Secure testing commits - Jul 2005 - r1408 - data/CAN

Author: jmm-guest
Date: 2005-07-16 10:02:37 +0000 (Sat, 16 Jul 2005)
New Revision: 1408

Modified:
   data/CAN/list
Log:
bugnums claim


Modified: data/CAN/list
==================================================================---
data/CAN/list	2005-07-16 09:44:44 UTC (rev 1407)
+++ data/CAN/list	2005-07-16 10:02:37 UTC (rev 1408)
@@ -1,7 +1,7 @@
 CAN-2005-XXXX [netpanzer: DoS through endless loop trigged through a crafted
packet]
-	- netpanzer (unfixed; bug filed; medium)
+	- netpanzer (unfixed; bug #318329; medium)
 CAN-2005-XXXX [Missing input sanitising in affix''s btsrv/btobex
services]
-	- affix (unfixed; bug filed; medium)
+	- affix (unfixed; bug #318328; medium)
 CAN-2000-XXXX [Multiple unfixed security issues in Mozillae]
 	- mozilla-firefox (unfixed; bug #318061; high)
 	- mozilla (unfixed; high)
@@ -25,7 +25,7 @@
 CAN-2005-2251 (PHP remote file inclusion vulnerability in secure.php in ...)
 	NOTE: not-for-us (PHPSecurePages (phpSP))
 CAN-2005-2250 (Buffer overflow in Bluetooth FTP client (BTFTP) in Nokia Affix
2.1.2 ...)
-	- affix (unfixed; bug filed; medium)
+	- affix (unfixed; bug #318327; medium)
 CAN-2005-2249 (Multiple unknown vulnerabilities in Jinzora 2.0.1 have unknown
impact ...)
 	TODO: track ITP#289487
 CAN-2005-2248 (Directory traversal vulnerability in DownloadProtect before
1.0.3 ...)
@@ -175,7 +175,7 @@
 	NOTE: How bizarre, they assign a CVE Id without knowing which product contains
 	NOTE: the affected probe.cgi
 CAN-2005-2177 (Unknown vulnerability in Net-SNMP 5.0.x before 5.0.10.2, 5.2.x
before ...)
-	- net-snmp (unfixed; bug filed; medium)
+	- net-snmp (unfixed; bug #318420; medium)
 CAN-2005-2176 (Novell NetMail automatically processes HTML in an attachment
without ...)
 	NOTE: not-for-us (Novell NetMail)
 CAN-2005-2175 (The web interface for Lotus Notes mail automatically processes
HTML in ...)
@@ -196,6 +196,7 @@
 	NOTE: not-for-us (AliveSites)
 CAN-2004-2210 (Multiple cross-site scripting (XSS) vulnerabilities in
Express-Web ...)
 	NOTE: not-for-us (Express-Web)
+begin claimed by jmm
 CAN-2004-2209 (SQL injection vulnerability in Ideal Science IdealBB 1.4.9
through ...)
 	NOTE: not-for-us (IdealBB)
 CAN-2004-2208 (CRLF injection vulnerability in Ideal Science IdealBB 1.4.9
through ...)
@@ -270,6 +271,7 @@
 	NOTE: not-for-us (Microsoft)
 CAN-2004-2175 (Multiple SQL injection vulnerabilities in ReviewPost PHP Pro
allow ...)
 	NOTE: not-for-us (ReviewPost)
+end claimed by jmm
 CAN-2004-2174 (Cross-site scripting (XSS) vulnerability in Custva.asp in
EarlyImpact ...)
 	NOTE: not-for-us (EarlyImpact)
 CAN-2004-2173 (SQL injection vulnerability in advSearch_h.asp in EarlyImpact
...)