thr3ads.net - Secure testing commits - [Secure-testing-commits] r869

If this information is useful, please help other people find it:
Share via:
Joey Hess
2005-Apr-20 09:14 UTC
[Secure-testing-commits] r869 - sarge-checks/CAN

Author: joeyh
Date: 2005-04-20 09:14:24 +0000 (Wed, 20 Apr 2005)
New Revision: 869

Modified:
   sarge-checks/CAN/list
Log:
automatic CAN database update

Modified: sarge-checks/CAN/list
==================================================================---
sarge-checks/CAN/list	2005-04-20 08:45:44 UTC (rev 868)
+++ sarge-checks/CAN/list	2005-04-20 09:14:24 UTC (rev 869)
@@ -1,3 +1,41 @@
+CAN-2005-1191 (The Web View DLL (webvw.dll), as used in Windows Explorer on
Windows ...)
+	TODO: check
+CAN-2005-1190 (WebcamXP PRO v2.16.468 and earlier allows remote attackers to
cause a ...)
+	TODO: check
+CAN-2005-1189 (Cross-site scripting (XSS) vulnerability in WebcamXP PRO
v2.16.468 and ...)
+	TODO: check
+CAN-2005-1188 (Cross-site scripting (XSS) vulnerability in
comersus_searchItem.asp in ...)
+	TODO: check
+CAN-2005-1187 (Heap-based buffer overflow in WinHex 12.05 SR-14, and possibly
other ...)
+	TODO: check
+CAN-2005-1186 (Musicmatch Jukebox 10.00.2047 and earlier adds the
musicmatch.com ...)
+	TODO: check
+CAN-2005-1185 (MMFWLaunch.exe in Musicmatch Jukebox 10.00.2047 and earlier does
not ...)
+	TODO: check
+CAN-2005-1184 (The TCP/IP stack in multiple operating systems allows remote
attackers ...)
+	TODO: check
+CAN-2005-1183 (Cross-site scripting (XSS) vulnerability in mvnForum 1.0 RC4
allows ...)
+	TODO: check
+CAN-2005-1182 (Unknown vulnerability in Incoming Remote Command (iSeries Access
for ...)
+	TODO: check
+CAN-2005-1181 (PHP remote code injection vulnerability in loader.php for
Ariadne CMS ...)
+	TODO: check
+CAN-2005-1180 (HTTP Response Splitting vulnerability in the Surveys module in
...)
+	TODO: check
+CAN-2005-1179 (Unknown vulnerability in Xerox MicroServer Web Server for
various ...)
+	TODO: check
+CAN-2005-1178 (SQL injection vulnerability in Oracle Forms 10g allows remote
...)
+	TODO: check
+CAN-2005-1177 (Unknown vulnerability in (1) Webmin and (2) Usermin before 1.200
...)
+	TODO: check
+CAN-2005-1176 (Race condition in JFS2 on AIX 5.2 and 5.3, when deleting a file
while ...)
+	TODO: check
+CAN-2005-1175
+	NOTE: reserved
+CAN-2005-1174
+	NOTE: reserved
+CAN-2004-1774 (Buffer overflow in the SDO_CODE_SIZE peocedure of the MD2
package ...)
+	TODO: check
 CAN-2005-XXXX [Heap overflow in xine-lib''s RTSP streaming code]
 	- xine-lib (unfixed; bug #305343)
 CAN-2005-1173 (Buffer overflow in PMSoftware Simple Web Server 1.0 allows
remote ...)
@@ -4,9 +42,9 @@
 	NOTE: not-for-us (PMSoftware Simple Web Server)
 CAN-2005-1172 (Cross-site scripting (XSS) vulnerability in init.inc.php in
Coppermine ...)
 	NOTE: not-for-us (Coppermine Photo Gallery)
-CAN-2005-1171 (Cross-site scripting (XSS) vulnerability in datenbank module for
phpBB ...)
+CAN-2005-1171 (Cross-site scripting (XSS) vulnerability in mod.php in the
datenbank ...)
 	NOTE: not-for-us (moddb phpbb2 add-on)
-CAN-2005-1170 (SQL injection vulnerability in datenbank module for phpBB allows
...)
+CAN-2005-1170 (SQL injection vulnerability in mod.php in the datenbank module
for ...)
 	NOTE: not-for-us (moddb phpbb2 add-on)
 CAN-2005-1169 (Mafia Blog .4 BETA does not properly protect the admin
directory, ...)
 	NOTE: not-for-us (Mafia Blog)
@@ -1330,7 +1368,7 @@
 	NOTE: not-for-us (Apple QuickTime/Darwin Streaming Server)
 CAN-2003-1090 (Buffer overflow in AbsoluteTelnet before 2.12 RC10 allows remote
...)
 	NOTE: not-for-us (AbsoluteTelnet)
-CAN-2005-0703 (Unknown vulnerability in Xerox MicroServer Web Server for
various ...)
+CAN-2005-0703 (Xerox MicroServer Web Server for various WorkCentre products
including ...)
 	NOTE: not-for-us (Xerox MicroServer Web Server)
 CAN-2005-0702 (SQL injection vulnerability in phpMyFAQ 1.4 and 1.5 allows
remote ...)
 	NOTE: not-for-us (phpMyFAQ)
@@ -2574,8 +2612,7 @@
 	NOTE: reserved
 CAN-2005-0392
 	NOTE: reserved
-CAN-2005-0391
-	NOTE: reserved
+CAN-2005-0391 (geneweb 4.10 and earlier does not properly check file
permissions and ...)
 	{DSA-712-1}
 CAN-2005-0390 [axel buffer overflow in HTTP redirection handling in conn.c]
 	{DSA-706-1}
@@ -3775,8 +3812,7 @@
 	NOTE: reserved
 CAN-2004-1342
 	NOTE: reserved
-CAN-2004-1341
-	NOTE: reserved
+CAN-2004-1341 (Cross-site scripting (XSS) vulnerability in info2www before
1.2.2.9 ...)
 	{DSA-711-1}
 CAN-2004-1340 (Debian GNU/Linux 3.0 installs the libpam-radius-auth package
with the ...)
 	{DSA-659-1}
Secure testing commits - Apr 2005 - r869 - sarge-checks/CAN

[Secure-testing-commits] r869 - sarge-checks/CAN
