Secure testing commits - Apr 2005 - r841 - sarge-checks/CAN

Author: joeyh
Date: 2005-04-18 09:14:18 +0000 (Mon, 18 Apr 2005)
New Revision: 841

Modified:
   sarge-checks/CAN/list
Log:
automatic CAN database update

Modified: sarge-checks/CAN/list
==================================================================---
sarge-checks/CAN/list	2005-04-18 07:26:14 UTC (rev 840)
+++ sarge-checks/CAN/list	2005-04-18 09:14:18 UTC (rev 841)
@@ -1,3 +1,91 @@
+CAN-2005-1150 (Unknown vulnerability in Sun Java System Web Server 6.0 SP7 and
...)
+	TODO: check
+CAN-2005-1149 (SQL injection vulnerability in admin/login.asp in aspclick.it
ACNews ...)
+	TODO: check
+CAN-2005-1148 (calendar.pl in CalendarScript 3.21 allows remote attackers to
obtain ...)
+	TODO: check
+CAN-2005-1147 (calendar.pl in CalendarScript 3.20 allows remote attackers to
obtain ...)
+	TODO: check
+CAN-2005-1146 (Cross-site scripting (XSS) vulnerability in the login command in
...)
+	TODO: check
+CAN-2005-1145 (Cross-site scripting (XSS) vulnerability in calendar.pl in ...)
+	TODO: check
+CAN-2005-1144 (popup.php in EasyPHPCalendar allows remote attackers to obtain
...)
+	TODO: check
+CAN-2005-1143 (Cross-site scripting (XSS) vulnerability in index.php in ...)
+	TODO: check
+CAN-2005-1142 (Heap-based buffer overflow in the readpgm function in pnm.c for
GOCR ...)
+	TODO: check
+CAN-2005-1141 (Integer overflow in the readpgm function in pnm.c for GOCR 0.40,
when ...)
+	TODO: check
+CAN-2005-1140 (Cross-site scripting (XSS) vulnerability in myBloggie 2.1.1
allows ...)
+	TODO: check
+CAN-2005-1139 (Opera 8 Beta 3, when using first-generation vetted digital ...)
+	TODO: check
+CAN-2005-1138 (Unknown vulnerability in WebMail in Kerio MailServer before
6.0.9 ...)
+	TODO: check
+CAN-2005-1137 (Simple PHP Blog (sphpBlog) 0.4.0 allows remote attackers to
obtain ...)
+	TODO: check
+CAN-2005-1136 (Simple PHP Blog (sphpBlog) 0.4.0 stores the (1) password.txt and
(2) ...)
+	TODO: check
+CAN-2005-1135 (Cross-site scripting (XSS) vulnerability in search.php for
Simple PHP ...)
+	TODO: check
+CAN-2005-1134 (SQL injection vulnerability in exit.php for Serendipity 0.8 and
...)
+	TODO: check
+CAN-2005-1133 (The POP3 server in IBM iSeries AS/400 returns different error
messages ...)
+	TODO: check
+CAN-2005-1132 (LG U8120 modile phone allows remote attackers to cause a denial
of ...)
+	TODO: check
+CAN-2005-1131 (Unknown vulnerability in Veritas i3 Focalpoint Server 7.1 and
earlier ...)
+	TODO: check
+CAN-2005-1130 (Cross-site scripting (XSS) vulnerability in index.php in
Pinnacle Cart ...)
+	TODO: check
+CAN-2005-1129 (eGroupWare 1.0.6 and earlier, when an e-mail is composed with an
...)
+	TODO: check
+CAN-2005-1128 (Multiple SQL injection vulnerabilities in VHCS 2.4 and earlier
allow ...)
+	TODO: check
+CAN-2005-1127 (Format string vulnerability in the log function in Net::Server
0.87 ...)
+	TODO: check
+CAN-2005-1126 (The SIOCGIFCONF ioctl (ifconf function) in FreeBSD 4.x through
4.11 ...)
+	TODO: check
+CAN-2005-1125 (Race condition in libsafe 2.0.16 and earlier, when running in
...)
+	TODO: check
+CAN-2005-1124 (Unknown vulnerability in the libgss Generic Security Services
Library ...)
+	TODO: check
+CAN-2005-1123 (Monkey daemon (monkeyd) before 0.9.1 allows remote attackers to
cause ...)
