Author: jmm-guest Date: 2005-06-17 12:40:51 +0000 (Fri, 17 Jun 2005) New Revision: 1236 Modified: data/CAN/list Log: checked telnet environment variable disclosure Modified: data/CAN/list ==================================================================--- data/CAN/list 2005-06-17 11:25:57 UTC (rev 1235) +++ data/CAN/list 2005-06-17 12:40:51 UTC (rev 1236) @@ -4868,7 +4868,10 @@ CAN-2003-1085 (The HTTP server in the Thomson TWC305, TWC315, and TCW690 cable modem ...) NOTE: not-for-us (Thomson cable modem) CAN-2005-0488 (Certain BSD-based Telnet clients, including those used on Solaris and ...) - TODO: check + NOTE: netkit-telnet not affected + TODO: check heimdal + - krb4 (unfixed) + - krb5 (unfixed) CAN-2004-1639 (Mozilla Firefox before 0.10, Mozilla 5.0, and Gecko 20040913 allows ...) NOTE: This is not a real security issue; it just describes the fact that the Gecko NOTE: engine of the Mozillae may be lead into a crash if you feed it with large chunks