of Avira
...)
+	TODO: check
+CAN-2005-3218 (Multiple interpretation error in unspecified versions of Dr.Web
...)
+	TODO: check
+CAN-2005-3217 (Multiple interpretation error in unspecified versions of
Symantec ...)
+	TODO: check
+CAN-2005-3216 (Multiple interpretation error in unspecified versions of Sophos
...)
+	TODO: check
+CAN-2005-3215 (Multiple interpretation error in unspecified versions of McAfee
...)
+	TODO: check
+CAN-2005-3214 (Multiple interpretation error in unspecified versions of Avast
...)
+	TODO: check
+CAN-2005-3213 (Multiple interpretation error in unspecified versions of F-Prot
...)
+	TODO: check
+CAN-2005-3212 (Multiple interpretation error in unspecified versions of NOD32
...)
+	TODO: check
+CAN-2005-3211 (Multiple interpretation error in unspecified versions of
BitDefender ...)
+	TODO: check
+CAN-2005-3210 (Multiple interpretation error in unspecified versions of
Kaspersky ...)
+	TODO: check
+CAN-2005-3209 (Aenovo products (1) aeNovo, (2) aeNovoShop, and (3) aeNovoWYSI
store ...)
+	TODO: check
+CAN-2005-3208 (Multiple SQL injection vulnerabilities in (1) aeNovo, (2)
aeNovoShop ...)
+	TODO: check
+CAN-2005-3207 (The forms servlet (f90servlet) in Oracle Forms 4.5.10.22 allows
remote ...)
+	TODO: check
+CAN-2005-3206 (iSQL*Plus (isqlplus) for Oracle9i Database Server Release 2
9.0.2.4 ...)
+	TODO: check
+CAN-2005-3205 (Cross-site scripting (XSS) vulnerability in iSQL*Plus (iSQLPlus)
in ...)
+	TODO: check
+CAN-2005-3204 (Cross-site scripting (XSS) vulnerability in Oracle XML DB 9iR2
allows ...)
+	TODO: check
+CAN-2005-3203 (The manual installation of Oracle HTML DB (HTMLDB) 1.3 through
1.3.6 ...)
+	TODO: check
+CAN-2005-3202 (Multiple cross-site scripting (XSS) vulnerabilities in Oracle
HTML DB ...)
+	TODO: check
+CAN-2005-3201 (SQL injection vulnerability in news.php for Utopia News Pro
1.1.3 when ...)
+	TODO: check
+CAN-2005-3200 (Multiple cross-site scripting (XSS) vulnerabilities in Utopia
News Pro ...)
+	TODO: check
+CAN-2005-3199 (Multiple SQL injection vulnerabilities in aradmin.asp for
aspReady FAQ ...)
+	TODO: check
+CAN-2005-3198 (Webroot Desktop Firewall before 1.3.0build52 allows local users
to ...)
+	TODO: check
+CAN-2005-3197 (Stack-based buffer overflow in PWIWrapper.dll for Webroot
Desktop ...)
+	TODO: check
+CAN-2005-3196 (Planet Technology Corp FGSW2402RS switch with firmware 1.2 has a
...)
+	TODO: check
+CAN-2005-3195 (Buffer overflow in xloadimage 4.1 and earlier, and xli, might
allow ...)
+	TODO: check
+CAN-2005-3194 (Multiple buffer overflows in ALZip 6.12 (Korean), 6.1
(International), ...)
+	TODO: check
+CAN-2005-3193
+	NOTE: reserved
+CAN-2005-3192
+	NOTE: reserved
+CAN-2005-3191
+	NOTE: reserved
+CAN-2005-3190 (Buffer overflow in Computer Associates (CA) iGateway 3.0 and 4.0
...)
+	TODO: check
+CAN-2005-3189
+	NOTE: reserved
+CAN-2005-3188
+	NOTE: reserved
+CAN-2005-3187
+	NOTE: reserved
+CAN-2005-3186
+	NOTE: reserved
+CAN-2005-3184
+	NOTE: reserved
+CAN-2005-3183 (The HTBoundary_put_block function in HTBound.c for W3C libwww
...)
