Author: joeyh
Date: 2005-02-11 21:56:15 +0100 (Fri, 11 Feb 2005)
New Revision: 397
Modified:
sarge-checks/CAN/list
Log:
updates
Modified: sarge-checks/CAN/list
==================================================================---
sarge-checks/CAN/list 2005-02-11 20:14:16 UTC (rev 396)
+++ sarge-checks/CAN/list 2005-02-11 20:56:15 UTC (rev 397)
@@ -647,7 +647,7 @@
CAN-2005-0089 (The SimpleXMLRPCServer library module in Python 2.2, 2.3 before
2.3.5, ...)
{DSA-666-1}
CAN-2005-0088 (The publisher handler for mod_python 2.7.8 and earlier allows
remote ...)
- TODO: check
+ - libapache2-mod-python (unfixed; bug filed)
CAN-2005-0087
NOTE: reserved
CAN-2005-0086 (Heap-based buffer overflow in less in Red Hat Enterprise Linux 3
...)
@@ -730,33 +730,33 @@
CAN-2005-0058
NOTE: reserved
CAN-2005-0057 (The Hyperlink Object Library for Windows 98, 2000, XP, and
Server 2003 ...)
- TODO: check
+ NOTE: not-for-us (Microsoft)
CAN-2005-0056 (Internet Explorer 5.01, 5.5, and 6 does not properly validate
certain ...)
- TODO: check
+ NOTE: not-for-us (Microsoft)
CAN-2005-0055 (Internet Explorer 5.01, 5.5, and 6 does not properly validate
buffers ...)
- TODO: check
+ NOTE: not-for-us (Microsoft)
CAN-2005-0054 (Internet Explorer 5.01, 5.5, and 6 allows remote attackers to
spoof a ...)
- TODO: check
+ NOTE: not-for-us (Microsoft)
CAN-2005-0053 (Internet Explorer 5.01, 5.5, and 6 allows remote attackers to
execute ...)
- TODO: check
+ NOTE: not-for-us (Microsoft)
CAN-2005-0052
NOTE: reserved
CAN-2005-0051 (Windows XP SP1 and SP2 allows remote attackers to obtain
sensitive ...)
- TODO: check
+ NOTE: not-for-us (Microsoft)
CAN-2005-0050 (The License Logging service for Windows NT Server, Windows 2000
...)
- TODO: check
+ NOTE: not-for-us (Microsoft)
CAN-2005-0049 (Windows SharePoint Services and SharePoint Team Services for
Windows ...)
- TODO: check
+ NOTE: not-for-us (Microsoft)
CAN-2005-0048
NOTE: reserved
CAN-2005-0047 (Windows 2000, XP, and Server 2003 does not properly
"validate the use ...)
- TODO: check
+ NOTE: not-for-us (Microsoft)
CAN-2005-0046
NOTE: reserved
CAN-2005-0045 (The Server Message Block (SMB) implementation for Windows 2000,
XP, ...)
- TODO: check
+ NOTE: not-for-us (Microsoft)
CAN-2005-0044 (The OLE component in Windows 98, 2000, XP, and Server 2003, and
...)
- TODO: check
+ NOTE: not-for-us (Microsoft)
CAN-2005-0043 (Buffer overflow in Apple iTunes 4.7 allows remote attackers to
execute ...)
NOTE: not-for-us (iTunes)
CAN-2005-0042
@@ -1134,7 +1134,7 @@
CAN-2004-1245
NOTE: reserved
CAN-2004-1244 (Windows Media Player 9 allows remote attackers to execute
arbitrary ...)
- TODO: check
+ NOTE: not-for-us (Microsoft)
CAN-2004-1243
NOTE: reserved
CAN-2004-1242
@@ -1393,7 +1393,7 @@
CAN-2004-1132
NOTE: reserved
CAN-2004-1131 (Multiple buffer overflows in the enable command for SCO
OpenServer ...)
- TODO: check
+ NOTE: not-for-us (SCO)
CAN-2004-1130 (Cross-site scripting (XSS) vulnerability in admin.asp in
CMailServer ...)
NOTE: not-for-us (CMailServer)
CAN-2004-1129 (SQL injection vulnerability in (1) fdelmail.asp, (2)
addressc.asp, and ...)
@@ -2068,7 +2068,7 @@
NOTE: not vulnerable according to
http://www.debian.org/security/nonvulns-sarge
HELP: which radius daemon in debian is "GNU Radius" (if any)?
CAN-2004-0848 (Buffer overflow in Microsoft Office XP allows remote attackers
to ...)
- TODO: check
+ NOTE: not-for-us (microsoft)
CAN-2004-0847 (The Microsoft .NET forms authentication capability for ASP.NET
allows ...)
NOTE: not-for-us (microsoft)
CAN-2004-0846 (Unknown vulnerability in Microsoft Excel 2000, 2002, 2001 for
Mac, and ...)