Author: joeyh
Date: 2004-12-23 09:14:40 -0700 (Thu, 23 Dec 2004)
New Revision: 208
Modified:
sarge-checks/CAN/list
Log:
automatic CAN database update
Modified: sarge-checks/CAN/list
==================================================================---
sarge-checks/CAN/list 2004-12-22 17:53:29 UTC (rev 207)
+++ sarge-checks/CAN/list 2004-12-23 16:14:40 UTC (rev 208)
@@ -1,16 +1,16 @@
-CAN-2004-1314
+CAN-2004-1314 (Safari 1.x allows remote attackers to spoof arbitrary web sites
by ...)
TODO: check
-CAN-2004-1313
+CAN-2004-1313 (The Smc.exe process in My Firewall Plus 5.0 build 1117, and
possibly ...)
TODO: check
CAN-2004-1312
NOTE: reserved
-CAN-2004-1311
+CAN-2004-1311 (Integer overflow in the real_setup_and_get_header function in
real.c ...)
TODO: check
-CAN-2004-1310
+CAN-2004-1310 (Stack-based buffer overflow in the asf_mmst_streaming.c
functionality ...)
TODO: check
-CAN-2004-1309
+CAN-2004-1309 (Heap-based buffer overflow in the demux_open_bmp function in
...)
TODO: check
-CAN-2004-1308
+CAN-2004-1308 (Integer overflow in (1) tif_dirread.c and (2) tif_fax3.c for
libtiff ...)
- libtiff4 (unfixed; bug #286833)
TODO: other packages containing libtiff code may be vulnerable (kfax?)
CAN-2004-1307
@@ -19,108 +19,108 @@
NOTE: reserved
CAN-2004-1305
NOTE: reserved
-CAN-2004-1304
+CAN-2004-1304 (Stack-based buffer overflow in the ELF header parsing code in
file ...)
- file (unfixed; bug #283316)
-CAN-2004-1303
+CAN-2004-1303 (Buffer overflow in the get function in get.c for Yanf 0.4 allows
...)
TODO: check
-CAN-2004-1302
+CAN-2004-1302 (The id3tag_sort function in id3tag.c for YAMT 0.5 allows remote
...)
TODO: check
-CAN-2004-1301
+CAN-2004-1301 (Buffer overflow in the book_format_sql function in format.c for
...)
TODO: check
-CAN-2004-1300
+CAN-2004-1300 (Buffer overflow in the open_aiff_file function in demux_aiff.c
for ...)
- libxine1 (unfixed; bug #285899)
-CAN-2004-1299
+CAN-2004-1299 (Buffer overflow in the get_attr function in html.c for
vilistextum ...)
TODO: check
-CAN-2004-1298
+CAN-2004-1298 (Buffer overflow in the parse function in vb2c.c for vb2c 0.02
allows ...)
TODO: check
-CAN-2004-1297
+CAN-2004-1297 (Buffer overflow in the process_font_table function in convert.c
for ...)
TODO: check
CAN-2004-1296
NOTE: reserved
- pic2graph (unfixed; bug #286371)
-CAN-2004-1295
+CAN-2004-1295 (The slip_down function in slip.c for the uml_net program in ...)
TODO: check
-CAN-2004-1294
+CAN-2004-1294 (The mget function in cmds.c for tnftp 20030825 allows remote FTP
...)
- tnftp (unfixed; bug #285902)
-CAN-2004-1293
+CAN-2004-1293 (Buffer overflow in the ReadFontTbl function in reader.c for ...)
TODO: check
-CAN-2004-1292
+CAN-2004-1292 (Buffer overflow in the parse_emelody function in parse_emelody.c
for ...)
TODO: check
-CAN-2004-1291
+CAN-2004-1291 (Buffer overflow in qwik-smtpd allows remote attackers to use the
...)
TODO: check
-CAN-2004-1290
+CAN-2004-1290 (Buffer overflow in the process_moves function in pgn2web.c for
pgn2web ...)
TODO: check
-CAN-2004-1289
+CAN-2004-1289 (Multiple buffer overflows in (1) the getline function in
pcalutil.c ...)
TODO: check
-CAN-2004-1288
+CAN-2004-1288 (Buffer overflow in the parse_html function in o3read.c for
o3read ...)
TODO: check
-CAN-2004-1287
+CAN-2004-1287 (Buffer overflow in the error function in preproc.c for NASM
0.98.38 ...)
TODO: check
-CAN-2004-1286
+CAN-2004-1286 (Buffer overflow in the auto_filter_extern function in auto.c for
...)
TODO: check
-CAN-2004-1285
+CAN-2004-1285 (Buffer overflow in the get_header function in
asf_mmst_streaming.c for ...)
TODO: check
-CAN-2004-1284
+CAN-2004-1284 (Buffer overflow in the find_next_file function in playlist.c for
...)
TODO: check
-CAN-2004-1283
+CAN-2004-1283 (Buffer overflow in the Mesh::type method in mesh.c for the mview
...)
TODO: check
-CAN-2004-1282
+CAN-2004-1282 (Buffer overflow in the strexpand function in string.c for
LinPopUp ...)
