Author: joeyh Date: 2005-05-14 03:45:42 +0000 (Sat, 14 May 2005) New Revision: 1055 Modified: sarge-checks/CAN/list Log: check and update Modified: sarge-checks/CAN/list ==================================================================--- sarge-checks/CAN/list 2005-05-14 03:07:19 UTC (rev 1054) +++ sarge-checks/CAN/list 2005-05-14 03:45:42 UTC (rev 1055) @@ -6,102 +6,101 @@ CAN-2005-XXXX [Minor information leak in product handling] - bugzilla (unfixed; bug #308787) CAN-2005-1512 (The Admin panel in PwsPHP 1.2.2 does not properly verify uploaded ...) - TODO: check + NOTE: not-for-us (PwsPHP) CAN-2005-1511 (PwsPHP 1.2.2 allows remote attackers to bypass authentication and post ...) - TODO: check + NOTE: not-for-us (PwsPHP) CAN-2005-1510 (PwsPHP 1.2.2 allows remote attackers to obtain sensitive information ...) - TODO: check + NOTE: not-for-us (PwsPHP) CAN-2005-1509 (SQL injection vulnerability in profil.php in PwsPHP 1.2.2 allows ...) - TODO: check + NOTE: not-for-us (PwsPHP) CAN-2005-1508 (Multiple cross-site scripting (XSS) vulnerabilities in PwsPHP 1.2.2 ...) - TODO: check + NOTE: not-for-us (PwsPHP) CAN-2005-1507 (Buffer overflow in the Tomcat plugin in 4d WebSTAR 5.33 and 5.4 allows ...) - TODO: check + NOTE: not-for-us (WebSTAR) CAN-2005-1506 (SQL injection vulnerability in out.php in CJ Ultra Plus 1.0.3 and ...) - TODO: check + NOTE: not-for-us (CJ Ultra Plus) CAN-2005-1505 (The new account wizard in Mail.app 2.0 in Mac OS 10.4, when ...) - TODO: check + NOTE: not-for-us (MacOS) CAN-2005-1504 (GameSpy SDK CD-Key Validation Toolkit, as used by many online games, ...) - TODO: check + NOTE: not-for-us (GameSpy SDK CD-Key Validation Toolkit) CAN-2005-1503 (Multiple SQL injection vulnerabilities in MidiCart PHP Shopping Cart ...) - TODO: check + NOTE: not-for-us (MidiCart) CAN-2005-1502 (Cross-site scripting (XSS) vulnerability in MidiCart PHP Shopping Cart ...) - TODO: check + NOTE: not-for-us (MidiCart) CAN-2005-1501 (MidiCart PHP Shopping Cart allows remote attackers to obtain sensitive ...) - TODO: check + NOTE: not-for-us (MidiCart) CAN-2005-1500 (Multiple SQL injection vulnerabilities in myBloggie 2.1.1 allow remote ...) - TODO: check + NOTE: not-for-us (myBloggie) CAN-2005-1499 (delcomment.php in myBloggie 2.1.1 allows remote attackers to delete ...) - TODO: check + NOTE: not-for-us (myBloggie) CAN-2005-1498 (Multiple cross-site scripting (XSS) vulnerabilities in myBloggie 2.1.1 ...) - TODO: check + NOTE: not-for-us (myBloggie) CAN-2005-1497 (index.php in myBloggie 2.1.1 allows remote attackers to obtain ...) - TODO: check + NOTE: not-for-us (myBloggie) CAN-2005-1496 (The DBMS_Scheduler in Oracle 10g allows remote attackers with CREATE ...) - TODO: check + NOTE: not-for-us (Oracle) CAN-2005-1495 (Oracle Database 9i and 10g disables Fine Grained Audit (FGA) after the ...) - TODO: check + NOTE: not-for-us (Oracle) CAN-2005-1494 (Multiple cross-site scripting (XSS) vulnerabilities in admin.cgi in ...) - TODO: check + NOTE: not-for-us (MegaBook) CAN-2005-1493 (Directory traversal vulnerability