Secure testing commits - Jul 2005 - r1388 - data/CAN

Author: joeyh
Date: 2005-07-14 14:46:58 +0000 (Thu, 14 Jul 2005)
New Revision: 1388

Modified:
   data/CAN/list
Log:
processed

Modified: data/CAN/list
==================================================================---
data/CAN/list	2005-07-14 14:28:16 UTC (rev 1387)
+++ data/CAN/list	2005-07-14 14:46:58 UTC (rev 1388)
@@ -39,34 +39,34 @@
 	NOTE: not-for-us (Cisco CallManager)
 CAN-2005-2240 (xpvm.tcl in xpvm 1.2.5 allows local users to overwrite arbitrary
files ...)
 	- xpvm (unfixed; bug filed; medium)
-begin claimed by joeyh
 CAN-2005-2239 (oftpd 0.3.7 allows remote attackers to cause a denial of service
via a ...)
-	TODO: check
+	- oftpd (unfixed; bug filed; medium)
+CAN-2005-XXXX [oftpd port DOS]
+	- oftpd (unfixed; bug #307957; low)
 CAN-2005-2238 (ftpd in IBM AIX 5.1, 5.2 and 5.3 allows remote authenticated
users to ...)
-	TODO: check
+	NOTE: not-for-us (AIX)
 CAN-2005-2237 (Format string vulnerability in the swcons command in IBM AIX
5.3, and ...)
-	TODO: check
+	NOTE: not-for-us (AIX)
 CAN-2005-2236 (Format string vulnerability in the paginit command in IBM AIX
5.3, and ...)
-	TODO: check
+	NOTE: not-for-us (AIX)
 CAN-2005-2235 (Buffer overflow in the diagTasksWebSM command in IBM AIX 5.1,
5.2 and ...)
-	TODO: check
+	NOTE: not-for-us (AIX)
 CAN-2005-2234 (Buffer overflow in the getlvname command in IBM AIX 5.1, 5.2 and
5.3, ...)
-	TODO: check
+	NOTE: not-for-us (AIX)
 CAN-2005-2233 (Buffer overflow in multiple "p" commands in
IBM AIX 5.1, 5.2 and 5.3 ...)
-	TODO: check
+	NOTE: not-for-us (AIX)
 CAN-2005-2232 (Buffer overflow in invscout in IBM AIX 5.1.0 through 5.3.0 might
allow ...)
-	TODO: check
+	NOTE: not-for-us (AIX)
 CAN-2005-2231 (High Availability Linux Project Heartbeat 1.2.3 allows local
users to ...)
-	TODO: check
+	- heartbeat (unfixed; bug filed; medium)
 CAN-2005-2230 (Electronic Mail Operator (elmo) 1.3.2-r1 and earlier creates the
...)
-	TODO: check
+	- elmo (unfixed; bug filed; medium)
 CAN-2005-2229 (Blog Torrent 0.92 and earlier stores the data/newusers file
under the ...)
-	TODO: check
+	NOTE: not-for-us (Blog Torrent)
 CAN-2005-2228 (Web Wiz Forums 7.9 and 8.0 allows remote attackers to view
message ...)
-	TODO: check
+	NOTE: not-for-us (Web Wiz Forums)
 CAN-2005-2227 (Softiacom wMailserver 1.0 stores passwords in plaintext in the
...)
-	TODO: check
-end claimed by joeyh
+	NOTE: not-for-us (Softiacom wMailserver)
 CAN-2005-2226 (Microsoft Outlook Express 6.0 leaks the default news server
account ...)
 	TODO: check
 CAN-2005-2225 (Microsoft MSN Messenger allows remote attackers to cause a
denial of ...)