Author: joeyh Date: 2004-12-15 13:08:48 -0700 (Wed, 15 Dec 2004) New Revision: 199 Modified: sarge-checks/CAN/list Log: check today''s CANs Modified: sarge-checks/CAN/list ==================================================================--- sarge-checks/CAN/list 2004-12-15 16:14:32 UTC (rev 198) +++ sarge-checks/CAN/list 2004-12-15 20:08:48 UTC (rev 199) @@ -1,91 +1,94 @@ CAN-2004-1233 - TODO: check + NOTE: not-for-us (Gadu-Gadu) CAN-2004-1232 - TODO: check + NOTE: not-for-us (Gadu-Gadu) CAN-2004-1231 - TODO: check + NOTE: not-for-us (Gadu-Gadu) CAN-2004-1230 - TODO: check + NOTE: not-for-us (Gadu-Gadu) CAN-2004-1229 - TODO: check + NOTE: not-for-us (Gadu-Gadu) CAN-2004-1228 - TODO: check + NOTE: not-for-us (SugarCRM Sugar Sales) CAN-2004-1227 - TODO: check + NOTE: not-for-us (SugarCRM Sugar Sales) CAN-2004-1226 - TODO: check + NOTE: not-for-us (SugarCRM Sugar Sales) CAN-2004-1225 - TODO: check + NOTE: not-for-us (SugarCRM Sugar Sales) CAN-2004-1224 - TODO: check + - mtr 0.67-1 CAN-2004-1223 - TODO: check + NOTE: not-for-us (F-Secure Policy Manager) CAN-2004-1222 - TODO: check + NOTE: not-for-us (weblibs.pl) CAN-2004-1221 - TODO: check + NOTE: not-for-us (weblibs.pl) CAN-2004-1220 - TODO: check + NOTE: not-for-us (Battlefield 1942, Battlefield Vietnam) CAN-2004-1219 - TODO: check + NOTE: not-for-us (paFileDB) CAN-2004-1218 - TODO: check + NOTE: not-for-us (Remote Execute) CAN-2004-1217 - TODO: check + NOTE: not-for-us (Hosting Controller) CAN-2004-1216 - TODO: check + NOTE: not-for-us (Kreed) CAN-2004-1215 - TODO: check + NOTE: not-for-us (Kreed) CAN-2004-1214 - TODO: check + NOTE: not-for-us (Kreed) CAN-2004-1213 - TODO: check + NOTE: not-for-us (Advanced Guestbook) CAN-2004-1212 - TODO: check + NOTE: not-for-us (Blog Torrent) CAN-2004-1211 - TODO: check + NOTE: not-for-us (Mercury Mail) CAN-2004-1210 - TODO: check + NOTE: not-for-us (IpCop) CAN-2004-1209 - TODO: check + NOTE: not-for-us (Verisign Payflow Link) CAN-2004-1208 - TODO: check + NOTE: not-for-us (Orbz) CAN-2004-1207 - TODO: check + NOTE: not-for-us (The Serious engine, as used in (1) Alpha Black Zero, (2) Nitro family, and (3) Serious Sam Second Encounter) CAN-2004-1206 - TODO: check + NOTE: not-for-us (pnTresMailer) CAN-2004-1205 - TODO: check + NOTE: not-for-us (pnTresMailer) CAN-2004-1204 - TODO: check + NOTE: at best a local DOS by the user running fluxbox. + NOTE: Where''s the security hole? + - fluxbox (unfixed; bug filed) CAN-2004-1203 - TODO: check + NOTE: not-for-us (phpCMS) CAN-2004-1202 - TODO: check + NOTE: not-for-us (phpCMS) CAN-2004-1201 - TODO: check + NOTE: not-for-us (Opera) CAN-2004-1200 - TODO: check + NOTE: memory leak, doubt it''s usefully exploitable + NOTE: did not followup CAN-2004-1199 - TODO: check + NOTE: not-for-us (Safari) CAN-2004-1198 - TODO: check + NOTE: not-for-us (MSIE) CAN-2004-1197 - TODO: check + NOTE: not-for-us (inShop) CAN-2004-1196 - TODO: check + NOTE: not-for-us (Insite Inmail) CAN-2004-1195 - TODO: check + NOTE: not-for-us (Star Wars Battlefront) CAN-2004-1194 - TODO: check + NOTE: not-for-us (Star Wars Battlefront) CAN-2004-1193 - TODO: check + NOTE: not-for-us (Prevex Home) CAN-2004-1192 - TODO: check + NOTE: not-for-us (Citadel/UX) CAN-2004-1191 - TODO: check + TODO: check with kernel team CAN-2004-1190 - TODO: check + TODO: check with kernel team CAN-2004-1189 NOTE: reserved CAN-2004-1188 @@ -119,7 +122,7 @@ CAN-2004-1174 NOTE: reserved CAN-2004-1173 - TODO: check + NOTE: not-for-us (MSIE) CAN-2004-1172 NOTE: reserved CAN-2004-1171 @@ -169,15 +172,15 @@ CAN-2004-1152 NOTE: reserved CAN-2004-1151 - TODO: check with kernel people + NOTE: only affects amd64 per ubuntu CAN-2004-1150 NOTE: reserved CAN-2004-1149 NOTE: reserved CAN-2004-1148 - TODO: check + - phpmyadmin 2:2.6.1-rc1-1 CAN-2004-1147 - TODO: check + - phpmyadmin 2:2.6.1-rc1-1 CAN-2004-1146 NOTE: reserved CAN-2004-1145 @@ -197,7 +200,7 @@ CAN-2004-1138 NOTE: reserved CAN-2004-1137 - TODO: check + TODO: check with kernel team CAN-2004-1136 NOTE: not-for-us (CuteFTP) CAN-2004-1135 @@ -432,13 +435,13 @@ - imlib (unfixed; bug #284925) - imlib-png2 (unfixed; bug #284925) CAN-2004-1025 - TODO: check + NOTE: fixed in patches for CAN-2004-1026 CAN-2004-1024 NOTE: reserved CAN-2004-1023 - TODO: check + NOTE: not-for-us (Kerio) CAN-2004-1022 - TODO: check + NOTE: not-for-us (Kerio) CAN-2004-1021 NOTE: not-for-us (MacOS) CAN-2004-1020 @@ -450,7 +453,7 @@ CAN-2004-1017 NOTE: reserved CAN-2004-1016 - TODO: check + TODO: check with kernel team CAN-2004-1015 NOTE: cyrus-imapd not vulnerable NOTE: cyrus21-imapd not vulnerable @@ -739,11 +742,11 @@ - mozilla 1.7.3 - mozilla-thunderbird 0.8 CAN-2004-0901 - TODO: check + NOTE: not-for-us (Microsoft) CAN-2004-0900 - TODO: check + NOTE: not-for-us (Microsoft) CAN-2004-0899 - TODO: check + NOTE: not-for-us (Microsoft) CAN-2004-0898 NOTE: reserved CAN-2004-0897 @@ -753,9 +756,9 @@ CAN-2004-0895 NOTE: reserved CAN-2004-0894 - TODO: check + NOTE: not-for-us (Microsoft) CAN-2004-0893 - TODO: check + NOTE: not-for-us (Microsoft) CAN-2004-0892 NOTE: not-for-us (Microsoft) CAN-2004-0891 @@ -1445,13 +1448,13 @@ CAN-2004-0572 NOTE: not-for-us (Windows) CAN-2004-0571 - TODO: check + NOTE: not-for-us (Microsoft) CAN-2004-0570 NOTE: reserved CAN-2004-0569 NOTE: not-for-us (Windows) CAN-2004-0568 - TODO: check + NOTE: not-for-us (HyperTerminal) CAN-2004-0567 NOTE: reserved CAN-2004-0566