Author: pdwerryh-guest Date: 2004-11-24 03:47:27 -0700 (Wed, 24 Nov 2004) New Revision: 150 Modified: sarge-checks/CAN/list Log: Clarified a couple more problems. Modified: sarge-checks/CAN/list ==================================================================--- sarge-checks/CAN/list 2004-11-23 11:38:45 UTC (rev 149) +++ sarge-checks/CAN/list 2004-11-24 10:47:27 UTC (rev 150) @@ -4279,7 +4279,8 @@ CAN-2002-1567 NOTE: tomcat4 cross-site scripting vuln NOTE: not sure if it''s a problem or not - TODO: contacted package maintainers, waiting for response. + NOTE: contacted package maintainers, they think it''s not vulnerable. + TODO: waiting for further information. CAN-2002-1566 - netris 0.52-1 CAN-2002-1565 @@ -4464,17 +4465,14 @@ NOTE: covered by DSA-141 - mpack 1.5-9 CAN-2002-1423 - NOTE: hole in fudforum before 2.2.0 - TODO: check if this is the same as in package phpgroupware-fudforum - TODO: have contacted phpgroupware developer to clarify + NOTE: vuln in fudforum before 2.2.0. fudforum in phpgroupware-fudforum + NOTE: is version 2.5.x CAN-2002-1422 - NOTE: hole in fudforum before 2.2.0 - TODO: check if this is the same as in package phpgroupware-fudforum - TODO: have contacted phpgroupware developer to clarify + NOTE: vuln in fudforum before 2.2.0. fudforum in phpgroupware-fudforum + NOTE: is version 2.5.x CAN-2002-1421 - NOTE: hole in fudforum before 2.2.0 - TODO: check if this is the same as in package phpgroupware-fudforum - TODO: have contacted phpgroupware developer to clarify + NOTE: vuln in fudforum before 2.2.0. fudforum in phpgroupware-fudforum + NOTE: is version 2.5.x CAN-2002-1416 NOTE: not-for-us (Webeasymail) CAN-2002-1415