+	TODO: check
+CAN-2005-1122 (Format string vulnerability in cgi.c for Monkey daemon (monkeyd)
...)
+	TODO: check
+CAN-2005-1121 (Format string vulnerability in Oops! Proxy Server 1.5.53 and
earlier ...)
+	TODO: check
+CAN-2005-1120 (Multiple cross-site scripting (XSS) vulnerabilities in IlohaMail
...)
+	TODO: check
+CAN-2005-1119 (Sudo VISudo 1.6.8 and earlier allows local users to corrupt
arbitrary ...)
+	TODO: check
+CAN-2005-1118 (Cross-site scripting (XSS) vulnerability in IISWebAgentIF.dll in
the ...)
+	TODO: check
+CAN-2005-1117 (PHP remote code injection vulnerability in index.php in ...)
+	TODO: check
+CAN-2005-1116 (Cross-site scripting (XSS) vulnerability in the Calendar module
for ...)
+	TODO: check
+CAN-2005-1115 (Multiple cross-site scripting (XSS) vulnerabilities in Photo
Album ...)
+	TODO: check
+CAN-2005-1114 (Multiple SQL injection vulnerabilities in album_search.php in
Photo ...)
+	TODO: check
+CAN-2005-1113 (Multiple cross-site scripting (XSS) vulnerabilities in PhpBB
Plus 1.52 ...)
+	TODO: check
+CAN-2005-1112 (IBM WebSphere Application Server 6.0 and earlier, when sharing
the ...)
+	TODO: check
+CAN-2005-1111 (Race condition in cpio 2.6 and earlier allows local users to
modify ...)
+	TODO: check
+CAN-2005-1110 (Stack-based buffer overflow in the RespondeHTTPPendiente
function in ...)
+	TODO: check
+CAN-2005-1109 (The filtering of URLs in JunkBuster before 2.0.2-r3 allows
remote ...)
+	TODO: check
+CAN-2005-1108 (The ij_untrusted_url function in JunkBuster 2.0.2-r2, with ...)
+	TODO: check
+CAN-2005-1107
+	NOTE: reserved
 CAN-2005-XXXX [Multiple further vulnerabilities in Mozilla/Firefox beside
CAN-2005-0989]
 	NOTE: Mozilla suite is not affected by all of these issues
 	- mozilla-firefox 1.0.3-1
@@ -910,6 +998,7 @@
 CAN-2005-0753
 	NOTE: reserved
 CAN-2005-0752 [PLUGINSPAGE privileged javascript execution in Firefox] 
+	NOTE: reserved
 	- mozilla-firefox 1.0.3-1
 CAN-2005-0751
 	NOTE: reserved
@@ -1521,7 +1610,7 @@
 	TODO: not-for-us (MSIE)
 CAN-2005-0552
 	NOTE: reserved
-CAN-2005-0551 (The Client Server Runtime System (CSRSS) process of Microsoft
Windows ...)
+CAN-2005-0551 (Stack-based buffer overflow in WINSRV.DLL in the Client Server
Runtime ...)
 	NOTE: not-for-us (Microsoft)
 CAN-2005-0550 (Buffer overflow in Microsoft Windows 2000, Windows XP SP1 and
SP2, and ...)
 	NOTE: not-for-us (Microsoft)
@@ -4222,8 +4311,8 @@
 	NOTE: not-for-us (Darwin Streaming Server)
 CAN-2004-1122 (Safari 1.x to 1.2.4, and possibly other versions, allows
inactive ...)
 	NOTE: not-for-us (Safari)
-CAN-2004-1121
-	NOTE: reserved
+CAN-2004-1121 (Apple Safari 1.0 through 1.2.3 allows remote attackers to spoof
the ...)
+	TODO: check
 CAN-2004-1120 (Mulitple buffer overflows in (1) http.c, (2) http-retr.c, (3)
main.c ...)
 	{DSA-663-1}
 	- prozilla 1:1.3.7.3-1
@@ -4290,24 +4379,24 @@
 	{DSA-639-1}
 CAN-2004-1090 (Midnight commander (mc) 4.5.55 and earlier allows remote
attackers to ...)
 	{DSA-639-1}
-CAN-2004-1089
-	NOTE: reserved
-CAN-2004-1088
-	NOTE: reserved
-CAN-2004-1087
-	NOTE: reserved
-CAN-2004-1086
-	NOTE: reserved
-CAN-2004-1085
-	NOTE: reserved
-CAN-2004-1084
-	NOTE: reserved
-CAN-2004-1083
-	NOTE: reserved
+CAN-2004-1089 (Unknown vulnerability in Apple Mac OS X 10.3.6 server, when
using ...)
