Author: joeyh
Date: 2005-01-21 04:29:42 +0100 (Fri, 21 Jan 2005)
New Revision: 303
Modified:
sarge-checks/CAN/list
sarge-checks/DSA/list
Log:
updates
Modified: sarge-checks/CAN/list
==================================================================---
sarge-checks/CAN/list 2005-01-20 20:14:14 UTC (rev 302)
+++ sarge-checks/CAN/list 2005-01-21 03:29:42 UTC (rev 303)
@@ -16,7 +16,7 @@
CAN-2005-0117 (Buffer overflow in XShisen before 1.36 allows local users to
execute ...)
- xshisen 1.51-1-1.1
CAN-2005-0116 (AWStats 6.1, and other versions before 6.3, allows remote
attackers to ...)
- - awstats (unfixed; bug #291064)
+ - awstats 6.2-1.1
CAN-2005-0115
NOTE: reserved
CAN-2005-0114
@@ -95,9 +95,8 @@
- jabber 1.4.3-3
NOTE: not-for-us (jadc2s)
CAN-2004-1377 (The (1) fixps (aka fixps.in) and (2) psmandup (aka psmandup.in)
...)
- - a2ps (unfixed; bug #286387)
- - a2ps (unfixed; bug #286385)
- NOTE: wrote for clarification of how it''s exploitable
+ - a2ps 1:4.13b-4.3
+ - a2ps 1:4.13b-4.3
CAN-2003-1054 (mod_access_referer 1.0.2 allows remote attackers to cause a
denial of ...)
TODO: check
CAN-2003-1053 (Multiple buffer overflows in XShisen allow attackers to execute
...)
Modified: sarge-checks/DSA/list
==================================================================---
sarge-checks/DSA/list 2005-01-20 20:14:14 UTC (rev 302)
+++ sarge-checks/DSA/list 2005-01-21 03:29:42 UTC (rev 303)
@@ -4,7 +4,7 @@
NOTE: not fixed in testing at time of DSA
[20 Jan 2005] DSA-650-1 sword - missing input sanitising
{CAN-2005-0015}
- - sword (unfixed; bug #291433)
+ - sword 1.5.7-7
NOTE: not fixed in testing at time of DSA
[20 Jan 2005] DSA-649-1 xtrlock - buffer overflow
{CAN-2005-0079}