Author: jmm-guest Date: 2005-03-26 10:07:41 +0000 (Sat, 26 Mar 2005) New Revision: 668 Modified: sarge-checks/CAN/list Log: Vulns not affecting Debian. Modified: sarge-checks/CAN/list ==================================================================--- sarge-checks/CAN/list 2005-03-26 09:14:18 UTC (rev 667) +++ sarge-checks/CAN/list 2005-03-26 10:07:41 UTC (rev 668) @@ -1,41 +1,41 @@ CAN-2005-0865 (Samsung ADSL Modem SMDK8947v1.2 uses default passwords for the (1) ...) - TODO: check + NOTE: not-for-us (Samsung ADSL modems) CAN-2005-0864 (The Boa web server, as used in Samsung ADSL Modem SMDK8947v1.2 and ...) - TODO: check + NOTE: not-for-us (Samsung ASDL modems, Debian''s boa has been fixed years ago) CAN-2005-0863 (Cross-site scripting (XSS) vulnerability in PHPOpenChat v3.x allows ...) - TODO: check + NOTE: not-for-us (PHPOpenChat) CAN-2005-0862 (Multiple PHP remote code injection vulnerabilities in PHPOpenChat ...) - TODO: check + NOTE: not-for-us (PHPOpenChat) CAN-2005-0861 (Multiple buffer overflows in DeleGate before 8.11.1 may allow ...) - TODO: check + NOTE: not-for-us (Delegate not in Debian) CAN-2005-0860 (PHP remote code injection vulnerability in TRG News Script 3.0 allows ...) - TODO: check + NOTE: not-for-us (TRG News Script) CAN-2005-0859 (PHP remote code injection vulnerability in CzarNews 1.13b allows ...) - TODO: check + NOTE: not-for-us (CzarNews) CAN-2005-0858 (Multiple SQL injection vulnerabilities in CoolForum 0.8 and earlier ...) - TODO: check + NOTE: not-for-us (CoolForum) CAN-2005-0857 (Cross-site scripting (XSS) vulnerability in avatar.php for CoolForum ...) - TODO: check + NOTE: not-for-us (CoolForum) CAN-2005-0856 (CoolForum 0.8.1 beta and earlier allows remote attackers to manipulate ...) - TODO: check + NOTE: not-for-us (CoolForum) CAN-2005-0855 (CoolForum 0.8.1 beta and earlier allows remote attackers to obtain ...) - TODO: check + NOTE: not-for-us (CoolForum) CAN-2005-0854 (betaparticle blog (bp blog) allows remote attackers to bypass ...) - TODO: check + NOTE: not-for-us (betaparticle blog) CAN-2005-0853 (betaparticle blog (bp blog) stores the database under the web root, ...) - TODO: check + NOTE: not-for-us (betaparticle blog) CAN-2005-0852 (Microsoft Windows XP SP1 allows local users to cause a denial of ...) - TODO: check + NOTE: not-for-us (Microsoft Windows) CAN-2005-0851 (FileZilla FTP server before 0.9.6, when using MODE Z (zlib ...) - TODO: check + NOTE: not-for-us (FileZilla FTP server) CAN-2005-0850 (FileZilla FTP server before 0.9.6 allows remote attackers to cause a ...) - TODO: check + NOTE: not-for-us (FileZilla FTP server) CAN-2005-0849 (Multiple games developed by FUN labs, including 4X4 Off-road Adventure ...) - TODO: check + NOTE: not-for-us (Multiple commercial games by FUN Labs) CAN-2005-0848 (Multiple games developed by FUN labs, including 4X4 Off-road Adventure ...) - TODO: check + NOTE: not-for-us (Multiple commercial games by FUN Labs) CAN-2005-0847 (Code Ocean FTP server 1.0 allows remote attackers to cause a denial of ...) - TODO: check + NOTE: not-for-us (Code Ocean FTP Server) CAN-2002-1618 (JFS (JFS3.1 and OnlineJFS) in HP-UX 10.20, 11.00, and 11.04 does not ...) TODO: check CAN-2002-1617 (Multiple buffer overflows in HP Tru64 UNIX 5.x allow local users to ...) @@ -1724,7 +1724,7 @@ CAN-2005-0419 (Multiple heap-based buffer overflows in 3Com 3CServer allow remote ...) NOTE: not-for-us (3com) CAN-2005-0418 (Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up ...) - TODO: check + NOTE: not-for-us (Sun Java) CAN-2005-0417 (Unknown "high risk" vulnerability in DB2 Universal Database 8.1 and ...) NOTE: not-for-us (IBM DB2) CAN-2005-0416 (The Windows Animated Cursor (ANI) capability in Windows NT, Windows ...)