+	TODO: check
+CAN-2005-3182
+	NOTE: reserved
 CAN-2005-XXXX [unsafe temporary file creation in flexbackup default config]
 	- flexbackup <unfixed> (bug #334350; low)
 CAN-2005-XXXX [xscreensaver does not maintain screen locks during upgrade]
@@ -10,14 +120,14 @@
 	- zope2.8 2.8.1-7
 CAN-2005-XXXX [gallery2: Information disclosure through missing input
sanitising]
 	- gallery 2.0.1-1 (medium)
-CAN-2005-3185 [Buffer overflow in curl''s NTLM auth code]
+CAN-2005-3185 (Stack-based buffer overflow in the ntlm_output function in
http-ntlm.c ...)
 	- wget 1.10.2-1 (medium)
 	- curl 7.15.0-1 (bug #333734; medium)
 CAN-2005-3239 [Stack overflow in clamav''s DOC processing]
 	- clamav <unfixed> (bug #333566)
 CAN-2005-XXXX [Local file inclusion in phpmyadmin]
 	- phpmyadmin 4:2.6.4-pl2-1 (bug #333433; high)
-CAN-2005-3181 [kernel: Mem leak in audit_syscall interface]
+CAN-2005-3181 (Linux kernel before 2.6.13.4, when CONFIG_AUDITSYSCALL is
enabled, ...)
 	- linux-2.6 2.6.12-11
 	NOTE: Might as well be 2.6.13-2, depending on the next upload
 	- kernel-source-2.4.27 2.4.27-12
@@ -25,24 +135,23 @@
 CAN-2005-XXXX [Missing safemode checks in PHP''s _php_image_output
functions]
 	- php5 5.0.5-2
 	- php4 4:4.4.0-3
-CAN-2005-3180 [kernel: Information leakage in orinoco driver]
+CAN-2005-3180 (The Orinoco driver (orinoco.c) in Linux kernel 2.6.13 and
earlier does ...)
 	- linux-2.6 2.6.12-11
 	NOTE: Might as well be 2.6.13-2, depending on the next upload
 	- kernel-source-2.4.27 2.4.27-12
 	NOTE: CVE requested
-CAN-2005-3119 [kernel: mem leak in request_key_auth]
-	RESERVED
+CAN-2005-3119 (Memory leak in the request_key_auth_destroy function in ...)
 	- linux-2.6 2.6.13-2
 	- kernel-source-2.4.27 <not-affected>
 	NOTE: 2.6.12 itself not affected, fixed in SVN
-CAN-2005-3179 [kernel: Insecure sysfs perms expose DRM debug mode to
unprivileged users]
+CAN-2005-3179 (drm.c in Linux kernel 2.6.10 to 2.6.13 creates a debug file in
sysfs ...)
 	- linux-2.6 2.6.12-11
 	NOTE: Might as well be 2.6.13-2, depending on the next upload
 	- kernel-source-2.4.27 <not-affected>
 	NOTE: CVE requested
 CAN-2005-XXXX [DoS vulnerability in msg id parsing of spampd]
 	- spampd <unfixed> (bug #332259; low)
-CAN-2005-3178 [Multiple buffer overflows in xloadimage]
+CAN-2005-3178 (Buffer overflow in xloadimage 4.1 and earlier, and xli, might
allow ...)
 	{DSA-859-1 DSA-858-1}
 	- xloadimage 4.1-15 (bug #332524; medium)
 	- xli <unfixed> (medium)
@@ -175,13 +284,12 @@
 	RESERVED
 	- lynx <unfixed> (bug #334423; high)
 	- lynx-cur <unfixed> (bug #334423; high)
-CAN-2005-3118
-	RESERVED
+CAN-2005-3118 (Mason before 1.0.0 does not install the init script after the
user ...)
