Secure testing commits - Dec 2004 - r205 - sarge-checks/CAN

Author: joeyh
Date: 2004-12-22 09:14:30 -0700 (Wed, 22 Dec 2004)
New Revision: 205

Modified:
   sarge-checks/CAN/list
Log:
automatic CAN database update

Modified: sarge-checks/CAN/list
==================================================================---
sarge-checks/CAN/list	2004-12-20 16:15:19 UTC (rev 204)
+++ sarge-checks/CAN/list	2004-12-22 16:14:30 UTC (rev 205)
@@ -1,3 +1,165 @@
+CAN-2004-1314
+	TODO: check
+CAN-2004-1313
+	TODO: check
+CAN-2004-1312
+	NOTE: reserved
+CAN-2004-1311
+	TODO: check
+CAN-2004-1310
+	TODO: check
+CAN-2004-1309
+	TODO: check
+CAN-2004-1308
+	TODO: check
+CAN-2004-1307
+	NOTE: reserved
+CAN-2004-1306
+	NOTE: reserved
+CAN-2004-1305
+	NOTE: reserved
+CAN-2004-1304
+	TODO: check
+CAN-2004-1303
+	TODO: check
+CAN-2004-1302
+	TODO: check
+CAN-2004-1301
+	TODO: check
+CAN-2004-1300
+	TODO: check
+CAN-2004-1299
+	TODO: check
+CAN-2004-1298
+	TODO: check
+CAN-2004-1297
+	TODO: check
+CAN-2004-1296
+	NOTE: reserved
+CAN-2004-1295
+	TODO: check
+CAN-2004-1294
+	TODO: check
+CAN-2004-1293
+	TODO: check
+CAN-2004-1292
+	TODO: check
+CAN-2004-1291
+	TODO: check
+CAN-2004-1290
+	TODO: check
+CAN-2004-1289
+	TODO: check
+CAN-2004-1288
+	TODO: check
+CAN-2004-1287
+	TODO: check
+CAN-2004-1286
+	TODO: check
+CAN-2004-1285
+	TODO: check
+CAN-2004-1284
+	TODO: check
+CAN-2004-1283
+	TODO: check
+CAN-2004-1282
+	TODO: check
+CAN-2004-1281
+	TODO: check
+CAN-2004-1280
+	TODO: check
+CAN-2004-1279
+	TODO: check
+CAN-2004-1278
+	TODO: check
+CAN-2004-1277
+	TODO: check
+CAN-2004-1276
+	TODO: check
+CAN-2004-1275
+	TODO: check
+CAN-2004-1274
+	TODO: check
+CAN-2004-1273
+	TODO: check
+CAN-2004-1272
+	TODO: check
+CAN-2004-1271
+	TODO: check
+CAN-2004-1270
+	TODO: check
+CAN-2004-1269
+	TODO: check
+CAN-2004-1268
+	TODO: check
+CAN-2004-1267
+	TODO: check
+CAN-2004-1266
+	TODO: check
+CAN-2004-1265
+	TODO: check
+CAN-2004-1264
+	TODO: check
+CAN-2004-1263
+	TODO: check
+CAN-2004-1262
+	TODO: check
+CAN-2004-1261
+	TODO: check
+CAN-2004-1260
+	TODO: check
+CAN-2004-1259
+	TODO: check
+CAN-2004-1258
+	TODO: check
+CAN-2004-1257
+	TODO: check
+CAN-2004-1256
+	TODO: check
+CAN-2004-1255
+	TODO: check
+CAN-2004-1254
+	TODO: check
+CAN-2004-1253
+	NOTE: reserved
+CAN-2004-1252
+	NOTE: reserved
+CAN-2004-1251
+	NOTE: reserved
+CAN-2004-1250
+	NOTE: reserved
+CAN-2004-1249
+	NOTE: reserved
+CAN-2004-1248
+	NOTE: reserved
+CAN-2004-1247
+	NOTE: reserved
+CAN-2004-1246
+	NOTE: reserved
+CAN-2004-1245
+	NOTE: reserved
+CAN-2004-1244
+	NOTE: reserved
+CAN-2004-1243
+	NOTE: reserved
+CAN-2004-1242
+	NOTE: reserved
+CAN-2004-1241
+	NOTE: reserved
+CAN-2004-1240
+	NOTE: reserved
+CAN-2004-1239
+	NOTE: reserved
+CAN-2004-1238
+	NOTE: reserved
+CAN-2004-1237
+	NOTE: reserved
+CAN-2004-1236
+	NOTE: reserved
+CAN-2004-1235
+	NOTE: reserved
+CAN-2004-1234
+	NOTE: reserved
 CAN-2004-1233 (Integer overflow in Gadu-Gadu allows remote attackers to cause a
...)
