Author: djoume-guest Date: 2005-05-19 13:58:19 +0000 (Thu, 19 May 2005) New Revision: 1104 Modified: sarge-checks/CAN/list Log: * processed my block Modified: sarge-checks/CAN/list ==================================================================--- sarge-checks/CAN/list 2005-05-19 13:42:09 UTC (rev 1103) +++ sarge-checks/CAN/list 2005-05-19 13:58:19 UTC (rev 1104) @@ -75,66 +75,64 @@ NOTE: not-for-us (Willings WebCAM) CAN-2005-1616 (viewforum.php in Ultimate PHP Board (UPB) 1.8 through 1.9.6 allows ...) NOTE: not-for-us (Ultimate PHP Board) -begin claimed by djoume CAN-2005-1615 (viewforum.php in Ultimate PHP Board (UPB) 1.8 through 1.9.6 may allow ...) - TODO: check + NOTE: not-for-us (Ultimate PHP Board) CAN-2005-1614 (Cross-site scripting (XSS) vulnerability in viewforum.php in Ultimate ...) - TODO: check + NOTE: not-for-us (Ultimate PHP Board) CAN-2005-1613 (Cross-site scripting (XSS) vulnerability in member.php in Open ...) - TODO: check + NOTE: not-for-us (OpenBB) CAN-2005-1612 (SQL injection vulnerability in read.php in Open Bulletin Board ...) - TODO: check + NOTE: not-for-us (OpenBB) CAN-2005-1611 (Cross-site scripting (XSS) vulnerability in WebX in Web Crossing 5.x ...) - TODO: check + NOTE: not-for-us (Web Crossing) CAN-2005-1610 (Cross-site scripting (XSS) vulnerability in security.php for Tru-Zone ...) - TODO: check + NOTE: not-for-us (Tru-Zone NukeET) CAN-2005-1609 (Unknown vulnerability in Sun StorEdge 6130 Arrays (SE6130) with serial ...) - TODO: check + NOTE: not-for-us (Sun StorEdge 6130 Arrays) CAN-2005-1608 (Multiple unknown vulnerabilities in the Blocks module in Spidean ...) - TODO: check + NOTE: not-for-us (Spidean AutoTheme 1.7 and AT-Lite for PostNuke) CAN-2005-1607 (Cross-site scripting (XSS) vulnerability in shop.cgi in Remote Cart ...) - TODO: check + NOTE: not-for-us (Remote Cart) CAN-2005-1606 (H-Sphere Winbox 2.4.2 and 2.4.3 RC1 stores sensitive information such ...) - TODO: check + NOTE: not-for-us (H-Sphere Winbox) CAN-2005-1605 (Cross-site scripting (XSS) vulnerability in the guestbook for ...) - TODO: check + NOTE: not-for-us (guestbook for SiteStudio) CAN-2005-1604 (PHP Advanced Transfer Manager (phpATM) 1.21 allows remote attackers to ...) - TODO: check + NOTE: not-for-us (phpATM) CAN-2005-1603 (NiteEnterprises Remote File Manager 1.0 allows remote attackers to ...) - TODO: check + NOTE: not-for-us ( NiteEnterprises Remote File Manager) CAN-2005-1602 (SQL injection vulnerability in login.asp for Net56 Browser Based File ...) - TODO: check + NOTE: not-for-us (Net56 Browser Based File Manager) CAN-2005-1601 (MRO Maximo Self Service 4 and 5 stores certain information under the ...) - TODO: check + NOTE: not-for-us ( MRO Maximo Self Service) CAN-2005-1600 (A "mathematical flaw" in the implementation of the El Gamal signature ...) - TODO: check + NOTE: not-for-us (LibTomCrypt) CAN-2005-1599 (Cross-site scripting (XSS) vulnerability in Kryloff Technologies ...) - TODO: check + NOTE: not-for-us (Kryloff Technologies Subject Search Server) CAN-2005-1598 (SQL injection vulnerability in Invision Power Board (IPB) 2.0.3 and ...) - TODO: check + NOTE: not-for-us (Invision Power Board) CAN-2005-1597 (Cross-site scripting (XSS) vulnerability in (1) search.php and (2) ...) - TODO: check + NOTE: not-for-us (Invision Power Board) CAN-2005-1596 (index.php in Fusion SBX 1.2 and earlier does not properly use the ...) - TODO: check + NOTE: not-for-us (Fusion SBX) CAN-2005-1595 (CodeThat ShoppingCart 1.3.1 stores config.ini under the web root, ...) - TODO: check + NOTE: not-for-us (CodeThat ShoppingCart) CAN-2005-1594 (SQL injection vulnerability in catalog.php for CodeThat ShoppingCart ...) - TODO: check + NOTE: not-for-us (CodeThat ShoppingCart) CAN-2005-1593 (Cross-site scripting (XSS) vulnerability in catalog.php for CodeThat ...) - TODO: check + NOTE: not-for-us (CodeThat ShoppingCart) CAN-2005-1592 (Multiple "javascript vulerabilities in BB code" in BirdBlog before ...) - TODO: check + NOTE: not-for-us (BirdBlog) CAN-2005-1591 (Unknown vulnerability in NIS+ on Solaris 7, 8, and 9 allows remote ...) - TODO: check + NOTE: not-for-us (Solaris) CAN-2005-1590 (The Altiris Client Service for Windows (ACLIENT.EXE) 6.0.88 allows ...) - TODO: check + NOTE: not-for-us (Altiris Client Service for Windows) CAN-2004-2070 (The Altiris Client Service for Windows 5.6 SP1 Hotfix E (5.6.181) ...) - TODO: check + NOTE: not-for-us (Altiris Client Service for Windows) CAN-2003-1197 (Cross-site scripting (XSS) vulnerability in index.php for ...) - TODO: check + NOTE: not-for-us (LedForums) CAN-2003-1168 (HTTP Commander 4.0 allows remote attackers to obtain sensitive ...) - TODO: check -end claimed by djoume + NOTE: not-for-us (HTTP Commander) CAN-2005-XXXX [clamav: DoS through multiple empty Content-Disposition header lines] - clamav 0.85.1-1 CAN-2005-XXXX [libxpm4: new s_popen() function is insecure garbage]