Author: joeyh
Date: 2005-01-08 18:14:57 +0100 (Sat, 08 Jan 2005)
New Revision: 254
Modified:
sarge-checks/CAN/list
Log:
missed a few
Modified: sarge-checks/CAN/list
==================================================================---
sarge-checks/CAN/list 2005-01-08 08:14:18 UTC (rev 253)
+++ sarge-checks/CAN/list 2005-01-08 17:14:57 UTC (rev 254)
@@ -286,7 +286,7 @@
- kernel-source-2.6.8 (unfixed; bug #289155)
- kernel-source-2.4.27 (unfixed; bug cloned)
CAN-2004-1234 (load_elf_binary in Linux before 2.4.26 allows local users to
cause a ...)
- TODO: check
+ TODO: check with kernel team
CAN-2004-1233 (Integer overflow in Gadu-Gadu allows remote attackers to cause a
...)
NOTE: not-for-us (Gadu-Gadu)
CAN-2004-1232 (Stack-based buffer overflow in the code that sends images in
Gadu-Gadu ...)
@@ -380,7 +380,6 @@
TODO: check with kernel team
CAN-2004-1189 (The add_to_history function in svr_principal.c in libkadm5srv
for MIT ...)
{DSA-629-1}
- TODO: check
CAN-2004-1188 (The pnm_get_chunk function in xine 0.99.2 and earlier, and other
...)
- xine-lib 1-rc8-1
CAN-2004-1187 (Heap-based buffer overflow in the pnm_get_chunk function for
xine ...)
@@ -480,18 +479,18 @@
CAN-2004-1145 (Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier
(1) ...)
- kdelibs (unfixed; bug #286521)
CAN-2004-1144 (Unknown vulnerability in the 32bit emulation code in Linux 2.4
on ...)
- TODO: check
+ TODO: check with kernel team
CAN-2004-1143
NOTE: reserved
- mailman (unfixed; bug #286796)
CAN-2004-1142 (Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a
...)
- TODO: check
+ - ethereal 0.10.8
CAN-2004-1141 (The HTTP dissector in Ethereal 0.10.1 through 0.10.7 allows
remote ...)
- TODO: check
+ - ethereal 0.10.8
CAN-2004-1140 (Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a
...)
- TODO: check
+ - ethereal 0.10.8
CAN-2004-1139 (Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4
...)
- TODO: check
+ - ethereal 0.10.8
CAN-2004-1138 (VIM before 6.3 and gVim before 6.3 allow local users to execute
...)
- vim 1:6.3-046+0sarge1
CAN-2004-1137 (Multiple vulnerabilities in the IGMP functionality for Linux
kernel ...)
@@ -698,7 +697,7 @@
CAN-2004-1044
NOTE: reserved
CAN-2004-1043 (Internet Explorer 6.0 on Windows XP SP2 allows remote attackers
to ...)
- TODO: check
+ NOTE: not-for-us (MSIE)
CAN-2004-1042
NOTE: reserved
CAN-2004-1041
@@ -757,7 +756,7 @@
NOTE: rejected
- php4 4:4.3.10-1
CAN-2004-1017 (Multiple "overflows" in the io_edgeport driver
for Linux kernel 2.4.x ...)
- TODO: check
+ TODO: check with kernel team
CAN-2004-1016 (The scm_send function in the scm layer for Linux kernel 2.4.x up
to ...)
- kernel-image-2.4.27-i386 2.4.27-7
CAN-2004-1015 (Buffer overflow in proxyd for Cyrus IMAP Server 2.2.9 and
earlier, ...)
@@ -1092,7 +1091,7 @@
CAN-2004-0884 (The (1) libsasl and (2) libsasl2 libraries in Cyrus-SASL 2.1.18
and ...)
{DSA-568-1 DSA-563-1}
CAN-2004-0883 (Multiple vulnerabilities in the samba filesystem (smbfs) in
Linux ...)
- TODO: check with kernel people
+ TODO: check with kernel team
CAN-2004-0882 (Buffer overflow in the QFILEPATHINFO request handler in Samba
3.0.x ...)
NOTE: details http://security.e-matters.de/advisories/132004.html
- samba 3.0.7
@@ -1517,7 +1516,7 @@
CAN-2004-0686 (Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4,
when the ...)
- samba 3.0.5
CAN-2004-0685 (Certain USB drivers in the Linux 2.4 kernel use the copy_to_user
...)
- TODO: check with kernel people
+ TODO: check with kernel team
CAN-2004-0684 (WebSphere Edge Component Caching Proxy in WebSphere Edge Server
5.02, ...)
NOTE: not-for-us (WebSphere Edge Server)
CAN-2004-0683 (Symantec Norton AntiVirus 2002 and 2003 allows remote attackers
to ...)
@@ -1701,7 +1700,7 @@
CAN-2004-0597 (Multiple buffer overflows in libpng 1.2.5 and earlier allow
remote ...)
{DSA-536}
CAN-2004-0596 (The Equalizer Load-balancer for serial network interfaces
(eql.c) in ...)
- TODO: check with kernel people
+ TODO: check with kernel team
CAN-2004-0595 (The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to
...)
{DSA-531}
CAN-2004-0594 (The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x
up to ...)
@@ -1763,7 +1762,7 @@
CAN-2004-0568 (HyperTerminal application for Windows NT 4.0, Windows 2000,
Windows ...)
NOTE: not-for-us (HyperTerminal)
CAN-2004-0567 (The Windows Internet Naming Service (WINS) in Windows NT Server
4.0 SP ...)
- TODO: check
+ NOTE: not-for-us (Windows)
CAN-2004-0566 (Integer overflow in imgbmp.cxx for Windows 2000 allows remote
...)
NOTE: not-for-us (Windows)
CAN-2004-0565 (Floating point information leak in the context switch code for
Linux ...)