Author: jmm-guest Date: 2005-05-01 11:44:17 +0000 (Sun, 01 May 2005) New Revision: 945 Modified: sarge-checks/CAN/list Log: Filed bugs for affix and kronolith. Modified: sarge-checks/CAN/list ==================================================================--- sarge-checks/CAN/list 2005-05-01 11:28:26 UTC (rev 944) +++ sarge-checks/CAN/list 2005-05-01 11:44:17 UTC (rev 945) @@ -100,13 +100,13 @@ CAN-2005-1315 (Cross-site scripting (XSS) vulnerability in Horde Turba module before ...) TODO: check CAN-2005-1314 (Cross-site scripting (XSS) vulnerability in Horde Kronolith module ...) - TODO: check + - kronolith (unfixed; bug pending) CAN-2005-1313 (Cross-site scripting (XSS) vulnerability in Horde Passwd module before ...) TODO: check CAN-2005-1312 (PHP remote code injection vulnerability in Yappa-NG before 2.3.2 ...) - TODO: check + NOTE: not-for-us (Yappa-NG) CAN-2005-1311 (Cross-site scripting (XSS) vulnerability in Yappa-NG before 2.3.2 ...) - TODO: check + NOTE: not-for-us (Yappa-NG) CAN-2005-1310 (SQL injection vulnerability in bBlog 0.7.4 allows remote attackers to ...) NOTE: not-for-us (bBlog) CAN-2005-1309 (Cross-site scripting (XSS) vulnerability in bBlog 0.7.4 allows remote ...) @@ -140,7 +140,7 @@ CAN-2005-1295 (include.cgi script allows remote attackers to read arbitrary files via ...) NOTE: not-for-us (include.cgi) CAN-2005-1294 (The affix_sock_register in the Affix Bluetooth Protocol Stack for ...) - TODO: check + - affix-kernel (unfixed; bug pending) CAN-2005-1293 (Multiple SQL injection vulnerabilities in default.asp in StorePortal ...) NOTE: not-for-us (StorePortal) CAN-2005-1292 (Multiple cross-site scripting (XSS) vulnerabilities in CartWIZ ASP ...)