Author: djoume-guest Date: 2005-02-06 23:49:40 +0100 (Sun, 06 Feb 2005) New Revision: 359 Modified: sarge-checks/CAN/list Log: * processed a few CAN left by "super quick" joeyh Modified: sarge-checks/CAN/list ==================================================================--- sarge-checks/CAN/list 2005-02-06 20:14:16 UTC (rev 358) +++ sarge-checks/CAN/list 2005-02-06 22:49:40 UTC (rev 359) @@ -87,9 +87,9 @@ CAN-2005-0185 (Stack-based buffer overflow in NodeManager Professional 2.00 allows ...) NOTE: not-for-us (NodeManager Professional) CAN-2005-0184 (Directory traversal vulnerability in ftpfile in the Vacation plugin ...) - TODO: check + NOTE: not-for-us (vacation plugin not in Debian) CAN-2005-0183 (ftpfile in the Vacation plugin 0.15 and earlier for Squirrelmail ...) - TODO: check + NOTE: not-for-us (vacation plugin not in Debian) CAN-2005-0182 (The mod_dosevasive module 1.9 and earlier for Apache creates temporary ...) NOTE: not-for-us (mod_dosevasive module for apache) CAN-2005-0181 @@ -2132,7 +2132,8 @@ CAN-2004-0668 (Web Access in Lotus Domino 6.5.1 allows remote attackers to cause a ...) NOTE: not-for-us (Lotus) CAN-2004-0667 (Rule Set Based Access Control (RSBAC) 1.2.2 through 1.2.3 allows ...) - TODO: kernel-patch-adamantix may contain the RSBAC patch, check + NOTE: kernel-patch-adamantix contain the RSBAC patch v1.2.2 and is vulnerable. + - kernel-patch-adamantix (unfixed, buf filed) CAN-2004-0666 (Off-by-one error in the POP3_readmsg function in popclient 3.0b6 ...) NOTE: not-for-us (popclient not in Debian) CAN-2004-0665 (csFAQ.cgi in csFAQ allows remote attackers to gain sensitive ...)