Secure testing commits - Aug 2005 - r1538 - data/CAN

Author: jmm-guest
Date: 2005-08-08 09:59:04 +0000 (Mon, 08 Aug 2005)
New Revision: 1538

Modified:
   data/CAN/list
Log:
process my second block I had almost forgotten


Modified: data/CAN/list
==================================================================---
data/CAN/list	2005-08-08 09:52:49 UTC (rev 1537)
+++ data/CAN/list	2005-08-08 09:59:04 UTC (rev 1538)
@@ -687,36 +687,35 @@
 	NOTE: not-for-us (Firefox on MacOS)
 CAN-2004-2227 (Mozilla Firefox before 1.0 truncates long filenames in the file
...)
 	- mozilla-firefox 1.0-1
-begin claimed by jmm
 CAN-2004-2226 (Mozilla Mail 1.7.1 and 1.7.3, and Thunderbird before 0.9, when
...)
-	TODO: check
+	- mozilla-thunderbird 1.0-3
+	TODO: check Mozilla suite
 CAN-2004-2225 (Mozilla Firefox before 0.10.1 allows remote attackers to delete
...)
-	TODO: check
+	- mozilla-firefox 0.99+1.0RC1-1
 CAN-2004-2224 (Appfoundry Message Foundry 2.75 .0003 allows remote attackers to
cause ...)
-	TODO: check
+	NOTE: not-for-us (Message Foundry)
 CAN-2004-2223 (FsPHPGallery before 1.2 allows remote attackers to cause a
denial of ...)
-	TODO: check
+	NOTE: not-for-us (FsPHPGallery)
 CAN-2004-2222 (Directory traversal vulnerability in index.php in FsPHPGallery
before ...)
-	TODO: check
+	NOTE: not-for-us (FsPHPGallery)
 CAN-2004-2221 (Buffer overflow in SoftCart.exe in Mercantec SoftCart 4.00b
allows ...)
-	TODO: check
+	NOTE: not-for-us (SoftCart)
 CAN-2004-2220 (F-Secure Anti-Virus for Microsoft Exchange 6.30 and 6.31 does
not ...)
-	TODO: check
+	NOTE: not-for-us (F-Secure Anti-Virus)
 CAN-2004-2219 (Microsoft Internet Explorer 6 allows remote attackers to spoof
the ...)
-	TODO: check
+	NOTE: not-for-us (Microsoft)
 CAN-2004-2218 (SQL injection vulnerability in pmwh.php in PHPMyWebHosting 0.3.4
and ...)
-	TODO: check
+	NOTE: not-for-us (PHPMyWebHosting)
 CAN-2004-2217 (Multiple unknown vulnerabilities in yhttpd in yChat before 0.7
allow ...)
-	TODO: check
+	NOTE: not-for-us (yChat)
 CAN-2004-2216 (Unknown vulnerability in Sun Java System Web Server 6.0 SP7 and
...)
-	TODO: check
+	NOTE: not-for-us (Sun Java)
 CAN-2004-2215 (RXVT-Unicode 3.4 and 3.5 does not properly close file
descriptors, ...)
-	TODO: check
+	- rxvt-unicode 3.8-1
 CAN-2004-2214 (Mbedthis AppWeb HTTP server before 1.1.3 allows remote attackers
to ...)
-	TODO: check
+	NOTE: not-for-us (AppWeb HTTP server)
 CAN-2004-2213 (Mbedthis AppWeb HTTP server before 1.1.3 allows remote attackers
to ...)
-	TODO: check
-end claimed by jmm
+	NOTE: not-for-us (AppWeb HTTP server)
 CAN-2005-XXXX [Multiple security problems in ethereal]
 	- ethereal 0.10.12-1 (medium)
 CAN-2005-XXXX [strobe reads file from unsafe directory]