thr3ads.net - Secure testing commits - [Secure-testing-commits] r1048

If this information is useful, please help other people find it:
Share via:
SALVETTI Djoumé
2005-May-12 21:56 UTC
[Secure-testing-commits] r1048 - sarge-checks/CAN

Author: djoume-guest
Date: 2005-05-12 21:56:13 +0000 (Thu, 12 May 2005)
New Revision: 1048

Modified:
   sarge-checks/CAN/list
Log:
* processed and claimed.


Modified: sarge-checks/CAN/list
==================================================================---
sarge-checks/CAN/list	2005-05-12 21:00:12 UTC (rev 1047)
+++ sarge-checks/CAN/list	2005-05-12 21:56:13 UTC (rev 1048)
@@ -539,102 +539,102 @@
 	NOTE: not-for-us
 CAN-2004-1840 (Multiple cross-site scripting (XSS) vulnerabilities in MS
Analysis ...)
 	NOTE: not-for-us
-begin claimed by djoume
 CAN-2004-1839 (MS Analysis module 2.0 for PHP-Nuke allows remote attackers to
obtain ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1838 (Directory traversal vulnerability in xweb 1.0 allows remote
attackers ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1837 (Cross-site scripting (XSS) vulnerability in Mod_survey 3.0.x
before ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1836 (SQL injection vulnerability in index.php in Invision Power Top
Site ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1835 (Multiple SQL injection vulnerabilities in index.php in Invision
...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1834 (mod_disk_cache in Apache 2.0 through 2.0.49 stores client
headers, ...)
-	TODO: check
+	- apache2 2.0.53-1
 CAN-2004-1833 (The admin.ib file in Borland Interbase 7.1 for Linux has default
world ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1832 (Buffer overflow in the GUI admin service in Mac OS X Server 10.3
...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1831 (Buffer overflow in Chrome 1.2.0.0 and earlier allows remote
attackers ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1830 (Error Manager 2.1 for PHP-Nuke 6.0 allow remote attackers to
obtain ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1829 (Multiple cross-site scripting (XSS) vulnerabilities in error.php
in ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1828 (Vcard 2.9 and possibly other versions does not require
authorization ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1827 (Cross-site scripting (XSS) vulnerability in YaBB 1 Gold(SP1.3)
and ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1826 (SQL injection vulnerability in index.php in Mambo Open Source
4.5 ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1825 (Cross-site scripting (XSS) vulnerability in index.php in Mambo
Open ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1824 (Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin
before ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1823 (Multiple cross-site scripting (XSS) vulnerabilities in Jelsoft
...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1822 (Multiple cross-site scripting (XSS) vulnurabilities in Phorum
3.1 ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1821 (SQL injection vulnerability in 4nalbum 0.92 for PHP-Nuke 6.5
through ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1820 (PHP remote code injection vulnerability in displaycategory.php
in ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1819 (4nalbum 0.92 for PHP-Nuke 6.5 through 7.0 allows remote
attackers to ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1818 (Cross-site scripting (XSS) vulnerability in nmimage.php in
4nalbum ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1817 (Cross-site scripting (XSS) vulnerability in modules.php in
Php-Nuke ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1816 (Unknown vulnerability in Sun Java System Application Server 7.0
Update ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1815 (Unknown vulnerability in ColdFusion MX 6.0 and 6.1, and JRun
4.0, when ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1814 (Directory traversal vulnerability in VocalTec VGW4/8 Gateway 8.0
...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1813 (VocalTec VGW4/8 Gateway 8.0 allows remote attackers to bypass
...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1812 (Multiple stack-based buffer overflows in Agent Common Services
(1) ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1811 (The SSL HTTP Server in HP Web-enabled Management Software 5.0
through ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1810 (The Javascript engine in Opera 7.23 allows remote attackers to
cause a ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1809 (Cross-site scripting (XSS) vulnerability in phpBB 2.0.6d and
earlier ...)
-	TODO: check
+	- phpbb2 2.0.10-1
+	NOTE: probably fixed in 2.0.6d-3
 CAN-2004-1808 (Extcompose in metamail does not verify the output file before
writing ...)
-	TODO: check
+	- metamail (unfixed, bug filed)
 CAN-2004-1807 (Cross-site scripting (XSS) vulnerability in index.cfm in
CFWebstore ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1806 (SQL injection vulnerability in index.cfm in CFWebstore 5.0
allows ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1805 (Format string vulnerability in games using the Epic Games Unreal
...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1804 (wMCam server 2.1.348 allows remote attackers to cause a denial
of ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1802 (Chat Anywhere 2.72 and earlier allows remote attackers to hide
their ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1801 (Directory traversal vulnerability in PWebServer 0.3.3 allows
remote ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1800 (Unknown vulnerability in Sysbotz SimpleData 4.0.1 and possibly
earlier ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1799 (PF in certain OpenBSD versions, when stateful filtering is
enabled, ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1798 (RealOne player 6.0.11.868 allows remote attackers to execute
arbitrary ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1797 (Cross-site scripting (XSS) vulnerability in search.php for
FreznoShop ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1796 (PHP remote code injection vulnerability in HotNews 0.7.2 and
earlier ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1795 (Info Touch Surfnet kiosk allows local users to access the
underlying ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1794 (Cross-site scripting (XSS) vulnerability in the VCard4J Toolkit
allows ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1793 (Stack-based buffer overflow in swnet.dll in YaSoft Switch Off
2.3 and ...)
-	TODO: check
+	NOTE: not-for-us
 CAN-2004-1792 (swnet.dll in YaSoft Switch Off 2.3 and earlier allows remote
attackers ...)
-	TODO: check
-end claimed by djoume
+	NOTE: not-for-us
+begin claimed by djoume
 CAN-2004-1791 (The web management interface in Edimax AR-6004 ADSL Routers uses
a ...)
 	TODO: check
 CAN-2004-1790 (Cross-site scripting (XSS) vulnerability in the web management
...)
@@ -743,6 +743,7 @@
 	TODO: check
 CAN-2003-1162 (index.php in Tritanium Bulletin Board 1.2.3 allows remote
attackers to ...)
 	TODO: check
+end claimed by djoume
 CAN-2003-1161 (exit.c in Linux kernel 2.6-test9-CVS, as stored on
kernel.bkbits.net, ...)
 	TODO: check
 CAN-2003-1160 (FlexWATCH Network video server 132 allows remote attackers to
bypass ...)
Secure testing commits - May 2005 - r1048 - sarge-checks/CAN

[Secure-testing-commits] r1048 - sarge-checks/CAN
