Author: joeyh Date: 2005-03-27 09:14:17 +0000 (Sun, 27 Mar 2005) New Revision: 670 Modified: sarge-checks/CAN/list Log: automatic CAN database update Modified: sarge-checks/CAN/list ==================================================================--- sarge-checks/CAN/list 2005-03-26 12:22:07 UTC (rev 669) +++ sarge-checks/CAN/list 2005-03-27 09:14:17 UTC (rev 670) @@ -1,3 +1,75 @@ +CAN-2005-0890 (SQL injection vulnerability in Dream4 Koobi CMS 4.2.3 allows remote ...) + TODO: check +CAN-2005-0889 (Cross-site scripting (XSS) vulnerability in index.php for Dream4 Koobi ...) + TODO: check +CAN-2005-0888 (Multiple cross-site scripting (XSS) vulnerabilities in ...) + TODO: check +CAN-2005-0887 (Code injection vulnerability in Double Choco Latte before 0.9.4.3 ...) + TODO: check +CAN-2005-0886 (Cross-site scripting (XSS) vulnerability in Invision Power Board 2.0.2 ...) + TODO: check +CAN-2005-0885 (Multiple cross-site scripting (XSS) vulnerabilities in XMB Forum 1.9.1 ...) + TODO: check +CAN-2005-0884 (DigitalHive 2.0 allows remote attackers to re-install the product by ...) + TODO: check +CAN-2005-0883 (Multiple cross-site scripting (XSS) vulnerabilities in base.php for ...) + TODO: check +CAN-2005-0882 (SQL injection vulnerability in admincore.php in BirdBlog before 1.2.0 ...) + TODO: check +CAN-2005-0881 (Cross-site scripting (XSS) vulnerability in articles.newcomment for ...) + TODO: check +CAN-2005-0880 (content.php in Vortex Portal allows remote attackers to obtain ...) + TODO: check +CAN-2005-0879 (PHP remote code injection vulnerability in (1) content.php and (2) ...) + TODO: check +CAN-2005-0878 (Cross-site scripting (XSS) vulnerability in MercuryBoard before 1.1.3 ...) + TODO: check +CAN-2005-0877 (Dnsmasq before 2.21 allows remote attackers to poison the DNS cache ...) + TODO: check +CAN-2005-0876 (Off-by-one buffer overflow in Dnsmasq before 2.21 may allow attackers ...) + TODO: check +CAN-2005-0875 (Multiple buffer overflows in the Yahoo plug-in for Trillian 2.0, 3.0, ...) + TODO: check +CAN-2005-0874 (Multiple buffer overflows in the (1) AIM, (2) MSN, (3) RSS, and other ...) + TODO: check +CAN-2005-0873 (Multiple cross-site scripting (XSS) vulnerabilities in test.jsp in ...) + TODO: check +CAN-2005-0872 (Cross-site scripting (XSS) vulnerability in calendar_scheduler.php in ...) + TODO: check +CAN-2005-0871 (calendar_scheduler.php in Topic Calendar 1.0.1 module for phpBB, when ...) + TODO: check +CAN-2005-0870 (Multiple cross-site scripting (XSS) vulnerabilities in phpSysInfo 2.3, ...) + TODO: check +CAN-2005-0869 (phpSysInfo 2.3 allows remote attackers to obtain sensitive information ...) + TODO: check +CAN-2005-0868 (AS/400 Telnet 5250 terminal emulation clients, as implemented by (1) ...) + TODO: check +CAN-2005-0867 (Integer overflow in Linux kernel 2.6 allows local users to overwrite ...) + TODO: check +CAN-2005-0866 (cdrecord before 4:2.0, when DEBUG is enabled, allows local users to ...) + TODO: check +CAN-2004-1771 (Scalable OGo (SOGo) 1.0 allows remote