 	{DSA-845-1}
 	NOTE: reserved
 	- mason 1.0.0-3
 CAN-2005-3117
-	RESERVED
+	REJECTED
 	NOTE: reserved
 CAN-2005-3116
 	RESERVED
@@ -210,7 +318,7 @@
 	- kernel-source-2.6.8 2.6.8-16sarge1
 CAN-2005-3106 (Race condition in Linux 2.6, when threads are sharing memory
mapping ...)
 	- kernel-source-2.6.8 2.6.8-16sarge1
-CAN-2005-3105 (The mrpotect code (mprotect.c) in Linux 2.6 on Itanium IA64
Montecito ...)
+CAN-2005-3105 (The mprotect code (mprotect.c) in Linux 2.6 on Itanium IA64
Montecito ...)
 	- kernel-source-2.6.8 2.6.8-16sarge1
 	- kernel-source-2.4.27 <unfixed> (bug #332569; medium)
 CAN-2005-XXXX [horde3 maintainer scripts don''t set sufficiently strict
permissions on config files]
@@ -384,9 +492,10 @@
 	- interchange 5.2.1-1 (bug #329705; medium)
 CAN-2005-3071 (Unspecified vulnerability in Unix File System (UFS) on Solaris 8
and ...)
 	NOT-FOR-US: Solaris
-CAN-2005-3070 (HylaFax 4.2.1 and earlier on Debian GNU/Linux does not create or
...)
+CAN-2005-3070 (HylaFax 4.2.1 and earlier does not create or verify ownership of
the ...)
 	- hylafax 1:4.2.2+rc1 (bug #329384; low)
 CAN-2005-3069 (xferfaxstats in HylaFax 4.2.1 and earlier allows local users to
...)
+	{DSA-865-1}
 	- hylafax 1:4.2.2+rc1 (bug #329384; low)
 CAN-2005-3068 (Unspecified vulnerability in Eric Integrated Development
Environment ...)
 	- eric 3.7.2-1 (bug #330608; unknown)
@@ -586,8 +695,7 @@
 	NOT-FOR-US: HP Tru64
 CAN-2005-2991 (ncompress 4.2.4 and earlier allows local users to overwrite
arbitrary ...)
 	- ncompress <unfixed> (bug #329052; unimportant)
-CAN-2005-2992 [Another arc tempfile issue]
-	RESERVED
+CAN-2005-2992 (arc 5.21j and earlier allows local users to overwrite arbitrary
files ...)
 	{DSA-843-1}
 	- arc 5.21m-1 (low)
 CAN-2005-XXXX [freeradius buffer overflows and SQL injection]
@@ -644,17 +752,15 @@
 	- mozilla-firefox <not-affected> (Debian ships a non-vulnerable wrapper
script)
 	- mozilla <not-affected> (Debian ships a non-vulnerable wrapper script)
 	- mozilla-thunderbird 1.0.6-4 (bug #329667; bug #329664; high)
-CAN-2005-2967 [Format string vulnerability in xine-libs CDDB code]
-	RESERVED
+CAN-2005-2967 (Format string vulnerability in input_cdda.c in xine-lib 1-beta
through ...)
+	{DSA-863-1}
 	- xine-lib <unfixed> (bug #332919; bug #333682; medium)
-CAN-2005-2965 [Insecure temp files in graphviz]
-	RESERVED
+CAN-2005-2965 (graphviz before 2.2.1 allows local users to overwrite arbitrary
files ...)
 	{DSA-857-1}
 	- graphviz 2.2.1-1sarge1 (low) 
 CAN-2005-2964 (Stack-based buffer overflow in AbiWord before 2.2.10 allows
attackers ...)
 	- abiword 2.2.10-1 (bug #329839; medium)
-CAN-2005-2963 [Mod-Authshadow: Incorrect enforcement of AuthShadow when
''require group'' is set]
-	RESERVED
+CAN-2005-2963 (The mod_auth_shadow module 1.0 through 1.5 and 2.0 for Apache
with ...)
 	{DSA-844-1}
 	- mod-auth-shadow 1.4-2 (bug #323789; medium)
 CAN-2005-2962 (The post-installation script for ntlmaps before 0.9.9 sets ...)
