thr3ads.net - Secure testing commits - [Secure-testing-commits] r1638

If this information is useful, please help other people find it:
Share via:
Stefan Fritsch
2005-Aug-24 20:57 UTC
[Secure-testing-commits] r1638 - data/CAN

Author: stef-guest
Date: 2005-08-24 20:57:08 +0000 (Wed, 24 Aug 2005)
New Revision: 1638

Modified:
   data/CAN/list
Log:
check a few old CANs

Modified: data/CAN/list
==================================================================---
data/CAN/list	2005-08-24 19:53:08 UTC (rev 1637)
+++ data/CAN/list	2005-08-24 20:57:08 UTC (rev 1638)
@@ -564,46 +564,48 @@
 	TODO: check
 CAN-2004-2313 (Inter7 SqWebMail 3.4.1 through 3.6.1 generates different error
...)
 	TODO: check
+	NOTE: Did not find reference to fix in upstream changelog or any other hint
that it is fixed
+	NOTE: pinged Maintainer
 CAN-2004-2312 (Buffer overflow in GNU make for IBM AIX 4.3.3, when installed
setgid, ...)
-	TODO: check
+	NOTE: not-for-us (AIX only)
 CAN-2004-2311 (Directory traversal vulnerability in webadmin.nsf in Lotus
Domino R6 ...)
-	TODO: check
+	NOTE: not-for-us (Lotus Domino)
 CAN-2004-2310 (Cross-site scripting (XSS) vulnerability in webadmin.nsf in
Lotus ...)
-	TODO: check
+	NOTE: not-for-us (Lotus Domino)
 CAN-2004-2309 (Directory traversal vulnerability in Crob FTP Server 3.5.1
allows ...)
-	TODO: check
+	NOTE: not-for-us (Crob FTP Server)
 CAN-2004-2308 (Cross-site scripting (XSS) vulnerability in cPanel 9.1.0 and
possibly ...)
-	TODO: check
+	NOTE: not-for-us (cPanel; see www.cpanel.net; has nothing to do with Debian
package cpanel)
 CAN-2004-2307 (Microsoft Internet Explorer 6.0.2600 on Windows XP allows remote
...)
-	TODO: check
+	NOTE: not-for-us (MS IE)
 CAN-2004-2306 (Sun Solaris 7 through 9, when Basic Security Module (BSM) is
enabled ...)
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2004-2305 (Computer Associates eTrust Antivirus EE 6.0 through 7.0 allows
remote ...)
-	TODO: check
+	NOTE: not-for-us (Computer Associates)
 CAN-2004-2304 (Integer overflow in Trillian 0.74 and earlier, and Trillian Pro
2.01 ...)
-	TODO: check
+	NOTE: not-for-us (Trillian)
 CAN-2004-2303 (MTools Mformat before 3.9.9, when installed setuid root, creates
files ...)
-	TODO: check
+	- mtools 3.9.9
 CAN-2003-1228 (Buffer overflow in the prepare_reply function in request.c for
Mathopd ...)
-	TODO: check
+	- mathopd 1.5b14
 CAN-2003-1227 (PHP remote file include vulnerability in index.php for Gallery
1.4 and ...)
-	TODO: check
+	- gallery 1.4.1
 CAN-2003-1226 (BEA WebLogic Server and Express 7.0 and 7.0.0.1 stores certain
secrets ...)
-	TODO: check
+	NOTE: not-for-us (BEA)
 CAN-2003-1225 (The default CredentialMapper for BEA WebLogic Server and Express
7.0 ...)
-	TODO: check
+	NOTE: not-for-us (BEA)
 CAN-2003-1224 (Weblogic.admin for BEA WebLogic Server and Express 7.0 and
7.0.0.1 ...)
-	TODO: check
+	NOTE: not-for-us (BEA)
 CAN-2003-1223 (The Node Manager for BEA WebLogic Express and Server 6.1 through
8.1 ...)
-	TODO: check
+	NOTE: not-for-us (BEA)
 CAN-2003-1222 (BEA Weblogic Express and Server 8.0 through 8.1 SP 1, when using
a ...)
-	TODO: check
+	NOTE: not-for-us (BEA)
 CAN-2003-1221 (BEA WebLogic Express and Server 7.0 through 8.1 SP 1, under
certain ...)
-	TODO: check
+	NOTE: not-for-us (BEA)
 CAN-2003-1220 (BEA WebLogic Server proxy plugin for BEA Weblogic Express and
Server ...)
-	TODO: check
+	NOTE: not-for-us (BEA)
 CAN-2002-2123 (PHP remote file inclusion vulnerability in publish_xp_docs.php
for ...)
-	TODO: check
+	- gallery 1.3.3
 CAN-2005-XXXX [DoS against clamav through infinite loop in cli_rmdirs]
 	- clamav 0.86.2-1 (low)
 CAN-2005-2554 (The web server for Network Associates ePolicy Orchestrator Agent
3.5.0 ...)
Secure testing commits - Aug 2005 - r1638 - data/CAN

[Secure-testing-commits] r1638 - data/CAN
