thr3ads.net - Secure testing commits - [Secure-testing-commits] r249

If this information is useful, please help other people find it:
Share via:
Joey Hess
2005-Jan-07 08:14 UTC
[Secure-testing-commits] r249 - sarge-checks/CAN

Author: joeyh
Date: 2005-01-07 09:14:28 +0100 (Fri, 07 Jan 2005)
New Revision: 249

Modified:
   sarge-checks/CAN/list
Log:
automatic CAN database update

Modified: sarge-checks/CAN/list
==================================================================---
sarge-checks/CAN/list	2005-01-06 21:26:46 UTC (rev 248)
+++ sarge-checks/CAN/list	2005-01-07 08:14:28 UTC (rev 249)
@@ -18,9 +18,9 @@
 	NOTE: reserved
 CAN-2005-0023
 	NOTE: reserved
-CAN-2005-0022
+CAN-2005-0022 (Buffer overflow in the spa_base64_to_bits function in Exim
before ...)
 	- exim4 4.34-10
-CAN-2005-0021
+CAN-2005-0021 (Buffer overflow in the host_aton function in Exim before 4.43
may ...)
 	- exim4 4.34-10
 CAN-2005-0020
 	NOTE: reserved
@@ -62,51 +62,52 @@
 	NOTE: reserved
 CAN-2005-0001
 	NOTE: reserved
-CAN-2004-1339
+CAN-2004-1339 (SQL injection vulnerability in the (1) MDSYS.SDO_GEOM_TRIG_INS1
and ...)
 	NOTE: not-for-us (oracle)
-CAN-2004-1338
+CAN-2004-1338 (The triggers in Oracle 9i and 10g allow local users to gain
privileges ...)
 	NOTE: not-for-us (oracle)
-CAN-2004-1337
+CAN-2004-1337 (The POSIX Capability Linux Security Module (LSM) for Linux
kernel 2.6 ...)
 	NOTE: <dilinger> joeyh: we''re mostly not vulnerable, because
the module is generally loaded from the initrd (or very early on at some point)
 	TODO: re-check with kernel team re fix
 	NOTE: apparent it only affects 2.6
-CAN-2004-1336
+CAN-2004-1336 (The xdvizilla script in tetex-bin 2.0.2 creates temporary files
with ...)
 	- tetex-bin 2.0.2-25
-CAN-2004-1335
+CAN-2004-1335 (Memory leak in the ip_options_get function in the Linux kernel
before ...)
 	- kernel-source-2.6.8 2.6.8-11
-CAN-2004-1334
+CAN-2004-1334 (Integer overflow in the ip_options_get function in the Linux
kernel ...)
 	TODO: re-check with kernel team (was unfixed before)
-CAN-2004-1333
+CAN-2004-1333 (Integer overflow in the vc_resize function in the Linux kernel
2.4 and ...)
 	- kernel-source-2.6.8 2.6.8-11
-CAN-2004-1332
+CAN-2004-1332 (Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i,
with ...)
 	NOTE: not-for-us (hpux)
-CAN-2004-1331
+CAN-2004-1331 (The execCommand method in Microsoft Internet Explorer 6.0 SP2
allows ...)
 	NOTE: not-for-us (microsoft)
-CAN-2004-1330
+CAN-2004-1330 (Buffer overflow in paginit in AIX 5.1 through 5.3 allows local
users ...)
 	NOTE: not-for-us (AIX)
-CAN-2004-1329
+CAN-2004-1329 (Untrusted execution path vulnerability in the diag commands (1)
...)
 	NOTE: not-for-us (AIX)
-CAN-2004-1328
+CAN-2004-1328 (Unknown vulnerability in newgrp in HP-UX B.11.00, B.11.04, and
B.11.11 ...)
 	NOTE: not-for-us (hpux)
-CAN-2004-1327
+CAN-2004-1327 (Buffer overflow in Crystal FTP Client 2.8 allows remote
malicious ...)
 	NOTE: not-for-us (Crystal FTP client)
-CAN-2004-1326
+CAN-2004-1326 (Buffer overflow in dxterm in Ultrix 4.5 allows local users to
execute ...)
 	NOTE: not-for-us (Ultrix)
-CAN-2004-1325
+CAN-2004-1325 (The getItemInfoByAtom function in the ActiveX control for
Microsoft ...)
 	NOTE: not-for-us (Microsoft)
-CAN-2004-1324
+CAN-2004-1324 (The Microsoft Windows Media Player 9.0 ActiveX control may allow
...)
 	NOTE: not-for-us (Microsoft)
-CAN-2004-1323
+CAN-2004-1323 (Multiple syscalls in the compat subsystem for NetBSD before 2.0
allow ...)
 	NOTE: not-for-us (Netbsd)
-CAN-2004-1322
+CAN-2004-1322 (Cisco Unity 2.x, 3.x, and 4.x, when integrated with Microsoft
...)
 	NOTE: not-for-us (Microsoft/Cisco)
-CAN-2004-1321
+CAN-2004-1321 (The configuration backup in Asante FM2008 running firmware 1.06
stores ...)
 	NOTE: not-for-us (Asante FM2008)
-CAN-2004-1320
+CAN-2004-1320 (Asante FM2008 running firmware 1.06 is shipped with a default
username ...)
 	NOTE: not-for-us (Asante FM2008)
-CAN-2004-1319
+CAN-2004-1319 (The DHTML Edit Control (dhtmled.ocx) in Internet Explorer ...)
 	NOTE: not-for-us (MSIE)
-CAN-2004-1318
+CAN-2004-1318 (Cross-site scripting (XSS) vulnerability in namazu.cgi for
Namazu ...)
+	{DSA-627-1}
 	- namuzu2 2.0.14
 CAN-2004-1317 (Stack-based buffer overflow in doexec.c in Netcat for Windows
1.1, ...)
 	NOTE: apparently only affects netcat in windows
@@ -168,6 +169,7 @@
 CAN-2004-1290 (Buffer overflow in the process_moves function in pgn2web.c for
pgn2web ...)
 	NOTE: not-for-us (pgn2web)
 CAN-2004-1289 (Multiple buffer overflows in (1) the getline function in
pcalutil.c ...)
+	{DSA-625-1}
 	- pcal 4.8.0-1
 CAN-2004-1288 (Buffer overflow in the parse_html function in o3read.c for
o3read ...)
 	NOTE: not-for-us (o3read)
@@ -387,6 +389,7 @@
 	NOTE: reserved
 CAN-2004-1183
 	NOTE: reserved
+	{DSA-626-1}
 CAN-2004-1182
 	NOTE: reserved
 CAN-2004-1181
@@ -725,7 +728,7 @@
 CAN-2004-1027 (The -x command line option in unarj allows remote attackers to
...)
 	NOTE: sarge''s unarj is from a different code base, probably not
vulnerable
 CAN-2004-1026 (Multiple integer overflows in the image handler for imlib 1.9.14
and ...)
-	{DSA-618-1}
+	{DSA-628-1 DSA-618-1}
 	- imlib 1.9.14-17.1
 	- imlib-png2 1.9.14-16.1
 	- imlib2 1.1.2-2.1
Secure testing commits - Jan 2005 - r249 - sarge-checks/CAN

[Secure-testing-commits] r249 - sarge-checks/CAN
