Moritz Muehlenhoff
2005-May-25 09:22 UTC
[Secure-testing-commits] r1147 - sarge-checks/CAN
Author: jmm-guest Date: 2005-05-25 09:22:07 +0000 (Wed, 25 May 2005) New Revision: 1147 Modified: sarge-checks/CAN/list Log: CANify snmp, imagemagick and gdb claim a block Modified: sarge-checks/CAN/list ==================================================================--- sarge-checks/CAN/list 2005-05-25 09:14:21 UTC (rev 1146) +++ sarge-checks/CAN/list 2005-05-25 09:22:07 UTC (rev 1147) @@ -1,3 +1,4 @@ +begin claimed by jmm CAN-2005-1750 (SQL injection vulnerability in login.asp in ezdwc NewsletterEz 3.0 ...) TODO: check CAN-2005-1749 (Buffer overflow in BEA WebLogic Server and WebLogic Express 6.1 ...) @@ -19,9 +20,9 @@ CAN-2005-1741 (Gearbox Software Halo Combat Evolved 1.6 allows remote attackers to ...) TODO: check CAN-2005-1740 (fixproc in Net-snmp 5.x before 5.2.1-r1 creates temporary files ...) - TODO: check + - net-snmp (unfixed; bug filed) CAN-2005-1739 (The XWD Decoder in ImageMagick before 6.2.2.3, and GraphicsMagick ...) - TODO: check + - imagemagick (unfixed; bug #310690) CAN-2005-1738 (Multiple format string vulnerabilities in the (1) logPrintBadfile ...) TODO: check CAN-2005-1737 (Multiple unknown vulnerabilities in PROMS 0.11 allow "non-authorized ...) @@ -90,8 +91,9 @@ TODO: check CAN-2005-1705 (gdb before 6.3 searches the current working directory to load the ...) TODO: check +end claimed by jmm CAN-2005-1704 (Integer overflow in the BFD library for gdb before 6.3 allows ...) - TODO: check + - gdb (unfixed; bug #308624) CAN-2005-1703 (Warrior Kings: Battles 1.23 and earlier allows remote attackers to ...) TODO: check CAN-2005-1702 (Format string vulnerability in Warrior Kings: Battles 1.23 and earlier ...) @@ -268,10 +270,6 @@ TODO: check CAN-2000-1224 (Caucho Technology Resin 1.2 and possibly earlier allows remote ...) TODO: check -CAN-2005-XXXX [imagemagick xwd endless loop DoS] - - imagemagick (unfixed; bug #310690) -CAN-2005-XXXX [Insecure tempfile handling in net-snmp''s fixproc] - - net-snmp (unfixed; bug filed) CAN-2005-XXXX [Two DoS condition in ekg] - ekg 1:1.5+20050411-3 CAN-2005-XXXX [lcrash affected by libbfd integer overflows] @@ -584,8 +582,6 @@ CAN-2005-XXXX [Integer overflow in binutils'' ELF parsing] - binutils 2.15-6 - kmd (unfixed; bug #310139) -CAN-2005-XXXX [Integer overflow in gdb''s ELF parsing] - - gdb (unfixed; bug #308624) CAN-2005-XXXX [Multiple vulnerabilities in HT editor] - ht 0.8.0-2 CAN-2005-XXXX [unrar: opens /tmp/debug_unrar.txt]