Secure testing commits - Feb 2005 - r373 - sarge-checks/CAN

Author: joeyh
Date: 2005-02-09 18:03:33 +0100 (Wed, 09 Feb 2005)
New Revision: 373

Modified:
   sarge-checks/CAN/list
Log:
check new CANs


Modified: sarge-checks/CAN/list
==================================================================---
sarge-checks/CAN/list	2005-02-09 08:14:25 UTC (rev 372)
+++ sarge-checks/CAN/list	2005-02-09 17:03:33 UTC (rev 373)
@@ -1,99 +1,99 @@
 CAN-2005-0250 (Format string vulnerability in auditselect on IBM AIX 5.2 and
5.3 ...)
-	TODO: check
+	NOTE: not-for-us (AIX)
 CAN-2005-0249 (Heap-based buffer overflow in the DEC2EXE module for Symantec
...)
-	TODO: check
+	NOTE: not-for-us (Symantec AntiVirus Library)
 CAN-2005-0248 (The Solaris Management Console (SMC) GUI for Solaris 8 and 9,
when ...)
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2005-0247 (Multiple buffer overflows in gram.y for PostgreSQL 8.0.1 and
earlier ...)
-	TODO: check
+	- postgresql (unfixed; bug #294406)
 CAN-2005-0246 (The intagg contrib module for PostgreSQL 8.0.1 and earlier
allows ...)
-	TODO: check
+	- postgresql 7.4.7-1
 CAN-2005-0245 (Buffer overflow in gram.y for PostgreSQL 8.0.1 and earlier may
allow ...)
-	TODO: check
+	- postgresql 7.4.7-1
 CAN-2005-0244 (PostgreSQL 8.0.1 and earlier allows local users to bypass the
EXECUTE ...)
-	TODO: check
+	- postgresql 7.4.7-1
 CAN-2005-0243
 	NOTE: reserved
 CAN-2005-0242
 	NOTE: reserved
 CAN-2005-0241 (The httpProcessReplyHeader function in http.c for Squid
2.5-STABLE7 ...)
-	TODO: check
+	- squid 2.5.7-7
 CAN-2004-1394 (The pfexec function for Sun Solaris 8 and 9 does not properly
handle ...)
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2004-1393 (Unknown vulnerability in the tcsetattr function for Sun Solaris
...)
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2003-1082 (Buffer overflow in utmp_update for Solaris 2.6 through 9 allows
local ...)
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2003-1081 (Aspppls for Solaris 8 allows local users to overwrite arbitrary
files ...)
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2003-1080 (Unknown vulnerability in mail for Solaris 2.6 through 9 allows
local ...)
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2003-1079 (Unknown vulnerability in UDP RPC for Solaris 2.5.1 through 9 for
...)
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2003-1078 (The FTP client for Solaris 2.6, 7, and 8 with the debug (-d)
flag ...)
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2003-1077 (Unknown vulnerability in UFS for Solaris 9 for SPARC, with
logging ...)
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2003-1076 (Unknown vulnerability in sendmail for Solaris 7, 8, and 9 allows
local ...)
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2003-1075 (Unknown vulnerability in the FTP server (in.ftpd) for Solaris
2.6 ...)
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2003-1074 (Unknown vulnerability in newtask for Solaris 9 allows local ...)
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2003-1073 (A race condition in the at command for Solaris 2.6 through 9
allows ...)
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2003-1072 (Memory leak in lofiadm in Solaris 8 allows local users to cause
a ...)
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2003-1071 (wall for Solaris 2.6 through 9 allows local users to send
messages to ...)
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2003-1070 (Unknown vulnerability in rpcbind for Solaris 2.6 through 9
allows ...)
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2003-1069 (The Telnet daemon (in.telnetd) for Solaris 2.6 through 9 allows
remote ...)
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2003-1068 (Buffer overflow in utmp_update for Solaris 2.6 through 9 allows
local ...)
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2003-1067 (Multiple buffer overflows in the (1) dbm_open function, as used
in ...)
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2003-1066 (Buffer overflow in the syslog daemon for Solaris 2.6 through 9
allows ...)
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2003-1065 (Unknown vulnerability in patches 108993-14 through 108993-19 and
...)
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2003-1064 (Solaris 8 with IPv6 enabled allows remote attackers to cause a
denial ...)
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2003-1063 (The patches (1) 105693-13, (2) 108800-02, (3) 105694-13, and (4)
...)
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2003-1062 (Unknown vulnerability in the sysinfo system call for Solaris for
SPARC ...)
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2003-1061 (Race condition in Solaris 2.6 through 9 allows local users to
cause a ...)
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2003-1060 (The NFS Server for Solaris 7, 8, and 9 allows remote attackers
to ...)
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2003-1059 (Unknown vulnerability in the libraries for the PGX32 frame
buffer in ...)
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2003-1058 (The Xsun server for Sun Solaris 2.6 through 9, when running in
Direct ...)
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2003-1057 (Unknown vulnerability in CDE Print Viewer (dtprintinfo) for Sun
...)
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2003-1056 (The ed editor for Sun Solaris 2.6, 7, and 8 allows local users
to ...)
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2003-1055 (Buffer overflow in the nss_ldap.so.1 library for Sun Solaris 8
and 9 ...)
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2002-1590 (Web Based Enterprise Management (WBEM) for Solaris 8 with update
1/01 ...)
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2002-1589 (Unknown vulnerability in Solaris 8, when the 0x02 bit (aka TEST,
...)
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2002-1588 (Mailtool for OpenWindows 3.6, 3.6.1, and 3.6.2 allows remote
attackers ...)
-	TODO: check
+	NOTE: not-for-us (Mailtool for OpenWindows)
 CAN-2002-1587 (The libthread library (libthread.so.1) for Solaris 2.5.1 through
8 ...)
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2002-1586 (Solaris 2.5.1 through 9 allows local users to cause a denial of
...)
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2002-1585 (Unknown vulnerability in Solaris 8 for Intel and Solaris 8 and 9
...)
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2002-1584 (Unknown vulnerability in the AUTH_DES authentication for RPC in
...)
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2001-1414 (The Basic Security Module (BSM) for Solaris 2.5.1, 2.6, 7, and 8
does ...)
-	TODO: check
+	NOTE: not-for-us (Solaris)
 CAN-2005-0240 (Format string vulnerability in chdev on IBM AIX 5.2 allows local
users ...)
 	NOTE: not-for-us (AIX)
 CAN-2005-0239 (viewcert.php in the S/MIME plugin 0.4 and 0.5 for Squirrelmail
allows ...)
@@ -114,9 +114,9 @@
 	- mozilla-firefox (unfixed; bug #293975)
 	- mozilla-browser (unfixed; bug #294274)
 CAN-2005-0232 (Firefox 1.0 allows remote attackers to modify Boolean
configuration ...)
-	TODO: check
+	- mozilla-firefox (unfixed; bug filed)
 CAN-2005-0231 (Firefox 1.0 does not invoke the Javascript Security Manager when
a ...)
-	TODO: check
+	- mozilla-firefox (unfixed; bug filed)
 CAN-2005-0230
 	NOTE: reserved
 CAN-2005-0229