Author: joeyh Date: 2005-02-14 23:42:18 +0100 (Mon, 14 Feb 2005) New Revision: 408 Modified: sarge-checks/CAN/list Log: Checked a boatload of new CANs. De-claimed some of the 2004 CANs that have just been published, as I ran out of energy, I hope someone else can do them.. Modified: sarge-checks/CAN/list ==================================================================--- sarge-checks/CAN/list 2005-02-14 20:59:40 UTC (rev 407) +++ sarge-checks/CAN/list 2005-02-14 22:42:18 UTC (rev 408) @@ -1,43 +1,44 @@ -begin claimed by joeyh - CAN-2005-0383 (Trend Micro Control Manager 3.0 Enterprise Edition allows remote ...) - TODO: check + NOTE: not-for-us (Trend Micro Control Manager) CAN-2005-0382 (Breed patch 1 and earlier allows remote attackers to cause a denial of ...) - TODO: check + NOTE: not-for-us (Breed game) CAN-2005-0381 (Cross-site scripting (XSS) vulnerability in f.aspx in forumKIT 1.0 ...) - TODO: check + NOTE: not-for-us (forumKIT) CAN-2005-0380 (Multiple PHP remote code injection vulnerabilities in (1) ...) - TODO: check + NOTE: not-for-us (ZeroBoard) CAN-2005-0379 (Multiple directory traversal vulnerabilities in ZeroBoard 4.1pl5 and ...) - TODO: check + NOTE: not-for-us (ZeroBoard) CAN-2005-0378 (Multiple cross-site scripting (XSS) vulnerabilities in Horde 3.0 allow ...) - TODO: check + NOTE: horde 2.0 not vulnerable CAN-2005-0377 (SQL injection vulnerability in imageview.php for SGallery 1.01 allows ...) - TODO: check + NOTE: not-for-us (sgallery) CAN-2005-0376 (PHP remote code injection vulnerability in SGallery 1.01 allows local ...) - TODO: check + NOTE: not-for-us (sgallery) CAN-2005-0375 (imageview.php in SGallery 1.01 allows remote attackers to obtain ...) - TODO: check + NOTE: not-for-us (sgallery) CAN-2005-0374 (Cross-site scripting (XSS) vulnerability in Bitboard 2.5 and earlier ...) - TODO: check + NOTE: not-for-us (bitboard) CAN-2005-0373 (Buffer overflow in digestmda5.c in Cyrus-SASL before 2.1.18-r1 allows ...) - TODO: check + NOTE: had to extract gentoo ebuild from rsync.gentoo.org to get details + NOTE: see cyrus-sasl-2.1.18-cvs-1.172.patch in there + NOTE: cyrus-sasl2 already has patch applied + NOTE: cyrus-sasl code seems too old for any of the problems to apply CAN-2005-0372 NOTE: reserved CAN-2005-0371 (Armagetron 0.2.6.0 and earlier and Armagetron Advanced 0.2.7.0 and ...) - TODO: check + - armagetron (unfixed; bug #295294) CAN-2005-0370 (Armagetron 0.2.6.0 and earlier and Armagetron Advanced 0.2.7.0 and ...) - TODO: check + - armagetron (unfixed; bug #295294) CAN-2005-0369 (Armagetron 0.2.6.0 and earlier and Armagetron Advanced 0.2.7.0 earlier ...) - TODO: check + - armagetron (unfixed; bug #295294) CAN-2005-0368 (Multiple SQL injection vulnerabilities in CMScore allow remote ...) - TODO: check + NOTE: not-for-us (CMScore) CAN-2005-0367 (Multiple directory traversal vulnerabilities in ArGoSoft Mail Server ...) - TODO: check + NOTE: not-for-us (ArGoSoft Mail Server) CAN-2005-0366 (The integrity check feature in OpenPGP, when handling a message that ...) - TODO: check + NOTE: not-for-us (openpgp) CAN-2005-0364 (Unknown vulnerability in BIND 9.2.0 in HP-UX B.11.00, B.11.11, and ...) - TODO: check + NOTE: not-for-us (bind on hp-ux) CAN-2005-0361 NOTE: reserved CAN-2005-0360 @@ -61,57 +62,60 @@ CAN-2005-0351 NOTE: reserved CAN-2005-0350 (Heap-based buffer overflow in multiple F-Secure Anti-Virus and ...) - TODO: check + NOTE: not-for-us (F-Secure Anti-Virus) CAN-2005-0349 (The production release of the UniversalAgent for UNIX in BrightStor ...) - TODO: check + NOTE: not-for-us (BrightStor ARCserve Backup) CAN-2004-9999 NOTE: rejected - TODO: check CAN-2004-9998 NOTE: rejected - TODO: check CAN-2004-1486 (Unknown vulnerability in Serviceguard A.11.13 through A.11.16.00 and ...) - TODO: check + NOTE: not-for-us (Serviceguard and Cluster Object Manager on HP-UX, HP Linux) CAN-2004-1485 (Buffer overflow in the TFTP client in InetUtils 1.4.2 allows remote ...) - TODO: check + NOTE: checked inetutils 2:1.4.2+20040207-4; not vulnerable and its tftpd is not shipped + NOTE: atftp checks h_length + NOTE: netkit-tftp not