in SimpleCam 1.2 allows remote ...) - TODO: check + NOTE: not-for-us (SimpleCam) CAN-2005-1492 (Cross-site scripting (XSS) vulnerability in user.cgi in Gossamer ...) - TODO: check + NOTE: not-for-us (Gossamer Threads Links) CAN-2005-1491 (Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2 allows remote ...) - TODO: check + NOTE: not-for-us (Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2) CAN-2005-1490 (Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2, when the ...) - TODO: check + NOTE: not-for-us (Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2) CAN-2005-1489 (Unknown vulnerability in Merak Mail Server 8.0.3 with Icewarp Web Mail ...) - TODO: check + NOTE: not-for-us (Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2) CAN-2005-1488 (Multiple cross-site scripting (XSS) vulnerabilities in Merak Mail ...) - TODO: check + NOTE: not-for-us (Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2) CAN-2005-1487 (Multiple SQL injection vulnerabilities in FishCart 3.1 allow remote ...) - TODO: check + NOTE: not-for-us (FishCart) CAN-2005-1486 (Multiple cross-site scripting vulnerabilities in FishCart 3.1 allow ...) - TODO: check + NOTE: not-for-us (FishCart) CAN-2005-1485 (Golden FTP Server Pro allows 2.52 allows remote attackers to obtain ...) - TODO: check + NOTE: not-for-us (Golden FTP Server Pro) CAN-2005-1484 (Directory traversal vulnerability in Golden FTP server pro 2.52 allows ...) - TODO: check + NOTE: not-for-us (Golden FTP Server Pro) CAN-2005-1483 (Multiple cross-site scripting (XSS) vulnerabilities in ArticleLive ...) - TODO: check + NOTE: not-for-us (ArticleLive) CAN-2005-1482 (ArticleLive 2005 allows remote attackers to gain privileges by ...) - TODO: check + NOTE: not-for-us (ArticleLive) CAN-2005-1481 (Multiple SQL injection vulnerabilities in ASP Inline Corporate ...) - TODO: check + NOTE: not-for-us (ASP Inline Corporate Calendar) CAN-2005-1480 (Directory traversal vulnerability in RaidenFTPD before 2.4.2241 allows ...) - TODO: check + NOTE: not-for-us (RaidenFTPD) CAN-2005-1479 (SQL injection vulnerability in jgs_portal.php in JGS-Portal 3.0.1 and ...) - TODO: check + NOTE: not-for-us (JGS-Portal) CAN-2005-1478 (Format string vulnerability in dSMTP (dsmtp.exe) in DMail 3.1a allows ...) - TODO: check + NOTE: not-for-us (DMail) CAN-2005-1516 (DList (dlist.exe) in DMail 3.1a allows remote attackers to bypass ...) - NOTE: not-for-us + NOTE: not-for-us (DMail) CAN-2005-1515 (Integer signedness error in the qmail_put and substdio_put functions ...) NOTE: not in testing NOTE: non-free - NOTE: I don''t feel to fill a bug for this (a DoS that could only appen on 64bits - NOTE: plateforms with more than 4GB of memory) + - qmail-src (unfixed; bug #309048) CAN-2005-1514 (commands.c in qmail, when running on 64 bit platforms with a large ...) - NOTE: cf CAN-2005-1515 + - qmail-src (unfixed; bug #309048) CAN-2005-1513 (Integer overflow in the stralloc_readyplus function in qmail, when ...) - NOTE: cf CAN-2005-1515 + - qmail-src (unfixed; bug #309048) CAN-2004-2067 (SQL injection vulnerability in controlpanel.php in JAWS 0.4 allows ...) - NOTE: not-for-us + NOTE: not-for-us (JAWS) CAN-2004-2066 (SQL injection vulnerability in session.php in LinPHA 0.9.4 allows ...) - NOTE: not-for-us + NOTE: not-for-us (LinPHA) CAN-2004-2065 (DansGuardian 2.8 and earlier allows remote attackers to bypass the ...) - dansguardian 2.5.2-0-0.1 CAN-2004-2064 (Cross-site scripting (XSS) vulnerability in lostBook 1.1 and ealier ...) - NOTE: not-for-us + NOTE: not-for-us (lostBook) CAN-2004-2063 (Cross-site scripting (XSS) vulnerability in antiboard.php in AntiBoard ...) - NOTE: not-for-us + NOTE: not-for-us (AntiBoard) CAN-2004-2062 (SQL injection vulnerability in antiboard.php in AntiBoard 0.7.2 and ...) - NOTE: not-for-us + NOTE: not-for-us (AntiBoard) CAN-2004-2061 (RiSearch 1.0.01 and RiSearch Pro 3.2.06 allows remote attackers to use ...) - NOTE: not-for-us + NOTE: not-for-us (RiSearch) CAN-2004-2060 (ASPRunner 2.4 stores the database under the web root in the db ...) - NOTE: not-for-us + NOTE: not-for-us (ASPRunner) CAN-2004-2059 (Multiple cross-site scripting vulnerabilities in ASPRunner 2.4 allow ...) NOTE: not-for-us CAN-2004-2058 (ASPRunner 2.4 allows remote attackers to gain sensitive information ...) @@ -747,15 +746,15 @@ TODO: check end claimed by djoume CAN-2003-1161 (exit.c in Linux kernel 2.6-test9-CVS, as stored on kernel.bkbits.net, ...) - TODO: check + NOTE: ancient and unreleased source code with backdoor CAN-2003-1160 (FlexWATCH Network video server 132 allows remote attackers to bypass ...) - TODO: check + NOTE: not-for-us (FlexWATCH) CAN-2003-1159 (Plug and Play Web Server Proxy 1.0002c allows remote attackers to ...) - TODO: check + NOTE: not-for-us (Plug and Play Web Server) CAN-2003-1158 (Multiple buffer overflows in the FTP service in Plug and Play Web ...) - TODO: check + NOTE: not-for-us (Plug and Play Web Server) CAN-2003-1157 (Cross-site scripting (XSS) vulnerability in login.asp in Citrix ...) - TODO: check + NOTE: not-for-us (Citrix) CAN-2003-1156 (Java Runtime Environment (JRE) and Software Development Kit (SDK) ...) TODO: check CAN-2003-1155 (X-CD-Roast 0.98 alpha10 through alpha14 allows local users to ...) @@ -828,7 +827,7 @@ CAN-2005-1472 NOTE: reserved CAN-2005-1471 (Heap-based buffer overflow in RSA SecurID Web Agent 5, 5.2, and 5.3 ...) - TODO: check + NOTE: not-for-us (RSA SecurID Web Agent) CAn-2005-XXXX [race condition with a buffered temp file] NOTE: no bug ever filed for this one - pysvn 1.1.2-3 @@ -1010,7 +1009,7 @@ CAN-2005-1407 (Skype for Windows 1.2.0.0 to 1.2.0.46 allows local users to bypass the ...) NOTE: not-for-us (Skype) CAN-2005-1406 (The kernel in FreeBSD 4.x to 4.11 and 5.x to 5.4 does not properly ...) - TODO: check + NOTE: not-for-us (FreeBSD) CAN-2005-1405 (HTTP response splitting vulnerability in the @SetHTTPHeader function ...) NOTE: not-for-us (Lotus Domino) CAN-2005-1404 (MyPHP Forum 1.0 allows remote attackers to spoof the username by ...) @@ -1022,9 +1021,9 @@ CAN-2005-1401 (Format string vulnerability in the