+	TODO: check
+CAN-2004-1088 (Postfix server for Apple Mac OS X 10.3.6, when using CRAM-MD5,
allows ...)
+	TODO: check
+CAN-2004-1087 (Terminal for Apple Mac OS X 10.3.6 may indicate that
"Secure Keyboard ...)
+	TODO: check
+CAN-2004-1086 (Buffer overflow in PSNormalizer for Apple Mac OS X 10.3.6 allows
...)
+	TODO: check
+CAN-2004-1085 (Human Interface Toolbox (HIToolBox) for Apple Mac 0S X 10.3.6
allows ...)
+	TODO: check
+CAN-2004-1084 (Apache for Apple Mac OS X 10.2.8 and 10.3.6 allows remote
attackers to ...)
+	TODO: check
+CAN-2004-1083 (Apache for Apple Mac OS X 10.2.8 and 10.3.6 restricts access to
files ...)
+	TODO: check
 CAN-2004-1082
 	NOTE: reserved
-CAN-2004-1081
-	NOTE: reserved
+CAN-2004-1081 (The Application Framework (AppKit) for Apple Mac OS X 10.2.8 and
...)
+	TODO: check
 CAN-2004-1080 (The WINS service (wins.exe) on Microsoft Windows NT Server 4.0,
...)
 	NOTE: not-for-us (Microsoft)
 CAN-2004-1079 (Buffer overflow in (1) ncplogin and (2) ncpmap in nwclient.c for
ncpfs ...)
@@ -4940,10 +5029,10 @@
 	NOTE: not-for-us (netscape NSS)
 CAN-2004-0825 (QuickTime Streaming Server in Mac OS X Server 10.2.8, 10.3.4,
and ...)
 	NOTE: not-for-us (Apple)
-CAN-2004-0824
-	NOTE: reserved
-CAN-2004-0823
-	NOTE: reserved
+CAN-2004-0824 (PPPDialer for Mac OS X 10.2.8 through 10.3.5 allows local users
to ...)
+	TODO: check
+CAN-2004-0823 (OpenLDAP 1.0 through 2.1.19, as used in Apple Mac OS 10.3.4 and
10.3.5 ...)
+	TODO: check
 CAN-2004-0822 (Buffer overflow in The Core Foundation framework ...)
 	NOTE: not-for-us (Apple)
 CAN-2004-0821 (The CFPlugIn in Core Foundation framework in Mac OS X allows
user ...)
@@ -5340,16 +5429,16 @@
 	{DSA-543-1}
 CAN-2004-0642 (Double-free vulnerabilities in the error handling code for ASN.1
...)
 	{DSA-543-1}
-CAN-2004-0641
-	NOTE: reserved
+CAN-2004-0641 (Thomson SpeedTouch 510 ADSL Router with firmware GV8BAA3.270,
and ...)
+	TODO: check
 CAN-2004-0640 (Format string vulnerability in the SSL_set_verify function in
...)
 	{DSA-529}
 CAN-2004-0639 (Multiple cross-site scripting (XSS) vulnerabilities in
Squirrelmail ...)
 	{DSA-535}
 CAN-2004-0638 (Buffer overflow in the KSDWRTB function in the dbms_system
package ...)
 	NOTE: not-for-us (Oracle)
-CAN-2004-0637
-	NOTE: reserved
+CAN-2004-0637 (Oracle Database Server 8.1.7.4 through 9.2.0.4 allows local
users to ...)
+	TODO: check
 CAN-2004-0636 (Buffer overflow in the goaway function in the aim:goaway URI
handler ...)
 	NOTE: not-for-us (AOL Instant Messenger)
 CAN-2004-0635 (The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows
remote ...)
@@ -5562,10 +5651,10 @@
 	- tripwire 2.3.1.2.0-2.1
 CAN-2004-0535 (The e1000 driver for Linux kernel 2.4.26 and earlier does not
properly ...)
 	NOTE: fixed in 2.4.27
-CAN-2004-0534
-	NOTE: reserved
-CAN-2004-0533
-	NOTE: reserved
+CAN-2004-0534 (Cross-site scripting (XSS) vulnerability in Business Objects
InfoView ...)