@@ -698,11 +804,10 @@
 	NOTE: haven''t been presented yet
 CAN-2005-2944 (The perform_file_save function in GNOME Workstation Command
Center ...)
 	NOT-FOR-US: GNOME Workstation Command Center
-CAN-2005-2943 [Buffer overflow in xmail]
-	RESERVED
+CAN-2005-2943 (Stack-based buffer overflow in sendmail in XMail before 1.22
allows ...)
 	- xmail <unfixed> (bug #333863; medium)
 CAN-2005-2942
-	RESERVED
+	REJECTED
 CAN-2005-2941
 	RESERVED
 CAN-2005-2940
@@ -711,16 +816,15 @@
 	RESERVED
 CAN-2005-2938
 	RESERVED
-CAN-2005-2937
-	RESERVED
+CAN-2005-2937 (Heap-based buffer overflow in Kaspersky Anti-Virus Engine, as
used in ...)
+	TODO: check
 CAN-2005-2936
 	RESERVED
 CAN-2005-2935 (AntiSpywareMain.exe in Microsoft AntiSpyware does not quote the
C ...)
 	NOT-FOR-US: Microsoft AntiSpyware
 CAN-2005-2934
 	RESERVED
-CAN-2005-2933 [uwimapd: post-authentication buffer overflow]
-	RESERVED
+CAN-2005-2933 (Buffer overflow in the mail_valid_net_parse_work function in
mail.c ...)
 	{DSA-861-1}
 	- uw-imap 7:2002edebian1-12 (medium; bug #332215)
 CAN-2005-2932
@@ -737,8 +841,8 @@
 	RESERVED
 CAN-2005-2926
 	RESERVED
-CAN-2005-2925
-	RESERVED
+CAN-2005-2925 (runpriv in SGI IRIX allows local users to bypass intended
restrictions ...)
+	TODO: check
 CAN-2005-2924
 	RESERVED
 CAN-2005-2923
@@ -877,7 +981,7 @@
 	REJECTED
 	NOTE: rejected, initially ipt_recent related
 CAN-2005-2878 (Format string vulnerability in search.c in the imap4d server in
GNU ...)
-	{DSA-841-1}
+	{DSA-841-1 DTSA-20-1}
 	- mailutils 1:0.6.90-2.1etch1 (bug #327424; high)
 CAN-2005-2870 (Unknown vulnerability in the net-svc script on Solaris 10 allows
...)
 	NOT-FOR-US: Solaris
@@ -1191,8 +1295,8 @@
 CAN-2005-2717 (PHP remote file inclusion vulnerability in WebCalendar before
1.0.1 ...)
 	{DSA-799-1}
 	- webcalendar 0.9.45-7 (bug #326223; medium)
-CAN-2005-2715
-	RESERVED
+CAN-2005-2715 (Format string vulnerability in the Java user interface service
...)
+	TODO: check
 CAN-2005-2714
 	RESERVED
 CAN-2005-2713
@@ -1356,8 +1460,7 @@
 CAN-2005-2662 (masqmail before 0.2.18 allows remote attackers to execute
arbitrary ...)
 	{DSA-848-1}
 	- masqmail 0.2.20-1sarge1 (high; bug #329307)
-CAN-2005-2661 [format string vulnerability in up-imapproxy]
-	RESERVED
+CAN-2005-2661 (Format string vulnerability in the ParseBannerAndCapability
function ...)
 	{DSA-852-1}
 	- up-imapproxy 1.2.4-2 (high)
 CAN-2005-2660 (apachetop 0.12.5 and earlier, when running in debug mode, allows
local ...)
@@ -1621,7 +1724,8 @@
 	- phpgroupware 0.9.14.002
 CAN-2004-2405 (Buffer overflow in multiple F-Secure Anti-Virus products,
including ...)
 	NOT-FOR-US: F-Secure Anti-Virus
-CAN-2004-2404 (blog.cgi in Leif Wright Web Blog 1.1.5 allows remote attackers
to ...)