 	NOTE: not-for-us (Gadu-Gadu)
 CAN-2004-1232 (Stack-based buffer overflow in the code that sends images in
Gadu-Gadu ...)
@@ -91,10 +253,10 @@
 	TODO: check with kernel team
 CAN-2004-1189
 	NOTE: reserved
-CAN-2004-1188
-	NOTE: reserved
-CAN-2004-1187
-	NOTE: reserved
+CAN-2004-1188 (The pnm_get_chunk function in xine 0.99.2 and earlier, and other
...)
+	TODO: check
+CAN-2004-1187 (Heap-based buffer overflow in the pnm_get_chunk function for
xine ...)
+	TODO: check
 CAN-2004-1186
 	NOTE: reserved
 CAN-2004-1185
@@ -123,8 +285,8 @@
 	NOTE: reserved
 CAN-2004-1173 (Internet Explorer 6 allows remote attackers to bypass the popup
...)
 	NOTE: not-for-us (MSIE)
-CAN-2004-1172
-	NOTE: reserved
+CAN-2004-1172 (Stack-based buffer overflow in the Agent Browser in Veritas
Backup ...)
+	TODO: check
 CAN-2004-1171 (KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that
are ...)
 	- kdelibs 4:3.3.1-2
 	- kdebase 4:3.3.1-3
@@ -166,19 +328,19 @@
 	NOTE: firefox.. but my setup is pretty nonstandard -- joey
 CAN-2004-1155 (Internet Explorer 5.01 through 6 allows remote attackers to
spoof ...)
 	NOTE: not-for-us (Microsoft MSIE)
-CAN-2004-1154
-	NOTE: reserved
-CAN-2004-1153
-	NOTE: reserved
-CAN-2004-1152
-	NOTE: reserved
+CAN-2004-1154 (Integer overflow in the Samba daemon (smbd) in Samba 2.x and
3.0.x ...)
+	TODO: check
+CAN-2004-1153 (Format string vulnerability in Adobe Acrobat Reader 6.0.0
through ...)
+	TODO: check
+CAN-2004-1152 (Buffer overflow in the mailListIsPd function in Adobe Acrobat
Reader ...)
+	TODO: check
 CAN-2004-1151 (Multiple buffer overflows in the (1) sys32_ni_syscall and (2)
...)
 	NOTE: fixed in kernel team svn
 	TODO: track fix
 CAN-2004-1150
 	NOTE: reserved
-CAN-2004-1149
-	NOTE: reserved
+CAN-2004-1149 (Computer Associates eTrust EZ Antivirus 7.0.0 to 7.0.4,
including ...)
+	TODO: check
 CAN-2004-1148 (phpMyAdmin before 2.6.1, when configured with UploadDir
functionality, ...)
 	- phpmyadmin 2:2.6.1-rc1-1
 CAN-2004-1147 (phpMyAdmin 2.6.0-pl2, and other versions before 2.6.1, with
external ...)
@@ -199,8 +361,8 @@
 	NOTE: reserved
 CAN-2004-1139
 	NOTE: reserved
-CAN-2004-1138
-	NOTE: reserved
+CAN-2004-1138 (Unknown vulnerability in Vim modeline options, such as (1)
termcap, ...)
+	TODO: check
 CAN-2004-1137 (Multiple vulnerabilities in the IGMP functionality for Linux
kernel ...)
 	NOTE: Fixed in kernel team svn
 	TODO: track fix
@@ -226,13 +388,13 @@
 	- opendchub 0.7.14-1.1
 CAN-2004-1126
 	NOTE: reserved
-CAN-2004-1125
-	NOTE: reserved
+CAN-2004-1125 (Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf
3.00 ...)
+	TODO: check
 CAN-2004-1124
 	NOTE: reserved
 CAN-2004-1123 (Darwin Streaming Server 5.0.1, and possibly earlier versions,
allows ...)
 	NOTE: not-for-us (Darwin Streaming Server)
-CAN-2004-1122 (Safari 1.x to 1.2.4, and possibly other versions, allows remote
...)
