Author: joeyh
Date: 2005-10-18 09:14:17 +0000 (Tue, 18 Oct 2005)
New Revision: 2439
Modified:
data/CAN/list
Log:
automatic update
Modified: data/CAN/list
==================================================================---
data/CAN/list 2005-10-18 08:10:15 UTC (rev 2438)
+++ data/CAN/list 2005-10-18 09:14:17 UTC (rev 2439)
@@ -1,3 +1,29 @@
+CAN-2005-3251 (Directory traversal vulnerability in the gallery script in
Gallery 2.0 ...)
+ TODO: check
+CAN-2005-3250 (Unknown vulnerability in Solaris 10 allows local users to cause
a ...)
+ TODO: check
+CAN-2005-3249
+ RESERVED
+CAN-2005-3248
+ RESERVED
+CAN-2005-3247
+ RESERVED
+CAN-2005-3246
+ RESERVED
+CAN-2005-3245
+ RESERVED
+CAN-2005-3244
+ RESERVED
+CAN-2005-3243
+ RESERVED
+CAN-2005-3242
+ RESERVED
+CAN-2005-3241
+ RESERVED
+CAN-2005-3240
+ RESERVED
+CAN-2005-3238 (Multiple unspecified vulnerabilities in Solaris 10 SCTP Socket
Option ...)
+ TODO: check
CAN-2005-XXXX [local root via loadkeys]
- linux-2.6 <unfixed> (bug #334113; medium)
- kernel-source-2.4.27 <unfixed> (medium)
@@ -86,7 +112,8 @@
NOT-FOR-US: Webroot Desktop Firewall
CAN-2005-3196 (Planet Technology Corp FGSW2402RS switch with firmware 1.2 has a
...)
NOT-FOR-US: Planet Technology switch
-CAN-2005-3195 (Buffer overflow in xloadimage 4.1 and earlier, and xli, might
allow ...)
+CAN-2005-3195
+ REJECTED
NOTE: This is a duplicate from CAN-2005-3178, will be rejected
CAN-2005-3194 (Multiple buffer overflows in ALZip 6.12 (Korean), 6.1
(International), ...)
NOT-FOR-US: ALZip
@@ -127,7 +154,7 @@
CAN-2005-3185 (Stack-based buffer overflow in the ntlm_output function in
http-ntlm.c ...)
- wget 1.10.2-1 (medium)
- curl 7.15.0-1 (bug #333734; medium)
-CAN-2005-3239 [Stack overflow in clamav''s DOC processing]
+CAN-2005-3239 (The OLE2 unpacker in clamd in ClamAV 0.87-1 allows remote
attackers to ...)
- clamav <unfixed> (bug #333566)
CAN-2005-XXXX [Local file inclusion in phpmyadmin]
- phpmyadmin 4:2.6.4-pl2-1 (bug #333433; high)
@@ -278,8 +305,7 @@
RESERVED
CAN-2005-3121
RESERVED
-CAN-2005-3120 [lynx: buffer overflow in nntp:// handling]
- RESERVED
+CAN-2005-3120 (Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6
and ...)
- lynx <unfixed> (bug #334423; high)
- lynx-cur 2.8.6-16 (bug #334423; high)
CAN-2005-3118 (Mason before 1.0.0 does not install the init script after the
user ...)
@@ -3971,7 +3997,7 @@
NOTE: only affects cupsys source package, not used in binary
- cupsys <unfixed> (bug #324464; unimportant)
- poppler 0.4.0-1 (low)
-CAN-2005-2096 (Buffer overflow in zlib 1.2 and later versions allows remote
attackers ...)
+CAN-2005-2096 (zlib 1.2 and later versions allows remote attackers to cause a
denial ...)
{DSA-797-2 DSA-797-1 DSA-740-1}
NOTE: Several packages ship embedded copies of zlib, there are a lot probably
more
NOTE: Florian Weimer is doing a comprehensive audit using clamav
@@ -7606,7 +7632,7 @@
NOTE: CVE id requested from mitre
CAN-2005-1245 (Cross-site scripting (XSS) vulnerability in MediaWiki before
1.4.2, ...)
- mediawiki 1.4.9 (bug #276057)
-CAN-2005-1244 (Directory traversal vulnerability in the third party tool from
NetIQ, ...)
+CAN-2005-1244 (** DISPUTED ** ...)
NOT-FOR-US: AS/400 FTP server addon
CAN-2005-1243 (Directory traversal vulnerability in the third party tool from
...)
NOT-FOR-US: AS/400 FTP server addon