+CAN-2004-2404
+	REJECTED
 	NOT-FOR-US: Leif Wright Web Blog
 CAN-2004-2403 (Cross-site request forgery (CSRF) vulnerability in YaBB 1 GOLD
SP ...)
 	NOT-FOR-US: YaBB
@@ -1645,7 +1749,7 @@
 	NOTE: shadow is a different code base, and does not have this problem
 CAN-2004-2393 (Java Secure Socket Extension (JSSE) 1.0.3 through 1.0.3_2 does
not ...)
 	NOT-FOR-US: Sun JSSE
-CAN-2004-2392 (libuser 0.51.7, as used in Mandrake Linux 9.1 through 10.0 and
...)
+CAN-2004-2392 (libuser 0.51.7 allows attackers to cause a denial of service
(crash or ...)
 	NOT-FOR-US: libuser
 CAN-2004-2391 (Jabber Gadu-Gadu Transport (a.k.a. jabber-gg-transport) 2.0.x
before ...)
 	NOT-FOR-US: jabber-gg-transport
@@ -2123,7 +2227,7 @@
 	- php4 4:4.3.10-16 (bug #323366; high)
 	TODO: check php5
 CAN-2005-2497
-	RESERVED
+	REJECTED
 CAN-2005-2496 (The xntpd ntp (ntpd) daemon before 4.2.0b, when run with the -u
option ...)
 	{DSA-801-1}
 	NOTE: I suspect DSA-801 is fixed by the non-root patches from Ubuntu??
@@ -2664,9 +2768,8 @@
 	RESERVED
 CAN-2005-2338
 	RESERVED
-CAN-2005-2337 [Incorrect handling of "safe levels" in Ruby]
-	RESERVED
-	{DSA-862-1 DSA-860-1}
+CAN-2005-2337 (Ruby 1.6.x up to 1.6.8, 1.8.x up to 1.8.2, and 1.9.0 development
up to ...)
+	{DSA-864-1 DSA-862-1 DSA-860-1}
 	- ruby1.6 1.6.8-13 (medium)
 	- ruby1.8 1.8.3-1 (medium)
 	- ruby1.9 1.9.0+20050921-1 (medium)
@@ -3787,9 +3890,9 @@
 	RESERVED
 CAN-2005-2129
 	RESERVED
-CAN-2005-2128
-	RESERVED
-CAN-2005-2127 (The Microsoft DDS Library Shape Control (Msdds.dll) COM object
allows ...)
+CAN-2005-2128 (QUARTZ.DLL in Microsoft Windows Media Player 9 allows remote
attackers ...)
+	TODO: check
+CAN-2005-2127 (Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote
attackers ...)
 	NOT-FOR-US: Windows
 CAN-2005-2126
 	RESERVED
@@ -3803,10 +3906,10 @@
 	RESERVED
 CAN-2005-2121
 	RESERVED
-CAN-2005-2120
-	RESERVED
-CAN-2005-2119
-	RESERVED
+CAN-2005-2120 (Stack-based buffer overflow in the Plug and Play (PnP) service
...)
+	TODO: check
+CAN-2005-2119 (The MIDL_user_allocate function in the Microsoft Distributed
...)
+	TODO: check
 CAN-2005-2118
 	RESERVED
 CAN-2005-2117
@@ -3841,8 +3944,8 @@
 	- drupal 4.5.4-1 (bug #316362)
 CAN-2005-2105 (Cisco IOS 12.2T through 12.4 allows remote attackers to bypass
...)
 	NOT-FOR-US: IOS
-CAN-2005-2104
-	RESERVED
+CAN-2005-2104 (sysreport before 1.3.7 allows local users to obtain sensitive
...)
+	TODO: check
 CAN-2005-2103 (Buffer overflow in the AIM and ICQ module in Gaim before 1.5.0
allows ...)
