Author: joeyh
Date: 2004-11-05 14:17:54 -0700 (Fri, 05 Nov 2004)
New Revision: 84
Modified:
sarge-checks/CAN/list
sarge-checks/DSA/list
Log:
processed rest of my block fo CANs
Modified: sarge-checks/CAN/list
==================================================================---
sarge-checks/CAN/list 2004-11-05 17:13:36 UTC (rev 83)
+++ sarge-checks/CAN/list 2004-11-05 21:17:54 UTC (rev 84)
@@ -2415,6 +2415,7 @@
CAN-2003-0849
CAN-2003-0848
NOTE: covered by DSA-428
+ - slocate 2.7-3
CAN-2003-0847
CAN-2003-0846
CAN-2003-0845
@@ -3305,8 +3306,6 @@
end claimed by stef-guest
-begin claimed by joeyh
-
CAN-2003-0399
NOTE: not-for-us (Vignette StoryServer)
CAN-2003-0398
@@ -3331,8 +3330,7 @@
NOTE: not-for-us (RSA ACE/Agent)
CAN-2003-0388
NOTE: pam is not vulnerable in default confuguration
- NOTE: mailed maintainer to see if it''s fixed
- TODO: followup
+ NOTE: pam is not vulnerable at all in sarge, according to maintainer
CAN-2003-0387
NOTE: reserved
CAN-2003-0386
@@ -3447,17 +3445,21 @@
CAN-2003-0331
NOTE: not-for-us (ttForum)
CAN-2003-0330
- TODO: check
+ NOTE: maelstrom in sarge tests not vulnerable to exploit. Unsure when fixed.
CAN-2003-0329
- TODO: check
+ NOTE: not-for-us (CesarFTP)
CAN-2003-0328
NOTE: covered by DSA-306
CAN-2003-0327
- TODO: check
+ NOTE: not-for-us (Sybase Adaptive Server Enterprise)
CAN-2003-0326
- TODO: check
+ NOTE: bug does exist in slocate.
+ NOTE: only impacts security if kernel has been recompiled to allow
+ NOTE: an absurd 536870912 bytes of command line arguments. This is
+ NOTE: very unlikely, and if you do exploit it, you get only slocate
+ NOTE: gid.
CAN-2003-0325
- TODO: check
+ NOTE: maelstrom in sarge tests not vulnerable to exploit. Unsure when fixed.
CAN-2003-0324
NOTE: covered by DSA-287
CAN-2003-0323
@@ -3467,86 +3469,88 @@
CAN-2003-0320
NOTE: covered by DSA-306
CAN-2003-0320
- TODO: check
+ NOTE: not-for-us (ttCMS)
CAN-2003-0319
- TODO: check
+ NOTE: not-for-us (SmartMax MailMax)
CAN-2003-0318
- TODO: check
+ NOTE: not-for-us (PHP-Nuke)
CAN-2003-0317
- TODO: check
+ NOTE: not-for-us (iisPROTECT)
CAN-2003-0316
- TODO: check
+ NOTE: not-for-us (Venturi Client)
CAN-2003-0315
- TODO: check
+ NOTE: not-for-us (Snowblind Web Server)
CAN-2003-0314
- TODO: check
+ NOTE: not-for-us (Snowblind Web Server)
CAN-2003-0313
- TODO: check
+ NOTE: not-for-us (Snowblind Web Server)
CAN-2003-0312
- TODO: check
+ NOTE: not-for-us (Snowblind Web Server)
CAN-2003-0311
NOTE: reserved
CAN-2003-0310
- TODO: check
+ NOTE: author apparently fixed hole by time vuln was reported,
+ NOTE: and I guess that fix made it into new upstream versions,
+ NOTE: but I did not check in detail
CAN-2003-0309
- TODO: check
+ NOTE: not-for-us (MSIE)
CAN-2003-0308
NOTE: covered by DSA-305
CAN-2003-0307
- TODO: check
+ NOTE: not-for-us (Poster version.two)
CAN-2003-0306
- TODO: check
+ NOTE: not-for-us (Windows)
CAN-2003-0305
- TODO: check
+ NOTE: not-for-us (Cisco)
CAN-2003-0304
- TODO: check
+ NOTE: not-for-us (one||zero (aka One or Zero) Helpdesk)
CAN-2003-0303
- TODO: check
+ NOTE: not-for-us (one||zero (aka One or Zero) Helpdesk)
CAN-2003-0302
- TODO: check
+ NOTE: not-for-us (Eudora)
CAN-2003-0301
- TODO: check
+ NOTE: not-for-us (Microsort)
CAN-2003-0300
- TODO: check
-
-end claimed by joeyh
-
+ NOTE: sylpheed and sylpheed-claws might still be vulnerable
+ NOTE: but it''s only a crasher
CAN-2003-0299
- TODO: check
+ NOTE: mutt and balse might still be vulnerable
+ NOTE: but it''s only a crasher
CAN-2003-0298
- TODO: check
+ - mozilla 1.4b
CAN-2003-0297
- TODO: check
+ - uw-imap 7:2002c
+ NOTE: did not check pine
CAN-2003-0296
- TODO: check
+ - evolution 1.3.2
CAN-2003-0295
- TODO: check
+ NOTE: not-for-us (vBulletin)
CAN-2003-0294
- TODO: check
+ NOTE: not-for-us (php-proxima)
CAN-2003-0293
- TODO: check
+ NOTE: not-for-us (PalmOS)
CAN-2003-0292
- TODO: check
+ NOTE: not-for-us (Inktomi)
CAN-2003-0291
- TODO: check
+ NOTE: not-for-us (3com OfficeConnect Remote 812 ADSL Router)
CAN-2003-0290
- TODO: check
+ NOTE: not-for-us (eServ)
CAN-2003-0289
- TODO: check
+ - cdrtools 4:2.0+a14-1
CAN-2003-0288
- TODO: check
+ NOTE: not-for-us (IP Messenger for Win)
CAN-2003-0287
- TODO: check
+ NOTE: not-for-us (Movable Type)
CAN-2003-0286
- TODO: check
+ NOTE: not-for-us (Snitz Forums)
CAN-2003-0285
- TODO: check
+ NOTE: not-for-us (bad sendmail config on AIX)
CAN-2003-0284
- TODO: check
+ NOTE: not-for-us (Adobe Acrobat)
CAN-2003-0283
- TODO: check
+ NOTE: not-for-us (Phorum)
CAN-2003-0282
- TODO: check
+ NOTE: covered by DSA-344
CAN-2003-0281
TODO: check
CAN-2003-0280
Modified: sarge-checks/DSA/list
==================================================================---
sarge-checks/DSA/list 2004-11-05 17:13:36 UTC (rev 83)
+++ sarge-checks/DSA/list 2004-11-05 21:17:54 UTC (rev 84)
@@ -780,7 +780,7 @@
{CAN-2003-0535}
- xbl 1.0k-6
[08 Jul 2003] DSA-344 unzip - directory traversal
- {CAN-2003-0282
+ {CAN-2003-0282}
- unzip 5.50-3
[08 Jul 2003] DSA-343 skk, ddskk - insecure temporary file
{CAN-2003-0539}