Author: joeyh Date: 2005-03-27 23:20:47 +0000 (Sun, 27 Mar 2005) New Revision: 671 Modified: sarge-checks/CAN/list Log: claim and a few old cans checked Modified: sarge-checks/CAN/list ==================================================================--- sarge-checks/CAN/list 2005-03-27 09:14:17 UTC (rev 670) +++ sarge-checks/CAN/list 2005-03-27 23:20:47 UTC (rev 671) @@ -1,3 +1,4 @@ +begin claimed by joeyh CAN-2005-0890 (SQL injection vulnerability in Dream4 Koobi CMS 4.2.3 allows remote ...) TODO: check CAN-2005-0889 (Cross-site scripting (XSS) vulnerability in index.php for Dream4 Koobi ...) @@ -70,6 +71,7 @@ TODO: check CAN-2002-1619 (Buffer overflow in the FC client for IBM AIX 4.3.x allows remote ...) TODO: check +end claimed by joeyh CAN-2005-0865 (Samsung ADSL Modem SMDK8947v1.2 uses default passwords for the (1) ...) NOTE: not-for-us (Samsung ADSL modems) CAN-2005-0864 (The Boa web server, as used in Samsung ADSL Modem SMDK8947v1.2 and ...) @@ -109,7 +111,7 @@ CAN-2005-0847 (Code Ocean FTP server 1.0 allows remote attackers to cause a denial of ...) NOTE: not-for-us (Code Ocean FTP Server) CAN-2002-1618 (JFS (JFS3.1 and OnlineJFS) in HP-UX 10.20, 11.00, and 11.04 does not ...) - TODO: check + NOTE: not-for-us (HP-UX) CAN-2002-1617 (Multiple buffer overflows in HP Tru64 UNIX 5.x allow local users to ...) NOTE: not-for-us (HP Tru64 UNIX) CAN-2002-1616 (Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and ...) @@ -141,7 +143,7 @@ CAN-2002-1603 (GoAhead Web Server 2.1.7 and earlier allows remote attackers to obtain ...) NOTE: not-for-us (GoAhead Web Server) CAN-2002-1602 (Buffer overflow in the Braille module for GNU screen 3.9.11, when ...) - TODO: check + NOTE: HAVE_BRAILLE not set in binary build CAN-2005-XXXX [Exploitable race conditions in OpenMosixView may lead to filesystem trashing] - openmosixview (unfixed; bug #301430) CAN-2005-XXXX [Buffer overflow in display of messages with MIME encoded filenames in Sylpheed] @@ -208,6 +210,7 @@ NOTE: not-for-us (Cayman DSL router) CAN-2001-1429 (Buffer overflow in mcedit in Midnight Commander 4.5.1 allows local ...) TODO: check + NOTE: could not find enough info about the vulneraility to check it CAN-2001-1428 (The (1) FTP and (2) Telnet services in Beck GmbH IPC@Chip are shipped ...) NOTE: not-for-us (IPC@CHIP Embedded web server) CAN-2001-1427 (Unknown vulnerability in ColdFusion Server 2.0 through 4.5.1 SP2 ...)