 	{DTSA-5-1}
 	- gaim 1:1.4.0-5 (high; bug #323706)
@@ -4588,12 +4691,12 @@
 	NOT-FOR-US: MSIE
 CAN-2005-1988 (Unknown vulnerability in Internet Explorer 5.0, 5.5, and 6.0
allows ...)
 	NOT-FOR-US: MSIE
-CAN-2005-1987
-	RESERVED
+CAN-2005-1987 (Collaboration Data Objects (CDO), as used in Microsoft Windows
and ...)
+	TODO: check
 CAN-2005-1986
 	RESERVED
-CAN-2005-1985
-	RESERVED
+CAN-2005-1985 (The Client Service for NetWare (CSNW) on Microsoft Windows 2000
SP4, ...)
+	TODO: check
 CAN-2005-1984 (Buffer overflow in the Print Spooler service (Spoolsv.exe) for
...)
 	NOT-FOR-US: Spoolsv.exe
 CAN-2005-1983 (Stack-based buffer overflow in the Plug and Play (PnP) service
for ...)
@@ -4602,12 +4705,12 @@
 	NOT-FOR-US: Microsoft
 CAN-2005-1981 (Unknown vulnerability in Microsoft Windows 2000 Server and
Windows ...)
 	NOT-FOR-US: Microsoft
-CAN-2005-1980
-	RESERVED
-CAN-2005-1979
-	RESERVED
-CAN-2005-1978
-	RESERVED
+CAN-2005-1980 (Distributed Transaction Controller in Microsoft Windows allows
remote ...)
+	TODO: check
+CAN-2005-1979 (Distributed Transaction Controller in Microsoft Windows allows
remote ...)
+	TODO: check
+CAN-2005-1978 (COM+ in Microsoft Windows does not properly &quot;create and
use memory ...)
+	TODO: check
 CAN-2005-1977
 	RESERVED
 CAN-2005-1976
@@ -5386,8 +5489,7 @@
 	- linux-2.6 2.6.12-1 (medium)
 	NOTE: Fixed in the 2.6.11 stable series and merged into 2.6.12
 	NOTE: 2.6 only, not in 2.4
-CAN-2005-1764 [Unspecified DoS vulnerability on amd64]
-	RESERVED
+CAN-2005-1764 (Linux 2.6.11 on 64-bit x86 (x86_64) platforms does not use a
guard ...)
 	NOTE: horms says not vulnerable in 2.4.27 or 2.6.8 as far as he can tell
 CAN-2005-1763 (Buffer overflow in ptrace in the Linux Kernel for 64-bit
architectures ...)
 	- kernel-source-2.6.8 2.6.8-17
@@ -10478,7 +10580,7 @@
 	NOTE: see cyrus-sasl-2.1.18-cvs-1.172.patch in there
 	NOTE: cyrus-sasl2 already has patch applied
 	NOTE: cyrus-sasl code seems too old for any of the problems to apply
-CAN-2005-0372 (Directory traversal vulnerability in gftp 2.0.18 and earlier for
GTK+ ...)
+CAN-2005-0372 (Directory traversal vulnerability in gftp before 2.0.18 for GTK+
...)
 	{DSA-686-1}
 	- gftp 2.0.18-1
 	NOTE: CVE entry claims that 2.0.18 is vulnerable, but this is wrong.
@@ -11382,7 +11484,7 @@
 	- maxdb-7.5.00 7.5.00.18
 CAN-2005-0110 (Internet Explorer 6 on Windows XP SP2 allows remote attackers to
...)
 	NOT-FOR-US: MSIE
-CAN-2005-0109 (Hyper-Threading technology, as used in FreeBSD other operating
systems ...)
+CAN-2005-0109 (Hyper-Threading technology, as used in FreeBSD and other
operating ...)
 	NOTE: According to Linus Torvalds and others on linux-kernel this is a
theoretical
 	NOTE: attack, paranoid people should disable hyper threading
 	- kfreebsd5-source 5.3-11
Secure testing commits - Oct 2005 - r2421 - data/CAN

[Secure-testing-commits] r2421 - data/CAN
