Secure testing commits - Jul 2005 - r1442 - data/CAN

Author: mhelas-guest
Date: 2005-07-19 14:34:55 +0000 (Tue, 19 Jul 2005)
New Revision: 1442

Modified:
   data/CAN/list
Log:
go through the list of CANs from 2002


Modified: data/CAN/list
==================================================================---
data/CAN/list	2005-07-19 13:24:16 UTC (rev 1441)
+++ data/CAN/list	2005-07-19 14:34:55 UTC (rev 1442)
@@ -94,33 +94,37 @@
 CAN-2002-2064 (isadmin.php in PhpWebGallery 1.0 allows remote attackers to gain
...)
 	NOTE: not-for-us (PhpWebGallery)
 CAN-2002-2063 (AtGuard 3.2 allows remote attackers to bypass firwall filters
and ...)
-	TODO: check
+	NOTE: not-for-us (AtGuard)
 CAN-2002-2062 (Cross-site scripting (XSS) vulnerability in ftp.htt in Internet
...)
-	TODO: check
+	NOTE: not-for-us (Microsoft)
 CAN-2002-2061 (Heap-based buffer overflow in Netscape 6.2.3 and Mozilla 1.0 and
...)
-	TODO: check
+	NOTE: fixed in upstream 1.0.1
+	NOTE: see
http://www.mozilla.org/releases/mozilla1.0.1/security-fixes-1.0.1.html
+	- mozilla 2:1.1-1 (low)
 CAN-2002-2060 (Buffer overflow in Links 2.0 pre4 allows remote attackers to
crash ...)
-	TODO: check
+	NOTE: not-for-us (other branch in the archive)
 CAN-2002-2059 (BIOS D845BG, D845HV, D845PT and D845WN on Intel motherboards
does not ...)
-	TODO: check
+	NOTE; not-for-us (Intel)
 CAN-2002-2058 (TeeKai Tracking Online 1.0 uses weak encryption of web usage
...)
-	TODO: check
+	NOTE: not-for-us (TeeKai)
 CAN-2002-2057 (TeeKai Forum 1.2 uses weak encryption of web usage statistics in
...)
-	TODO: check
+	NOTE: not-for-us (TeeKai)
 CAN-2002-2056 (Cross-site scripting (XSS) vulnerability in TeeKai Forum 1.2
allows ...)
-	TODO: check
+	NOTE: not-for-us (TeeKai)
 CAN-2002-2055 (Cross-site scripting (XSS) vulnerability in userlog.php in
TeeKai ...)
-	TODO: check
+	NOTE: not-for-us (TeeKai)
 CAN-2002-2054 (TeeKai Forum 1.2 allows remote attackers to authenticate as the
...)
-	TODO: check
+	NOTE: not-for-us (TeeKai)
 CAN-2002-2053 (The design of the Hot Standby Routing Protocol (HSRP), as
implemented ...)
-	TODO: check
+	NOTE: not-for-us (Cisco)
 CAN-2002-2052 (Cisco 2611 router running IOS 12.1(6.5), possibly an interim
release, ...)
-	TODO: check
+	NOTE: not-for-us (Cisco)
 CAN-2002-2051 (The processor_web plugin for ModLogAn 0.5.0 through 0.7.11, when
used ...)
-	TODO: check
+	NOTE: fixed in 0.7.12-1
+	- modlogan 0.7.12-1 (low)
 CAN-2002-2050 (Directory traversal vulnerability in processor_web plugin for
ModLogAn ...)
-	TODO: check
+	NOTE: fixed in 0.7.12-1
+	- modlogan 0.7.12-1 (low)
 CAN-2002-2049 (configure for Dsniff 2.3, fragroute 1.2, and fragrouter 1.6,
when ...)
 	TODO: check
 CAN-2002-2048 (** local / non-priv overflow only? ** ...)