+	TODO: check
+CAN-2004-0533 (Business Objects WebIntelligence 2.7.0 through 2.7.4 only
enforces ...)
+	TODO: check
 CAN-2004-0532
 	NOTE: reserved
 CAN-2004-0531
@@ -5872,8 +5961,8 @@
 	- apache 1.3.31-2
 CAN-2004-0391 (Cisco Wireless LAN Solution Engine (WLSE) 2.0 through 2.5 and
Hosting ...)
 	NOTE: not-for-us (Cisco Wireless LAN Solution Engine)
-CAN-2004-0390
-	NOTE: reserved
+CAN-2004-0390 (SCO OpenServer 5.0.5 through 5.0.7 only supports Xauthority
style ...)
+	TODO: check
 CAN-2004-0389 (RealNetworks Helix Universal Server 9.0.1 and 9.0.2 allows
remote ...)
 	NOTE: not-for-us (RealNetworks Helix Universal Server)
 CAN-2004-0388 (The mysqld_multi script in MySQL allows local users to overwrite
...)
@@ -5914,8 +6003,8 @@
 	{DSA-476}
 CAN-2004-0370 (The setsockopt call in the KAME Project IPv6 implementation, as
used ...)
 	NOTE: not-for-us (KAME)
-CAN-2004-0369
-	NOTE: reserved
+CAN-2004-0369 (Buffer overflow in Entrust LibKmp ISAKMP library, as used by
Symantec ...)
+	TODO: check
 CAN-2004-0368 (Double-free vulnerability in dtlogin in CDE on Solaris, HP-UX,
and ...)
 	NOTE: not-for-us (CDE)
 CAN-2004-0367 (Ethereal 0.10.1 to 0.10.2 allows remote attackers to cause a
denial of ...)
@@ -6414,8 +6503,8 @@
 	NOTE: not-for-us (Safari)
 CAN-2004-0091 (Cross-site scripting (XSS) vulnerability in register.php for
unknown ...)
 	NOTE: not-for-us (vBulletin)
-CAN-2004-0090
-	NOTE: reserved
+CAN-2004-0090 (Unknown vulnerability in Windows File Sharing for Mac OS X
10.1.5 ...)
+	TODO: check
 CAN-2004-0088 (The System Configuration subsystem in Mac OS 10.2.8 allows local
users ...)
 	NOTE: not-for-us (MacOS)
 CAN-2004-0087 (The System Configuration subsystem in Mac OS 10.2.8 and 10.3.2
allows ...)
@@ -6661,8 +6750,8 @@
 	NOTE: not-for-us (Apple)
 CAN-2003-1006 (Buffer overflow in cd9660.util in Apple Mac OS X 10.0 through
10.3.2 ...)
 	NOTE: not-for-us (Apple)
-CAN-2003-1005
-	NOTE: reserved
+CAN-2003-1005 (The PKI functionality in Mac OS X 10.2.8 and 10.3.2 allows
remote ...)
+	TODO: check
 CAN-2003-1004 (Cisco PIX firewall 6.2.x through 6.2.3, when configured as a VPN
...)
 	NOTE: not-for-us (Cisco)
 CAN-2003-1003 (Cisco PIX firewall 5.x.x, and 6.3.1 and earlier, allows remote
...)
@@ -6762,8 +6851,8 @@
 	NOTE: reserved
 CAN-2003-0955 (OpenBSD kernel 3.3 and 3.4 allows local users to cause a denial
of ...)
 	NOTE: not-for-us (OpenBSD)
-CAN-2003-0954
-	NOTE: reserved
+CAN-2003-0954 (Buffer overflow in rcp for AIX 4.3.3, 5.1 and 5.2 allows local
users ...)
+	TODO: check
 CAN-2003-0953
 	NOTE: reserved
 CAN-2003-0952
@@ -6866,8 +6955,8 @@
 	{DSA-402}
 CAN-2003-0901 (Buffer overflow in to_ascii for PostgreSQL 7.2.x, and 7.3.x
before ...)
 	{DSA-397}
-CAN-2003-0900
-	NOTE: reserved
+CAN-2003-0900 (Perl 5.8.1 on Fedora Core does not properly initialize the
random ...)
+	TODO: check
 CAN-2003-0899 (Buffer overflow in defang in libhttpd.c for thttpd 2.21 to
2.23b1 ...)