TODO: check
-CAN-2004-1281
+CAN-2004-1281 (The ftp_retr function in junkie 0.3.1 allows remote malicious
FTP ...)
TODO: check
-CAN-2004-1280
+CAN-2004-1280 (The gui_popup_view_fly function in gui_tview_popup.c for junkie
0.3.1 ...)
TODO: check
-CAN-2004-1279
+CAN-2004-1279 (Buffer overflow in the get_file_list_stdin function in jpegtoavi
1.5 ...)
TODO: check
-CAN-2004-1278
+CAN-2004-1278 (Buffer overflow in the switch_voice function in parse.c for
jcabc2ps ...)
TODO: check
-CAN-2004-1277
+CAN-2004-1277 (The download_selection_recursive() function in ftplist.c for
IglooFTP ...)
TODO: check
-CAN-2004-1276
+CAN-2004-1276 (IglooFTP 0.6.1, when recursively uploading a directory, allows
local ...)
TODO: check
-CAN-2004-1275
+CAN-2004-1275 (Buffer overflow in the remove_quote function in convert.c for
...)
TODO: check
-CAN-2004-1274
+CAN-2004-1274 (The DownloadLoop function in main.c for greed 0.81p allows
remote ...)
TODO: check
-CAN-2004-1273
+CAN-2004-1273 (Buffer overflow in the DownloadLoop function in main.c for greed
0.81p ...)
TODO: check
-CAN-2004-1272
+CAN-2004-1272 (Buffer overflow in the save_embedded_address function in
filter.c for ...)
TODO: check
-CAN-2004-1271
+CAN-2004-1271 (Buffer overflow in the dxfin function in d.c for dxfscope 0.2
allows ...)
TODO: check
-CAN-2004-1270
+CAN-2004-1270 (lppasswd in CUPS 1.1.22, when run in environments that do not
ensure ...)
TODO: check
-CAN-2004-1269
+CAN-2004-1269 (lppasswd in CUPS 1.1.22 does not remove the passwd.new file if
it ...)
TODO: check
-CAN-2004-1268
+CAN-2004-1268 (lppasswd in CUPS 1.1.22 ignores write errors when modifying the
CUPS ...)
TODO: check
-CAN-2004-1267
+CAN-2004-1267 (Buffer overflow in the ParseCommand function in hpgl-input.c in
the ...)
TODO: check
-CAN-2004-1266
+CAN-2004-1266 (Buffer overflow in the get_field_headers function in csv2xml.cpp
for ...)
TODO: check
-CAN-2004-1265
+CAN-2004-1265 (Buffer overflow in the readObjectChunk function in 3dsimp.cpp
for the ...)
TODO: check
-CAN-2004-1264
+CAN-2004-1264 (Buffer overflow in the simplify_path function in config.c for
ChBg 1.5 ...)
- chbg (unfixed; bug #285904)
-CAN-2004-1263
+CAN-2004-1263 (changepassword.cgi in ChangePassword 0.8, when installed setuid,
...)
TODO: check
-CAN-2004-1262
+CAN-2004-1262 (Buffer overflow in the bsb_open_header function in libbsb for
bsb2ppm ...)
TODO: check
-CAN-2004-1261
+CAN-2004-1261 (Multiple buffer overflows in the preparse function in asp2php
0.76.23 ...)
TODO: check
-CAN-2004-1260
+CAN-2004-1260 (Multiple buffer overflows in the (1) write_heading function in
...)
TODO: check
-CAN-2004-1259
+CAN-2004-1259 (Multiple buffer overflows in the handle_directive function in
abcpp.c ...)
TODO: check
-CAN-2004-1258
+CAN-2004-1258 (Buffer overflow in the put_words function in subs.c for abcm2ps
3.7.20 ...)
- abcm2ps (unfixed; bug #285903)
-CAN-2004-1257
+CAN-2004-1257 (Buffer overflow in the process_abc function in abc.c for
abc2mtex ...)
TODO: check
-CAN-2004-1256
+CAN-2004-1256 (Multiple buffer overflows in the (1) event_text and (2)
event_specific ...)
TODO: check
-CAN-2004-1255
+CAN-2004-1255 (Buffer overflow in the expandtabs function in 2fax 3.04 allows
remote ...)
TODO: check
-CAN-2004-1254
+CAN-2004-1254 (WinRAR 3.40, and possibly earlier versions, allows remote
attackers to ...)
TODO: check
CAN-2004-1253
NOTE: reserved
@@ -275,6 +275,7 @@
NOTE: reserved
CAN-2004-1179
NOTE: reserved
+ {DSA-615-1}
CAN-2004-1178
NOTE: reserved
CAN-2004-1177
@@ -680,6 +681,7 @@
CAN-2004-0995
NOTE: reserved
CAN-2004-0994 (Multiple integer overflows in xzgv 0.8 and earlier allow remote
...)
+ {DSA-614-1 DSA-614-1}
NOTE: only indication that it''s this CAN is in the debian package
changelog
- xzgv 0.8-3
CAN-2004-0993 (Buffer overflow in hpsockd before 0.6 allows remote attackers to
cause ...)