+CAN-2004-1122 (Safari 1.x to 1.2.4, and possibly other versions, allows
inactive ...)
 	NOTE: not-for-us (Safari)
 CAN-2004-1121
 	NOTE: reserved
@@ -353,8 +515,7 @@
 	NOTE: 1.5.19 also seems ok
 CAN-2004-1066 (The cmdline pseudofiles in (1) procfs on FreeBSD 4.8 through
5.3, and ...)
 	NOTE: not-for-us (FreeBSD)
-CAN-2004-1065
-	NOTE: reserved
+CAN-2004-1065 (Buffer overflow in the exif_read_data function in PHP before
4.3.10 ...)
 	- php4 4:4.3.10-1
 CAN-2004-1064
 	NOTE: rejected
@@ -370,16 +531,16 @@
 	NOTE: reserved
 CAN-2004-1059
 	NOTE: reserved
-CAN-2004-1058
-	NOTE: reserved
+CAN-2004-1058 (Race condition in Linux kernel 2.6 allows local users to read
the ...)
+	TODO: check
 CAN-2004-1057
 	NOTE: reserved
-CAN-2004-1056
-	NOTE: reserved
+CAN-2004-1056 (Direct Rendering Manager (DRM) driver in Linux kernel 2.6 does
not ...)
+	TODO: check
 CAN-2004-1055 (Multiple cross-site scripting (XSS) vulnerabilities in
phpMyAdmin ...)
 	- phpmyadmin 2:2.6.0-pl3-1
-CAN-2004-1054
-	NOTE: reserved
+CAN-2004-1054 (Untrusted execution path vulnerability in invscout in IBM AIX
5.1.0, ...)
+	TODO: check
 CAN-2004-1053 (Integer overflow in fetch on FreeBSD 4.1 through 5.3 allows
remote ...)
 	NOTE: not-for-us (fetch on FreeBSD)
 CAN-2004-1052 (Buffer overflow in the getnickuserhost function in BNC 2.8.9,
and ...)
@@ -433,8 +594,8 @@
 	- fcron 2.9.5.1-1
 CAN-2004-1029 (The Sun Java Plugin capability in Java 2 Runtime Environment
(JRE) ...)
 	NOTE: not-for-us (Sun JRE)
-CAN-2004-1028
-	NOTE: reserved
+CAN-2004-1028 (Untrusted execution path vulnerability in chcod on AIX IBM
5.1.0, ...)
+	TODO: check
 CAN-2004-1027 (The -x command line option in unarj allows remote attackers to
...)
 	NOTE: sarge''s unarj is from a different code base, probably not
vulnerable
 CAN-2004-1026 (Multiple integer overflows in the image handler for imlib 1.9.14
and ...)
@@ -453,8 +614,7 @@
 CAN-2004-1020
 	NOTE: rejected
 	- php4 4:4.3.10-1
-CAN-2004-1019
-	NOTE: reserved
+CAN-2004-1019 (The deserialization code in PHP before 4.3.10 and PHP 5.x up to
5.0.2 ...)
 	- php4 4:4.3.10-1
 CAN-2004-1018
 	NOTE: rejected
@@ -562,7 +722,7 @@
 	NOTE: not-for-us (windows)
 CAN-2004-0978 (Unknown vulnerability in the Hrtbeat.ocx ActiveX control for
Internet ...)
 	NOTE: not-for-us (windows)
-CAN-2004-0977 (The make_oidjoins_check script in the postgresql package in
Trustix ...)
+CAN-2004-0977 (The make_oidjoins_check script in the postgresql package allows
local ...)
 	{DSA-577-1}
 	- postgresql 7.4.6-1
 CAN-2004-0976 (Multiple scripts in the perl package in Trustix Secure Linux 1.5
...)
@@ -638,8 +798,8 @@
 CAN-2004-0947 (Buffer overflow in unarj before 2.63a-r2 allows remote attackers
to ...)
 	NOTE: see http://lwn.net/Alerts/110733/
 	NOTE: sarge''s unarj is from a different code base, probably not
vulnerable
-CAN-2004-0946
-	NOTE: reserved
+CAN-2004-0946 (rquotad in nfs-utils (rquota_server.c) before 1.0.6-r6 on 64-bit
...)
+	TODO: check
 CAN-2004-0945
 	NOTE: reserved
 CAN-2004-0944