Author: jmm-guest Date: 2005-07-21 07:38:21 +0000 (Thu, 21 Jul 2005) New Revision: 1447 Modified: data/CAN/list Log: new fiaif issue snmp dos fixed Modified: data/CAN/list ==================================================================--- data/CAN/list 2005-07-21 07:13:42 UTC (rev 1446) +++ data/CAN/list 2005-07-21 07:38:21 UTC (rev 1447) @@ -1,3 +1,7 @@ +CAN-2005-XXXX [fiaif: Package provided cron job updates conf files with access definitions] + NOTE: This doesn''t look like a real security issue as cron.daily should only be + NOTE: writable by root, but lets include it as the maintainer considers it an issue + - faif 1.19.2-14 (low) CAN-2005-XXXX [Shorewall lets users which have been accepted by MAC based access control bypass the other access checks] - shorewall 2.4.1-2 (medium) CAN-2005-XXXX [pdns: Two DoS vulnerabilities in the LDAP backend] @@ -578,7 +582,7 @@ NOTE: How bizarre, they assign a CVE Id without knowing which product contains NOTE: the affected probe.cgi CAN-2005-2177 (Unknown vulnerability in Net-SNMP 5.0.x before 5.0.10.2, 5.2.x before ...) - - net-snmp (unfixed; bug #318420; medium) + - net-snmp 5.2.1.2-1 (medium) CAN-2005-2176 (Novell NetMail automatically processes HTML in an attachment without ...) NOTE: not-for-us (Novell NetMail) CAN-2005-2175 (The web interface for Lotus Notes mail automatically processes HTML in ...)