 	{DSA-396}
 CAN-2003-0898 (IBM DB2 7.2 before FixPak 10a, and earlier versions including
7.1, ...)
@@ -7101,8 +7190,8 @@
 	- gdm 2.4.4.4
 CAN-2003-0792 (Fetchmail 6.2.4 and earlier does not properly allocate memory
for long ...)
 	- fetchmail 6.2.5
-CAN-2003-0791
-	NOTE: reserved
+CAN-2003-0791 (The Script.prototype.freeze/thaw functionality in Mozilla 1.4
and ...)
+	TODO: check
 CAN-2003-0790
 	NOTE: rejected
 CAN-2003-0789 (mod_cgid in Apache before 2.0.48, when using a threaded MPM,
does not ...)
@@ -7291,8 +7380,7 @@
 	NOTE: fixed in 2.4.22-pre3
 CAN-2003-0699 (The C-Media PCI sound driver in Linux before 2.4.21 does not use
the ...)
 	NOTE: fixed in 2.4.21-rc2
-CAN-2003-0698
-	NOTE: reserved
+CAN-2003-0698 (Buffer overflow in Exim before 4.21 allows remote attackers to
cause a ...)
 	- exim 3.36-8
 CAN-2003-0697 (Format string vulnerability in lpd in the bos.rte.printers
fileset for ...)
 	NOTE: not-for-us (AIX)
@@ -7396,10 +7484,9 @@
 	NOTE: not-for-us (ActiveX)
 CAN-2003-0645 (man-db 2.3.12 and 2.3.18 to 2.4.1 uses certain user-controlled
DEFINE ...)
 	{DSA-364}
-CAN-2003-0644
-	NOTE: reserved
-CAN-2003-0643
-	NOTE: reserved
+CAN-2003-0644 (Kdbg 1.1.0 through 1.2.8 does not check permissions of the
.kdbgrc ...)
+	TODO: check
+CAN-2003-0643 (Integer signedness error in the Linux Socket Filter
implementation ...)
 	{DSA-358}
 	NOTE: fixed in 2.4.22-pre10 (Introduced in 2.4.3-pre3)
 CAN-2003-0642 (WatchGuard ServerLock for Windows 2000 before SL 2.0.4 allows
local ...)
@@ -7432,10 +7519,10 @@
 	NOTE: not-for-us (peoplesoft)
 CAN-2003-0628 (PeopleSoft Gateway Administration servlet
(gateway.administration) in ...)
 	NOTE: not-for-us (peoplesoft)
-CAN-2003-0627
-	NOTE: reserved
-CAN-2003-0626
-	NOTE: reserved
+CAN-2003-0627 (psdoccgi.exe in PeopleSoft PeopleTools 8.4 through 8.43 allows
remote ...)
+	TODO: check
+CAN-2003-0626 (psdoccgi.exe in PeopleSoft PeopleTools 8.4 through 8.43 allows
remote ...)
+	TODO: check
 CAN-2003-0625 (Off-by-one error in certain versions of xfstt allows remote
attackers ...)
 	{DSA-360}
 CAN-2003-0624 (Cross-site scripting (XSS) vulnerability in InteractiveQuery.jsp
for ...)
@@ -7873,8 +7960,8 @@
 	NOTE: not-for-us (Apple)
 CAN-2003-0421 (Apple QuickTime / Darwin Streaming Server before 4.1.3f allows
remote ...)
 	NOTE: not-for-us (Apple)
-CAN-2003-0420
-	NOTE: reserved
+CAN-2003-0420 (Information leak in dsimportexport for Apple Macintosh OS X
Server ...)
+	TODO: check
 CAN-2003-0419 (SMC Networks Barricade Wireless Cable/DSL Broadband Router
SMC7004VWBR ...)
 	NOTE: not-for-us (SMC)
 CAN-2003-0418 (The Linux 2.0 kernel IP stack does not properly calculate the
size of ...)
@@ -7987,8 +8074,8 @@
 	NOTE: not-for-us (ICQLite)
 CAN-2003-0364 (The TCP/IP fragment reassembly handling in the Linux kernel 2.4
allows ...)
 	{DSA-442 DSA-336 DSA-332 DSA-311}
-CAN-2003-0363
-	NOTE: reserved
+CAN-2003-0363 (Format string vulnerability in LICQ 1.2.6, 1.0.3 and possibly
other ...)