authenticated users to bypass ...) + TODO: check +CAN-2002-1628 (Directory traversal vulnerability in vote.cgi for Mike Spice Mike''s ...) + TODO: check +CAN-2002-1627 (Directory traversal vulnerability in quiz.cgi for Mike Spice Quiz Me! ...) + TODO: check +CAN-2002-1626 (Directory traversal vulnerability in Mike Spice My Calendar before 1.5 ...) + TODO: check +CAN-2002-1625 (Macromedia Flash Player 6 does not terminate connections when the user ...) + TODO: check +CAN-2002-1624 (Buffer overflow in Lotus Domino web server before R5.0.10, when ...) + TODO: check +CAN-2002-1623 (The design of the Internet Key Exchange (IKE) protocol, when using ...) + TODO: check +CAN-2002-1622 (Buffer overflow in certain RPC routines in IBM AIX 4.3 may allow ...) + TODO: check +CAN-2002-1621 (Buffer overflow in the file_comp function in rcp for IBM AIX 4.3.x and ...) + TODO: check +CAN-2002-1620 (Unknown vulnerability in IBM AIX Parallel Systems Support Programs ...) + TODO: check +CAN-2002-1619 (Buffer overflow in the FC client for IBM AIX 4.3.x allows remote ...) + TODO: check CAN-2005-0865 (Samsung ADSL Modem SMDK8947v1.2 uses default passwords for the (1) ...) NOTE: not-for-us (Samsung ADSL modems) CAN-2005-0864 (The Boa web server, as used in Samsung ADSL Modem SMDK8947v1.2 and ...) @@ -266,18 +338,14 @@ CAN-2005-0763 NOTE: reserved CAN-2005-0762 [imagemagick SGI heap overflow allows arbitrary code execution] - NOTE: reserved - imagemagick 5:6.0.0-1 NOTE: Does only affect imagemagick releases prior to 6 CAN-2005-0761 [imagemagick crafted PSD DoS] - NOTE: reserved - imagemagick (unfixed; bug #301110) CAN-2005-0760 [imagemagick malformed TIFF crash DoS] - NOTE: reserved - imagemagick 5:6.0.0-1 NOTE: Does only affect imagemagick releases prior to 6 CAN-2005-0759 [imagemagick invalid TIFF tag DoS] - NOTE: reserved - imagemagick 5:6.0.0-1 NOTE: Does only affect imagemagick releases prior to 6 CAN-2005-0758 @@ -1764,8 +1832,7 @@ NOTE: reserved CAN-2005-0399 [GIF heap overflow parsing Netscape extension 2 in Firefox] - mozilla-firefox 1.0.2-1 -CAN-2005-0398 - NOTE: reserved +CAN-2005-0398 (The KAME racoon daemon in ipsec-tools before 0.5 allows remote ...) - racoon 1:0.5-5 CAN-2005-0397 (Format string vulnerability in ImageMagick before 6.0.2.5 allows ...) - imagemagick 6:6.0.6.2-2.2 @@ -9587,7 +9654,7 @@ CAN-2002-0212 (The login for Hosting Controller 1.1 through 1.4.1 returns different ...) CAN-2002-0210 (setlicense for TOLIS Group Backup and Restore Utility (BRU) 17.0 ...) CAN-2002-0208 (PGP Security PGPfire 7.1 for Windows alters the system''s TCP/IP stack ...) -CAN-2002-0206 (index.php in Francisco Burzi PHP-Nuke 5.3.1 and earlier allows remote ...) +CAN-2002-0206 (index.php in Francisco Burzi PHP-Nuke 5.3.1 and earlier, and possibly ...) CAN-2002-0205 (Cross-site scripting (CSS) vulnerability in error.asp for Plumtree ...) CAN-2002-0204 (Buffer overflow in GNU Chess (gnuchess) 5.02 and earlier, if modified ...) CAN-2002-0203 (ttawebtop.cgi in Tarantella Enterprise 3.20 on SPARC Solaris and ...)