client for Mtp-Target 1.2.2 and ...) NOTE: not-for-us (Mtp-Target) CAN-2005-1400 (The i386_get_ldt system call in FreeBSD 4.7 to 4.11 and 5.x to 5.4 ...) - TODO: check + NOTE: not-for-us (FreeBSD) CAN-2005-1399 (FreeBSD 4.6 to 4.11 and 5.x to 5.4 uses insecure default permissions ...) - TODO: check + NOTE: not-for-us (FreeBSD) CAN-2004-1778 (Skype 0.92.0.12 and 1.0.0.1 for Linux, and possibly other versions, ...) NOTE: not-for-us (Skype) CAN-2004-1777 (A "range check error" in Skype for Windows before 0.98.0.28 allows ...) @@ -1149,33 +1148,34 @@ CAN-2005-1344 (Buffer overflow in htdigest in Apache 2.0.52 may allow attackers to ...) - apache2 2.0.54-3 CAN-2005-1343 (Stack-based buffer overflow in the VPN daemon (vpnd) for Mac OS X ...) - TODO: check + NOTE: not-for-us (vpnd for Mac OS X) CAN-2005-1342 (The x-man-page: URI handler for Apple Terminal 1.4.4 in Mac OS X ...) - TODO: check + NOTE: not-for-us (Apple Terminal) CAN-2005-1341 (Apple Terminal 1.4.4 allows attackers to execute arbitrary commands ...) - TODO: check + NOTE: not-for-us (Apple Terminal) CAN-2005-1340 (The HTTP proxy service in Server Admin for Mac OS X 10.3.9 does not ...) - TODO: check + NOTE: not-for-us (Mac OS X) CAN-2005-1339 (lukemftpd in Mac OS X 10.3.9 allows remote authenticated users to ...) - TODO: check + NOTE: verified that our lukemftpd uses pw->pw_name when + NOTE: checking /etc/ftpchroot. CAN-2005-1338 (Mac OS X 10.3.9, when using an LDAP server that does not use ...) - TODO: check + NOTE: not-for-us (Mac OS X) CAN-2005-1337 (Apple Help Viewer 2.0.7 and 3.0.0 in Mac OS X 10.3.9 allows remote ...) - TODO: check + NOTE: not-for-us (Mac OS X) CAN-2005-1336 (Buffer overflow in the Foundation framework for Mac OS X 10.3.9 allows ...) - TODO: check + NOTE: not-for-us (Mac OS X) CAN-2005-1335 (Unknown vulnerability in Mac OS X 10.3.9 allows local users to gain ...) - TODO: check + NOTE: not-for-us (Mac OS X) CAN-2005-1334 NOTE: reserved CAN-2005-1333 (Directory traversal vulnerability in the Bluetooth file and object ...) - TODO: check + NOTE: not-for-us (Mac OS X) CAN-2005-1332 (Bluetooth-enabled systems in Mac OS X 10.3.9 enables the Bluetooth ...) - TODO: check + NOTE: not-for-us (Mac OS X) CAN-2005-1331 (The AppleScript Editor in Mac OS X 10.3.9 does not properly display ...) - TODO: check + NOTE: not-for-us (Mac OS X) CAN-2005-1330 (AppKit in Mac OS X 10.3.9 allows attackers to cause a denial of ...) - TODO: check + NOTE: not-for-us (Mac OS X) CAN-2005-1329 (owOfflineCC.asp in OneWorldStore allows remote attackers to obtain ...) NOTE: not-for-us (OneWorldStore) CAN-2005-1328 (OneWorldStore allows remote attackers to cause a denial of service ...) @@ -1476,7 +1476,7 @@ NOTE: The vulnerable code is present in xine-lib as well, MPlayer is not in Debian - xine-lib 1.0.1-1 CAN-2005-1194 (Stack-based buffer overflow in the ieee_putascii function for nasm ...) - TODO: check + - nasm (unfixed; bug filed) CAN-2005-1193 NOTE: reserved CAN-2005-1192 (Unknown vulnerability in HP-UX B.11.00, B.11.04, B.11.11, B.11.22, and ...)