+	TODO: check
 CAN-2003-0362 (Buffer overflow in gPS before 0.10.2 may allow local users to
cause a ...)
 	{DSA-307}
 CAN-2003-0361 (gPS before 1.1.0 does not properly follow the rgpsp connection
source ...)
@@ -8558,8 +8645,8 @@
 	{DSA-496}
 CAN-2003-0063
 	{DSA-380}
-CAN-2003-0061
-	NOTE: reserved
+CAN-2003-0061 (Buffer overflow in passwd for HP UX B.10.20 allows local users
to ...)
+	TODO: check
 CAN-2003-0060 (Format string vulnerabilities in the logging routines for MIT
Kerberos ...)
 	- krb5 1.2.4
 CAN-2003-0057 (Multiple buffer overflows in Hypermail 2 before 2.1.6 allows
remote ...)
@@ -8975,7 +9062,7 @@
 	{DSA-232}
 	- cupsys 1.1.18-1
 CAN-2002-1370
-	NOTE: reserved
+	NOTE: rejected
 CAN-2002-1369
 	{DSA-232}
 	- cupsys 1.1.18-1
@@ -9012,14 +9099,14 @@
 	- ethereal 0.9.8-1
 CAN-2002-1355 (Multiple integer signedness errors in the BGP dissector in
Ethereal ...)
 	- ethereal 0.9.8-1
-CAN-2002-1354
-	NOTE: reserved
-CAN-2002-1353
-	NOTE: reserved
+CAN-2002-1354 (Directory traversal vulnerability in TYPSoft FTP Server 0.99.8
allows ...)
+	TODO: check
+CAN-2002-1353 (LocalWEB2000 HTTP server 2.1.0 stores passwords in plain text
under ...)
+	TODO: check
 CAN-2002-1352 (Per Magne Knutsen''s CartMan shopping cart (cartman.php)
1.04 and ...)
 	NOTE: not-for-us (CartMan)
-CAN-2002-1351
-	NOTE: reserved
+CAN-2002-1351 (Buffer overflow in Melange Chat System 1.10 allows remote
attackers to ...)
+	TODO: check
 CAN-2002-1350
 	{DSA-206}
 	- tcpdump 3.6.2-2.2
@@ -9093,8 +9180,8 @@
 CAN-2002-1313
 	{DSA-198}
 	- nullmailer 1.00RC5-17
-CAN-2002-1312
-	NOTE: reserved
+CAN-2002-1312 (Buffer overflow in the Web management interface in Linksys
BEFW11S4 ...)
+	TODO: check
 CAN-2002-1311
 	{DSA-197}
 	- courier 0.40.0-1
@@ -9154,8 +9241,8 @@
 	{DSA-204}
 CAN-2002-1281 (Unknown vulnerability in the rlogin KIO subsystem
(rlogin.protocol) of ...)
 	{DSA-204}
-CAN-2002-1280
-	NOTE: reserved
+CAN-2002-1280 (Memory leak in RealSecure Event Collector 6.5 allows attackers
to ...)
+	TODO: check
 CAN-2002-1279 (Multiple buffer overflows in conf.c for Masqmail 0.1.x before
0.1.17, ...)
 	{DSA-194}
 CAN-2002-1277
@@ -11086,14 +11173,10 @@
 CAN-2001-0171 (Buffer overflow in SlimServe HTTPd 1.0 allows remote attackers
to ...)
 CAN-2001-0168 (Buffer overflow in AT&T WinVNC (Virtual Network
Computing) server ...)
 CAN-2001-0167 (Buffer overflow in AT&T WinVNC (Virtual Network
Computing) client ...)
-CAN-2001-0163
-	NOTE: reserved
-CAN-2001-0162
-	NOTE: reserved
-CAN-2001-0161
-	NOTE: reserved
-CAN-2001-0160
-	NOTE: reserved
+CAN-2001-0163 (Cisco AP340 base station produces predictable TCP Initial
Sequence ...)
+CAN-2001-0162 (WinCE 3.0.9348 generates predictable TCP Initial Sequence
Numbers ...)
+CAN-2001-0161 (Cisco 340-series Aironet access point using firmware 11.01 does
not ...)
+CAN-2001-0160 (Lucent/ORiNOCO WaveLAN cards generate predictable Initialization
...)
 CAN-2001-0159
 	NOTE: reserved
 CAN-2001-0158