Moritz Muehlenhoff
2005-May-06 09:49 UTC
[Secure-testing-commits] r1009 - sarge-checks/CAN
Author: jmm-guest Date: 2005-05-06 09:49:52 +0000 (Fri, 06 May 2005) New Revision: 1009 Modified: sarge-checks/CAN/list Log: ethereal and leafnode CANified. leafnode2 vulns not affecting Debian. Modified: sarge-checks/CAN/list ==================================================================--- sarge-checks/CAN/list 2005-05-06 09:16:32 UTC (rev 1008) +++ sarge-checks/CAN/list 2005-05-06 09:49:52 UTC (rev 1009) @@ -1,47 +1,45 @@ -begin claimed by jmm CAN-2005-1470 (Multiple unknown vulnerabilities in the (1) TZSP, (2) MGCP, (3) ISUP, ...) - TODO: check + - ethereal 0.10.11-1 CAN-2005-1469 (Unknown vulnerability in the GSM dissector in Ethereal before 0.10.11 ...) - TODO: check + - ethereal 0.10.11-1 CAN-2005-1468 (Multiple unknown vulnerabilities in the (1) WSP, (2) Q.931, (3) H.245, ...) - TODO: check + - ethereal 0.10.11-1 CAN-2005-1467 (Unknown vulnerability in the NDPS dissector in Ethereal before 0.10.11 ...) - TODO: check + - ethereal 0.10.11-1 CAN-2005-1466 (Unknown vulnerability in the DICOM dissector in Ethereal before ...) - TODO: check + - ethereal 0.10.11-1 CAN-2005-1465 (Unknown vulnerability in the NCP dissector in Ethereal before 0.10.11 ...) - TODO: check + - ethereal 0.10.11-1 CAN-2005-1464 (Multiple unknown vulnerabilities in the (1) KINK, (2) L2TP, (3) MGCP, ...) - TODO: check + - ethereal 0.10.11-1 CAN-2005-1463 (Multiple format string vulnerabilities in the (1) DHCP and (2) ANSI A ...) - TODO: check + - ethereal 0.10.11-1 CAN-2005-1462 (Double-free vulnerability in the ICEP dissector in Ethereal before ...) - TODO: check + - ethereal 0.10.11-1 CAN-2005-1461 (Multiple buffer overflows in the (1) SIP, (2) CMIP, (3) CMP, (4) CMS, ...) - TODO: check + - ethereal 0.10.11-1 CAN-2005-1460 (Multiple unknown dissectors in Ethereal before 0.10.11 allow remote ...) - TODO: check + - ethereal 0.10.11-1 CAN-2005-1459 (Multiple unknown vulnerabilities in the (1) WSP, (2) BER, (3) SMB, (4) ...) - TODO: check + - ethereal 0.10.11-1 CAN-2005-1458 (Multiple unknown "other problems" in the KINK dissector in Ethereal ...) - TODO: check + - ethereal 0.10.11-1 CAN-2005-1457 (Multiple unknown vulnerabilities in the (1) AIM, (2) LDAP, (3) ...) - TODO: check + - ethereal 0.10.11-1 CAN-2005-1456 (Multiple unknown vulnerabilities in the (1) DHCP and (2) Telnet ...) - TODO: check + - ethereal 0.10.11-1 CAN-2005-1455 NOTE: reserved CAN-2005-1454 NOTE: reserved CAN-2005-1453 (fetchnews in leafnode 1.9.48 to 1.11.1 allows remote NNTP servers to ...) - TODO: check + - leafnode 1.11.2.rel-1 CAN-2004-2069 (sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly other versions, ...) TODO: check CAN-2004-2068 (fetchnews in leafnode 1.9.47 and earlier allows remote attackers to ...) - TODO: check + NOTE: not-for-us (Leafnode2 development branch) CAN-2002-1661 (The leafnode server in leafnode 1.9.20 to 1.9.29 allows remote ...) - TODO: check -end claimed by jmm + NOTE: not-for-us (Leafnode2 development branch) CAN-2005-XXXX [Missing input validation in xtradius] - xtradius (unfixed; bug #307796) CAN-2005-XXXX [fai tempfile vulnerability] @@ -55,11 +53,7 @@ CAN-2005-XXXX [eskuel: No authentication at all] - eskuel (unfixed; bug #163653) CAN-2005-XXXX [48 new vulnerabilities in Ethereal] - - ethereal 0.10.11-1 -CAN-2005-XXXX [Buffer overflow in elog] - elog 2.5.7+r1558-2 -CAN-2005-XXXX [Minor DoS vulnerability in leafnode''s fetchnews] - - leafnode 1.11.2.rel-1 CAN-2005-XXXX [Unspeficied security issue in ipsec-tool''s single DES support] - ipsec-tools 0.5.2-1 CAN-2005-1452 (Serendipity before 0.8 allows Chief users to "hide plugins installed ...)