Author: jmm-guest Date: 2005-04-19 10:04:16 +0000 (Tue, 19 Apr 2005) New Revision: 856 Modified: sarge-checks/CAN/list Log: some more not-for-us Modified: sarge-checks/CAN/list ==================================================================--- sarge-checks/CAN/list 2005-04-19 09:55:03 UTC (rev 855) +++ sarge-checks/CAN/list 2005-04-19 10:04:16 UTC (rev 856) @@ -1,29 +1,29 @@ CAN-2005-1173 (Buffer overflow in PMSoftware Simple Web Server 1.0 allows remote ...) - TODO: check + NOTE: not-for-us (PMSoftware Simple Web Server) CAN-2005-1172 (Cross-site scripting (XSS) vulnerability in init.inc.php in Coppermine ...) - TODO: check + NOTE: not-for-us (Coppermine Photo Gallery) CAN-2005-1171 (Cross-site scripting (XSS) vulnerability in datenbank module for phpBB ...) - TODO: check + TODO: check, whether this is part of standard phpBB or an addon CAN-2005-1170 (SQL injection vulnerability in datenbank module for phpBB allows ...) - TODO: check + TODO: check, whether this is part of standard phpBB or an addon CAN-2005-1169 (Mafia Blog .4 BETA does not properly protect the admin directory, ...) - TODO: check + NOTE: not-for-us (Mafia Blog) CAN-2005-1168 (DiagCollectionControl.dll in Musicmatch 10.00.2047 and earlier allows ...) - TODO: check + NOTE: not-for-us (Musicmatch) CAN-2005-1167 (Musicmatch 10.00.2047 and earlier store log files in the Program Files ...) - TODO: check + NOTE: not-for-us (Musicmatch) CAN-2005-1166 (The DNTUS26 process in Dameware NT Utilities and the DWRCS process in ...) - TODO: check + NOTE: not-for-us (Dameware) CAN-2005-1165 (Yager 5.24 and earlier allows remote attackers to cause a denial of ...) - TODO: check + NOTE: not-for-us (Yager game) CAN-2005-1164 (Yager 5.24 and earlier allows remote attackers to cause a denial of ...) - TODO: check + NOTE: not-for-us (Yager game) CAN-2005-1163 (Multiple buffer overflows in Yager 5.24 and earlier allow remote ...) - TODO: check + NOTE: not-for-us (Yager game) CAN-2005-1162 (Multiple cross-site scripting (XSS) vulnerabilities in OneWorldStore ...) - TODO: check + NOTE: not-for-us (OneWorldStore) CAN-2005-1161 (Multiple SQL injection vulnerabilities in OneWorldStore allow remote ...) - TODO: check + NOTE: not-for-us (OneWorldStore) CAN-2005-1160 (The privileged "chrome" UI code in Firefox before 1.0.3 and Mozilla ...) - mozilla-firefox 1.0.3-1 - mozilla 1.7.7-1 @@ -41,7 +41,6 @@ CAN-2005-1155 (The favicon functionality in Firefox before 1.0.3 and Mozilla Suite ...) - mozilla-firefox 1.0.3-1 - mozilla 1.7.7-1 - TODO: check CAN-2005-1154 (Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote ...) - mozilla-firefox 1.0.3-1 - mozilla 1.7.7-1 @@ -145,7 +144,7 @@ NOTE: only part of Woody, has been removed from Sarge and sid NOTE: not-for-us (Junkbuster) CAN-2005-1107 (McAfee Internet Security Suite 2005 uses insecure default ACLs for ...) - TODO: check + NOTE: not-for-us (McAfee) CAN-2005-XXXX [Remote DoS vulnerabilities in postgrey] - postgrey 1.21-1 CAN-2005-1106 (PictureViewer in QuickTime for Windows 6.5.2 allows remote attackers ...) @@ -434,7 +433,7 @@ CAN-2005-0977 (The shmem_nopage function in shmem.c for the tmpfs driver in Linux ...) - kernel-source-2.6.8 2.6.8-16 CAN-2005-0976 (AppleWebKit (WebCore and WebKit), as used in multiple products such as ...) - TODO: check + NOTE: not-for-us (Apple) CAN-2005-0975 NOTE: reserved CAN-2005-0974