Author: djoume-guest Date: 2005-05-20 12:47:01 +0000 (Fri, 20 May 2005) New Revision: 1115 Modified: sarge-checks/CAN/list Log: * processed my block Modified: sarge-checks/CAN/list ==================================================================--- sarge-checks/CAN/list 2005-05-20 12:37:15 UTC (rev 1114) +++ sarge-checks/CAN/list 2005-05-20 12:47:01 UTC (rev 1115) @@ -1058,62 +1058,61 @@ NOTE: not-for-us (Plug and Play Web Server) CAN-2003-1157 (Cross-site scripting (XSS) vulnerability in login.asp in Citrix ...) NOTE: not-for-us (Citrix) -begin claimed by djoume CAN-2003-1156 (Java Runtime Environment (JRE) and Software Development Kit (SDK) ...) - TODO: check + NOTE: not-for-us (Sun JRE/SDK) CAN-2003-1155 (X-CD-Roast 0.98 alpha10 through alpha14 allows local users to ...) - TODO: check + - xcdroast 0.98+0alpha15-1 + NOTE: woody seems to be vulnerable (see bug #) CAN-2003-1154 (MAILsweeper for SMTP 4.3 allows remote attackers to bypass virus ...) - TODO: check + NOTE: not-for-us (MAILsweeper) CAN-2003-1153 (byteHoard 0.7 and 0.71 allows remote attackers to list arbitrary files ...) - TODO: check + NOTE: not-for-us (byteHoard) CAN-2003-1152 (WebTide 7.04 allows remote attackers to list arbitrary directories via ...) - TODO: check + NOTE: not-for-us (WebTide) CAN-2003-1151 (Cross-site scripting (XSS) vulnerability in Fastream NETFile Server ...) - TODO: check + NOTE: not-for-us (Fastream) CAN-2003-1150 (Buffer overflow in the portmapper service (PMAP.NLM) in Novell NetWare ...) - TODO: check + NOTE: not-for-us (Novell portmapper) CAN-2003-1149 (Cross-site scripting (XSS) vulnerability in Symantec Norton Internet ...) - TODO: check + NOTE: not-for-us (Symantec Norton Internet Security) CAN-2003-1148 (PHP remote code injection vulnerability in (1) config.inc.php and (2) ...) - TODO: check + NOTE: not-for-us (Les Visiteurs) CAN-2003-1147 NOTE: rejected CAN-2003-1146 (Cross-site scripting (XSS) vulnerability in John Beatty Easy PHP Photo ...) - TODO: check + NOTE: not-for-us (Easy PHP Photo Album) CAN-2003-1145 (Cross-site scripting (XSS) vulnerability in friendmail.php in ...) - TODO: check + NOTE: not-for-us (OpenAutoClassifieds) CAN-2003-1144 (Buffer overflow in the log viewing interface in Perception LiteServe ...) - TODO: check + NOTE: not-for-us (Perception LiteServe) CAN-2003-1143 (Croteam Serious Sam demo test 2 2.1a, Serious Sam: the First Encounter ...) - TODO: check + NOTE: not-for-us (Croteam Serious Sam demo) CAN-2003-1142 (Help in NIPrint LPD-LPR Print Server 4.10 and earlier executes Windows ...) - TODO: check + NOTE: not-for-us (NIPrint LPD-LPR) CAN-2003-1141 (Buffer overflow in NIPrint 4.10 allows remote attackers to execute ...) - TODO: check + NOTE: not-for-us (NIPrint LPD-LPR) CAN-2003-1140 (Buffer overflow in Musicqueue 1.2.0 allows local users to execute ...) - TODO: check + NOTE: not-for-us (Musicqueue) CAN-2003-1139 (Musicqueue 1.2.0 allows local users to overwrite arbitrary files by ...) - TODO: check + NOTE: not-for-us (Musicqueue) CAN-2003-1138 (The default configuration of Apache 2.0.40, as shipped with Red Hat ...) - TODO: check + NOTE: not-for-us (Red Hat specific) CAN-2003-1137 (Charles Steinkuehler sh-httpd 0.3 and 0.4 allows remote attackers to ...) - TODO: check + NOTE: not-for-us (sh-httpd) CAN-2003-1136 (Cross-site scripting (XSS) vulnerability in Chi Kien Uong Guestbook ...) - TODO: check + NOTE: not-for-us (Chi Kien Uong Guestbook) CAN-2003-1135 (Buffer overflow in Yahoo! Messenger 5.6 allows remote attackers to ...) - TODO: check + NOTE: not-for-us (Yahoo! Messenger) CAN-2003-1134 (Sun Java 1.3.1, 1.4.1, and 1.4.2 allows local users to cause a denial ...) - TODO: check + NOTE: not-for-us (Sun JVM) CAN-2003-1133 (Rit Research Labs The Bat! 1.0.11 through 2.0 creates new accounts ...) - TODO: check + NOTE: not-for-us (The Bat!) CAN-2002-1660 (calendar.php in vBulletin 2.0.3 and earlier allows remote attackers to ...) - TODO: check + NOTE: not-for-us (vBulletin) CAN-2002-1659 (user_profile.asp in PortalApp 2.2 allows local users to gain ...) - TODO: check + NOTE: not-for-us (PortalApp) CAN-2001-1477 (The Domain gateway in BEA Tuxedo 7.1 does not perform authorization ...) - TODO: check -end claimed by djoume + NOTE: not-for-us (BEA Tuxedo) CAN-2005-XXXX [phpbb2: Security issue in url/bbcode] - phpbb2 2.0.13+1-6 CAN-2005-1477 (The install function in Firefox 1.0.3 allows remote web sites on the ...)