Author: micah Date: 2005-02-19 02:21:40 +0100 (Sat, 19 Feb 2005) New Revision: 447 Modified: sarge-checks/CAN/list Log: grabbed some kernel ones Modified: sarge-checks/CAN/list ==================================================================--- sarge-checks/CAN/list 2005-02-19 00:33:31 UTC (rev 446) +++ sarge-checks/CAN/list 2005-02-19 01:21:40 UTC (rev 447) @@ -879,13 +879,13 @@ - kernel-source-2.6.10 2.6.10-4 CAN-2005-0178 (Race condition in the setsid function in Linux before 2.6.8.1 has ...) NOTE: see USN-82-1 - TODO: check with kernel team + NOTE: micah checking with kernel team CAN-2005-0177 (nls_ascii.c in Linux before 2.6.8.1 uses an incorrect table size, ...) NOTE: see USN-82-1 - TODO: check with kernel team + NOTE: micah checking with kernel team CAN-2005-0176 (The shmctl function in Linux before 2.6.8.1 allows local users to ...) NOTE: see USN-82-1 - TODO: check with kernel team + NOTE: micah checking with kernel team CAN-2004-1392 (PHP 4.0 with cURL functions allows remote attackers to bypass the ...) - php4 4:4.3.10-3 CAN-2004-1391 (Untrusted execution path vulnerability in the PPPoE daemon (PPPoEd) in ...) @@ -1419,7 +1419,7 @@ NOTE: Fixed in upstream 2.6.10 - kernel-source-2.6.8 2.6.8-11 - kernel-source-2.6.9 2.6.9-4 - TODO: what about 2.4? check with kernel team + NOTE: micah checking with kernel team, what about 2.4? CAN-2004-1332 (Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with ...) NOTE: not-for-us (hpux) CAN-2004-1331 (The execCommand method in Microsoft Internet Explorer 6.0 SP2 allows ...)