Author: joeyh
Date: 2005-02-24 03:49:17 +0100 (Thu, 24 Feb 2005)
New Revision: 478
Modified:
sarge-checks/CAN/list
Log:
fill in a few holes, remove one nonexistant CAN
Modified: sarge-checks/CAN/list
==================================================================---
sarge-checks/CAN/list 2005-02-23 21:39:18 UTC (rev 477)
+++ sarge-checks/CAN/list 2005-02-24 02:49:17 UTC (rev 478)
@@ -411,7 +411,7 @@
CAN-2005-0468
NOTE: reserved
CAN-2005-0467 (Multiple integer overflows in the (1) sftp_pkt_getstring and (2)
...)
- TODO: check
+ - putty 0.57-1
CAN-2005-0466
NOTE: reserved
CAN-2005-0465
@@ -1154,9 +1154,9 @@
CAN-2005-0260 (Stack-based buffer overflow in the Discovery Service for
BrightStor ...)
NOTE: not-for-us (ARCserve Backup)
CAN-2005-0259 (phpBB 2.0.11, and possibly other versions, with remote avatars
and ...)
- TODO: check
+ - phpbb2 2.0.12-1
CAN-2005-0258 (Directory traversal vulnerability in usercp_register.php for
phpBB ...)
- TODO: check
+ - phpbb2 2.0.12-1
CAN-2005-0257
NOTE: reserved
CAN-2005-0256
@@ -1349,7 +1349,7 @@
CAN-2005-0205
NOTE: reserved
CAN-2005-0204 (Linux kernel before 2.6.9, when running on the AMD64 and Intel
EM64T ...)
- TODO: check
+ TODO: check with kernel team
CAN-2005-0203
NOTE: reserved
CAN-2005-0202 (Directory traversal vulnerability in the true_path function in
...)
@@ -3110,8 +3110,6 @@
NOTE: not-for-us (microsoft)
CAN-2004-0839 (Internet Explorer in Windows XP SP2, and other versions
including 5.01 ...)
NOTE: not-for-us (microsoft)
-CAN-2004-0838
- TODO: check
CAN-2004-0837 (MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows
attackers to ...)
{DSA-562-2}
CAN-2004-0836 (Buffer overflow in the mysql_real_connect function in MySQL 4.x
before ...)