Author: jmm-guest Date: 2005-04-09 09:59:15 +0000 (Sat, 09 Apr 2005) New Revision: 779 Modified: sarge-checks/CAN/list Log: Lots of not-for-us. Modified: sarge-checks/CAN/list ==================================================================--- sarge-checks/CAN/list 2005-04-09 09:48:00 UTC (rev 778) +++ sarge-checks/CAN/list 2005-04-09 09:59:15 UTC (rev 779) @@ -1,57 +1,57 @@ CAN-2005-1017 (SQL injection vulnerability in the Update_Events function in ...) - TODO: check + NOTE: not-for-us (MaxWebPortal) CAN-2005-1016 (Cross-site scripting (XSS) vulnerability in links_add_form.asp for ...) - TODO: check + NOTE: not-for-us (MaxWebPortal) CAN-2005-1015 (Buffer overflow in MailEnable Imapd (MEIMAP.exe) allows remote ...) - TODO: check + NOTE: not-for-us (MailEnable) CAN-2005-1014 (Buffer overflow in the IMAP service for MailEnable Enterprise 1.04 and ...) - TODO: check + NOTE: not-for-us (MailEnable) CAN-2005-1013 (The SMTP service in MailEnable Enterprise 1.04 and earlier and ...) - TODO: check + NOTE: not-for-us (MailEnable) CAN-2005-1012 (Cross-site scripting (XSS) vulnerability in Iatek SiteEnable allows ...) - TODO: check + NOTE: not-for-us (SiteEnable) CAN-2005-1011 (SQL injection vulnerability in content.asp in SiteEnable allows remote ...) - TODO: check + NOTE: not-for-us (SiteEnable) CAN-2005-1010 (Cross-site scripting (XSS) vulnerability in Comersus Cart 6 allows ...) - TODO: check + NOTE: not-for-us (ComersusCart) CAN-2005-1009 (Multiple buffer overflows in BakBone NetVault 6.x and 7.x allow (1) ...) - TODO: check + NOTE: not-for-us (NetVault) CAN-2005-1008 (Cross-site scripting (XSS) vulnerability in posts.asp for ASP-DEv XM ...) - TODO: check + NOTE: not-for-us (XM Forum) CAN-2005-1007 (Unknown vulnerability in the LIST functionality in CommuniGate Pro ...) - TODO: check + NOTE: not-for-us (CommuniGate Pro) CAN-2005-1006 (Multiple cross-site scripting (XSS) vulnerabilities in SonicWALL SOHO ...) - TODO: check + NOTE: not-for-us (SonicWALL) CAN-2005-1005 (ProfitCode PayProCart 3.0 allows remote attackers to bypass ...) - TODO: check + NOTE: not-for-us (PayProCart) CAN-2005-1004 (Cross-site scripting (XSS) vulnerability in usrdetails.php in ...) - TODO: check + NOTE: not-for-us (PayProCart) CAN-2005-1003 (Directory traversal vulnerability in index.php for ProfitCode ...) - TODO: check + NOTE: not-for-us (PayProCart) CAN-2005-1002 (logwebftbs2000.exe in LOG-FT File Transfer allows remote attackers to ...) - TODO: check + NOTE: not-for-us (LOG-FT File Transfer) CAN-2005-1001 (PHP-Nuke 7.6 allows remote attackers to obtain sensitive information ...) - TODO: check + NOTE: not-for-us (PHP-Nuke) CAN-2005-1000 (Multiple cross-site scripting (XSS) vulnerabilities in PHP-Nuke 7.6 ...) - TODO: check + NOTE: not-for-us (PHP-Nuke) CAN-2005-0999 (SQL injection vulnerability in the Top module for PHP-Nuke 6.x through ...) - TODO: check + NOTE: not-for-us (PHP-Nuke) CAN-2005-0998 (The Web_Links module for PHP-Nuke 7.6 allows remote attackers to ...) - TODO: check + NOTE: not-for-us (PHP-Nuke) CAN-2005-0997 (Multiple SQL injection vulnerabilities in the Web_Links module for ...) - TODO: check + NOTE: not-for-us (PHP-Nuke) CAN-2005-0996 (Multiple SQL injection vulnerabilities in the Downloads module for ...) - TODO: check + NOTE: not-for-us (PHP-Nuke) CAN-2005-0995 (Multiple cross-site scripting (XSS) vulnerabilities in ProductCart 2.7 ...) - TODO: check + NOTE: not-for-us (ProductCart) CAN-2005-0994 (Multiple SQL injection vulnerabilities in ProductCart 2.7 allow remote ...) - TODO: check + NOTE: not-for-us (ProductCart) CAN-2005-0993 (Buffer overflow in nwprint in SCO OpenServer 5.0.7 allows local users ...) - TODO: check + NOTE: not-for-us (SCO) CAN-2005-0992 (Cross-site scripting (XSS) vulnerability in index.php in phpMyAdmin ...) - phpmyadmin 3:2.6.2-rc1-1 CAN-2005-0991 (RC.BOOT in IBM AIX 5.1, 5.2, and 5.3 does not "use a secure location ...) - TODO: check + NOTE: not-for-us (AIX) CAN-2005-0990 (unshar (unshar.c) in sharutils 4.2.1 allows local users to overwrite ...) TODO: check CAN-2005-0989 (The Javascript engine in Mozilla Suite 1.7.6 and Firefox 1.0.1 and ...) @@ -59,25 +59,25 @@ CAN-2005-0988 (Race condition in gzip 1.2.4, 1.3.3, and earlier when decompressing a ...) TODO: check CAN-2005-0987 (Unknown vulnerability in IRC Services NickServ LISTLINKS before 5.0.50 ...) - TODO: check + NOTE: not-for-us (IRC Services NickServ) CAN-2005-0986 (NLSCCSTR.DLL in the web service in IBM Lotus Domino Server 6.5.1, ...) - TODO: check + NOTE: not-for-us (Lotus Domino) CAN-2005-0985 NOTE: reserved CAN-2005-0984 (Buffer overflow in the G_Printf function in Star Wars Jedi Knight: ...) - TODO: check + NOTE: not-for-us (Star Wars game) CAN-2005-0983 (Quake 3 engine, as used in multiple games, allows remote attackers to ...) - TODO: check + NOTE: not-for-us (Quake 3 based games) CAN-2005-0982 (Multiple cross-site scripting (XSS) vulnerabilities in Yet Another ...) - TODO: check + NOTE: not-for-us (Yet Another Forum.net) CAN-2005-0981 (Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft EPay ...) - TODO: check + NOTE: not-for-us (Alstrasoft EPay) CAN-2005-0980 (PHP remote code injection vulnerability in index.php in AlstraSoft ...) - TODO: check + NOTE: not-for-us (Alstrasoft EPay) CAN-2005-0979 (Multiple buffer overflows in RUMBA 7.3 and earlier allow remote ...) - TODO: check + NOTE: not-for-us (Rumba) CAN-2005-0978 (Directory traversal vulnerability in the Object Push service in IVT ...) - TODO: check + NOTE: not-for-us (IVT BlueSoleil) CAN-2005-0977 (The shm_nopage function in the tmpfs driver in Linux kernel 2.6 does ...) - kernel-source-2.6.8 2.6.8-16 CAN-2005-0976 @@ -97,7 +97,7 @@ CAN-2005-0969 NOTE: reserved CAN-2005-0968 (Computer Associates (CA) eTrust Intrusion Detection 3.0 allows remote ...) - TODO: check + NOTE: not-for-us (CA eTrust IDS) CAN-2005-0967 (Gaim 1.2.0 allows remote attackers to cause a denial of service ...) TODO: check CAN-2005-XXXX [Insecure tempfile handling in openwebmail CGI scripts]