Author: joeyh Date: 2005-05-11 21:14:20 +0000 (Wed, 11 May 2005) New Revision: 1045 Modified: sarge-checks/CAN/list Log: automatic CAN database update Modified: sarge-checks/CAN/list ==================================================================--- sarge-checks/CAN/list 2005-05-11 20:59:54 UTC (rev 1044) +++ sarge-checks/CAN/list 2005-05-11 21:14:20 UTC (rev 1045) @@ -1,3 +1,73 @@ +CAN-2005-1512 (The Admin panel in PwsPHP 1.2.2 does not properly verify uploaded ...) + TODO: check +CAN-2005-1511 (PwsPHP 1.2.2 allows remote attackers to bypass authentication and post ...) + TODO: check +CAN-2005-1510 (PwsPHP 1.2.2 allows remote attackers to obtain sensitive information ...) + TODO: check +CAN-2005-1509 (SQL injection vulnerability in profil.php in PwsPHP 1.2.2 allows ...) + TODO: check +CAN-2005-1508 (Multiple cross-site scripting (XSS) vulnerabilities in PwsPHP 1.2.2 ...) + TODO: check +CAN-2005-1507 (Buffer overflow in the Tomcat plugin in 4d WebSTAR 5.33 and 5.4 allows ...) + TODO: check +CAN-2005-1506 (SQL injection vulnerability in out.php in CJ Ultra Plus 1.0.3 and ...) + TODO: check +CAN-2005-1505 (The new account wizard in Mail.app 2.0 in Mac OS 10.4, when ...) + TODO: check +CAN-2005-1504 (GameSpy SDK CD-Key Validation Toolkit, as used by many online games, ...) + TODO: check +CAN-2005-1503 (Multiple SQL injection vulnerabilities in MidiCart PHP Shopping Cart ...) + TODO: check +CAN-2005-1502 (Cross-site scripting (XSS) vulnerability in MidiCart PHP Shopping Cart ...) + TODO: check +CAN-2005-1501 (MidiCart PHP Shopping Cart allows remote attackers to obtain sensitive ...) + TODO: check +CAN-2005-1500 (Multiple SQL injection vulnerabilities in myBloggie 2.1.1 allow remote ...) + TODO: check +CAN-2005-1499 (delcomment.php in myBloggie 2.1.1 allows remote attackers to delete ...) + TODO: check +CAN-2005-1498 (Multiple cross-site scripting (XSS) vulnerabilities in myBloggie 2.1.1 ...) + TODO: check +CAN-2005-1497 (index.php in myBloggie 2.1.1 allows remote attackers to obtain ...) + TODO: check +CAN-2005-1496 (The DBMS_Scheduler in Oracle 10g allows remote attackers with CREATE ...) + TODO: check +CAN-2005-1495 (Oracle Database 9i and 10g disables Fine Grained Audit (FGA) after the ...) + TODO: check +CAN-2005-1494 (Multiple cross-site scripting (XSS) vulnerabilities in admin.cgi in ...) + TODO: check +CAN-2005-1493 (Directory traversal vulnerability in SimpleCam 1.2 allows remote ...) + TODO: check +CAN-2005-1492 (Cross-site scripting (XSS) vulnerability in user.cgi in Gossamer ...) + TODO: check +CAN-2005-1491 (Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2 allows remote ...) + TODO: check +CAN-2005-1490 (Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2, when the ...) + TODO: check +CAN-2005-1489 (Unknown vulnerability in Merak Mail Server 8.0.3 with Icewarp Web Mail ...) + TODO: check +CAN-2005-1488 (Multiple cross-site scripting (XSS) vulnerabilities in Merak Mail ...) + TODO: check +CAN-2005-1487 (Multiple SQL injection vulnerabilities in FishCart 3.1 allow remote ...) + TODO: check +CAN-2005-1486 (Multiple cross-site scripting vulnerabilities in FishCart 3.1 allow ...) + TODO: check +CAN-2005-1485 (Golden FTP Server Pro allows 2.52 allows remote attackers to obtain ...) + TODO: check +CAN-2005-1484 (Directory traversal vulnerability in Golden FTP server pro 2.52 allows ...) + TODO: check +CAN-2005-1483 (Multiple cross-site scripting (XSS) vulnerabilities in ArticleLive ...) + TODO: check +CAN-2005-1482 (ArticleLive 2005 allows remote attackers to gain privileges by ...) + TODO: check +CAN-2005-1481 (Multiple SQL injection vulnerabilities in ASP Inline Corporate ...) + TODO: check +CAN-2005-1480 (Directory traversal vulnerability in RaidenFTPD before 2.4.2241 allows ...) + TODO: check +CAN-2005-1479 (SQL injection vulnerability in jgs_portal.php in JGS-Portal 3.0.1 and ...) + TODO: check +CAN-2005-1478 (Format string vulnerability in dSMTP (dsmtp.exe) in DMail 3.1a allows ...) + TODO: check CAN-2005-1516 (DList (dlist.exe) in DMail 3.1a allows remote attackers to bypass ...) NOTE: not-for-us CAN-2005-1515 (Integer signedness error in the qmail_put and substdio_put functions ...)