vulnerable + - tftpd-hpa (unfixed; bug #295297) CAN-2004-1484 (Format string vulnerability in the _msg function in error.c in socat ...) - TODO: check + - socat 1.4.0.3-1 CAN-2004-1483 (Multiple unknown vulnerabilities in the ActiveX and HTML file browsers ...) - TODO: check + NOTE: not-for-us (Symantec Clientless VPN Gateway 4400 Series) CAN-2004-1482 (The sbuf_getmsg function in BNC incorrectly handles backspace ...) - TODO: check + NOTE: not-for-us (BNC irc proxy) CAN-2004-1481 (Integer overflow in pnen3260.dll in RealPlayer 8 through 10.5 ...) - TODO: check + NOTE: not-for-us (Real) CAN-2004-1480 (Unknown vulnerability in the management station in HP StorageWorks ...) - TODO: check + NOTE: not-for-us (HP StorageWorks Command View XP) CAN-2004-1479 (The Microsoft IIS Connector in JRun 4.0 and Macromedia ColdFusion MX ...) - TODO: check + NOTE: not-for-us (JRun 4.0 and Macromedia ColdFusion MX) CAN-2004-1478 (JRun 4.0 does not properly generate and handle the JSESSIONID, which ...) - TODO: check + NOTE: not-for-us (JRun) CAN-2004-1477 (Cross-site scripting (XSS) vulnerability in the Management Console in ...) - TODO: check + NOTE: not-for-us (JRun) CAN-2004-1476 (Stack-based buffer overflow in the VideoCD (VCD) code in xine-lib ...) - TODO: check + - xine-lib 1-rc6 + - libcdio 0.69 CAN-2004-1475 (Multiple stack-based buffer overflows in xine-lib 1-rc2 through 1-rc5 ...) - TODO: check + - xine-lib 1-rc6 CAN-2004-1474 (Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running ...) - TODO: check + NOTE: not-for-us (Symantec Enterprise Firewall/VPN Appliances) CAN-2004-1473 (Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running ...) - TODO: check + NOTE: not-for-us (Symantec Enterprise Firewall/VPN Appliances) CAN-2004-1472 (Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running ...) - TODO: check + NOTE: not-for-us (Symantec Enterprise Firewall/VPN Appliances) CAN-2004-1471 (Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, ...) - TODO: check + - cvs 1.12.9 CAN-2004-1470 (CRLF injection vulnerability in SnipSnap 0.5.2a, and other versions ...) - TODO: check + NOTE: not-for-us (snipsnap) CAN-2004-1469 (Format string vulnerability in the log function in SUS 2.0.2, and ...) - TODO: check + NOTE: not-for-us (SUS) CAN-2004-1468 (The web mail functionality in Usermin 1.x and Webmin 1.x allows remote ...) - TODO: check + - webmin 1.160 + - usermin 1.090 CAN-2004-1467 (Multiple cross-site scripting (XSS) vulnerabilities in eGroupWare ...) - TODO: check + - egroupware 1.0.00.004 CAN-2004-1466 (The set_time_limit function in Gallery before 1.4.4_p2 deletes ...) - TODO: check + - gallery 1.4.4-pl2 CAN-2004-1465 (Multiple buffer overflows in WinZip 9.0 and earlier may allow ...) TODO: check CAN-2004-1464 (Cisco IOS 12.2(15) and earlier allows remote attackers to cause a ...) @@ -258,9 +262,6 @@ TODO: check CAN-2003-1083 (Stack-based buffer overflow in Monit 1.4 to 4.1 allows remote ...) TODO: check - -end claimed by joeyh - CAN-2005-0365 (The dcopidlng script in KDE 3.3.2 creates temporary files with ...) - kdelibs 4:3.3.2-2 CAN-2005-0363 @@ -272,7 +273,7 @@ NOTE: http://patches.ubuntu.com/patches/awstats.more-CAN-2005-0016.diff NOTE: http://packetstormsecurity.nl/0501-exploits/AWStatsVulnAnalysis.pdf CAN-2005-0284 (SQL injection vulnerability in addentry.php in Woltlab Burning Book ...) - TODO: check + NOTE: not-for-us (Woltlab Burning Book) CAN-2005-0348 (Directory traversal vulnerability in RealArcade 1.2.0.994 allows ...) NOTE: not-for-us (RealArcade) CAN-2005-0347 (Integer overflow in RealArcade 1.2.0.994 and earlier allows remote ...) @@ -862,7 +863,7 @@ CAN-2005-0115 (Stack-based buffer overflow in DataRescue Interactive Disassembler ...) NOTE: not-for-us (DataRescue Interactive Disassembler) CAN-2005-0114 (vsdatant.sys in Zone Lab ZoneAlarm before 5.5.062.011, ZoneAlarm ...) - TODO: check + NOTE: not-for-us (ZoneAlarm) CAN-2005-0113 (inpview in SGI IRIX allows local users to execute arbitrary commands ...) NOTE: not-for-us (IRIX) CAN-2005-0112 (The web-based administrative interface for 3Com OfficeConnect Wireless ...)