thr3ads.net - Secure testing commits - [Secure-testing-commits] r1213

If this information is useful, please help other people find it:
Share via:
Joey Hess
2005-Jun-09 09:14 UTC
[Secure-testing-commits] r1213 - sarge-checks/CAN

Author: joeyh
Date: 2005-06-09 09:14:19 +0000 (Thu, 09 Jun 2005)
New Revision: 1213

Modified:
   sarge-checks/CAN/list
Log:
automatic CAN database update

Modified: sarge-checks/CAN/list
==================================================================---
sarge-checks/CAN/list	2005-06-09 09:01:32 UTC (rev 1212)
+++ sarge-checks/CAN/list	2005-06-09 09:14:19 UTC (rev 1213)
@@ -1,3 +1,141 @@
+CAN-2005-1930
+	NOTE: reserved
+CAN-2005-1929
+	NOTE: reserved
+CAN-2005-1928
+	NOTE: reserved
+CAN-2005-1927
+	NOTE: reserved
+CAN-2005-1926
+	NOTE: reserved
+CAN-2005-1925
+	NOTE: reserved
+CAN-2005-1924
+	NOTE: reserved
+CAN-2005-1923
+	NOTE: reserved
+CAN-2005-1922
+	NOTE: reserved
+CAN-2005-1921
+	NOTE: reserved
+CAN-2005-1920
+	NOTE: reserved
+CAN-2005-1919
+	NOTE: reserved
+CAN-2005-1918
+	NOTE: reserved
+CAN-2005-1917
+	NOTE: reserved
+CAN-2005-1916
+	NOTE: reserved
+CAN-2005-1915
+	NOTE: reserved
+CAN-2005-1914
+	NOTE: reserved
+CAN-2005-1913
+	NOTE: reserved
+CAN-2005-1912
+	NOTE: reserved
+CAN-2005-1911 (The fetchnews NNTP client in leafnode 1.11.2 and earlier can
hang ...)
+	TODO: check
+CAN-2005-1910 (SQL injection vulnerability in login.asp for WWWeb Concepts
Events ...)
+	TODO: check
+CAN-2005-1909 (The web server control panel in 602LAN SUITE 2004 allows remote
...)
+	TODO: check
+CAN-2005-1908 (Perception LiteWeb allows remote attackers to bypass access
controls ...)
+	TODO: check
+CAN-2005-1907 (The ISA Firewall service in Microsoft Internet Security and ...)
+	TODO: check
+CAN-2005-1906 (SQL injection vulnerability in login.asp in livingmailing 1.3
allows ...)
+	TODO: check
+CAN-2005-1905 (The klif.sys driver in Kaspersky Labs Anti-Virus 5.0.227,
5.0.228, and ...)
+	TODO: check
+CAN-2005-1904 (SQL injection vulnerability in login.asp in JiRo''s
Upload System (JUS) ...)
+	TODO: check
+CAN-2005-1903 (Buffer overflow in the IMAP service for SPA-PRO Mail @Solomon
4.00 ...)
+	TODO: check
+CAN-2005-1902 (Directory traversal vulnerability in the IMAP service for
SPA-PRO Mail ...)
+	TODO: check
+CAN-2005-1901 (Multiple cross-site scripting (XSS) vulnerabilities in Sawmill
before ...)
+	TODO: check
+CAN-2005-1900 (Multiple unknown vulnerabilities in Sawmill before 7.1.6 allow
remote ...)
+	TODO: check
+CAN-2005-1899 (Rakkarsoft RakNet network library 2.33 and earlier, when
released ...)
+	TODO: check
+CAN-2005-1898 (The passthrough functionality in phpThumb.php in phpThumb()
before ...)
+	TODO: check
+CAN-2005-1897 (Unknown vulnerability in FlexCast Audio Video Streaming Server
before ...)
+	TODO: check
+CAN-2005-1896 (Directory traversal vulnerability in thumb.php in FlatNuke 2.5.3
...)
+	TODO: check
+CAN-2005-1895 (Cross-site scripting (XSS) vulnerability in FlatNuke 2.5.3
allows ...)
+	TODO: check
+CAN-2005-1894 (Direct code injection vulnerability in FlatNuke 2.5.3 allows
remote ...)
+	TODO: check
+CAN-2005-1893 (FlatNuke 2.5.3 allows remote attackers to obtain sensitive
information ...)
+	TODO: check
+CAN-2005-1892 (FlatNuke 2.5.3 allows remote attackers to cause a denial of
service or ...)
+	TODO: check
+CAN-2005-1891 (The GIF parser in ateimg32.dll in AOL Instant Messenger (AIM)
5.9.3797 ...)
+	TODO: check
+CAN-2005-1890 (Unknown vulnerability in Mortiforo before 0.9.1 allows users to
access ...)
+	TODO: check
+CAN-2005-1889 (Unknown vulnerability in Sun ONE Application Server 6.5 SP1 ...)
+	TODO: check
+CAN-2005-1888 (Cross-site scripting (XSS) vulnerability in MediaWiki before
1.4.5 ...)
+	TODO: check
+CAN-2005-1887 (Unknown vulnerability in the Sun Solaris C library (libc and
...)
+	TODO: check
+CAN-2005-1886 (Cross-site scripting (XSS) vulnerability in view.php in YaPiG
0.92b, ...)
+	TODO: check
+CAN-2005-1885 (view.php in YaPiG 0.92b, 0.93u and 0.94u allows remote attackers
to ...)
+	TODO: check
+CAN-2005-1884 (Directory traversal vulnerability in the (1) rmdir or (2) mkdir
...)
+	TODO: check
+CAN-2005-1883 (global.php in YaPiG 0.92b allows remote attackers to include
arbitrary ...)
+	TODO: check
+CAN-2005-1882 (PHP remote code injection vulnerability in last_gallery.php in
YaPiG ...)
+	TODO: check
+CAN-2005-1881 (upload.php in YaPiG 0.92b, 0.93u and 0.94u does not properly
restrict ...)
+	TODO: check
+CAN-2005-1880 (everybuddy 0.4.3 and earlier allows local users to overwrite
arbitrary ...)
+	TODO: check
+CAN-2005-1879 (LutelWall 0.97 and earlier allows local users to overwrite
arbitrary ...)
+	TODO: check
+CAN-2005-1878 (GIPTables Firewall 1.1 and earlier allows local users to
overwrite ...)
+	TODO: check
+CAN-2005-1877 (Cross-site scripting (XSS) vulnerability in view_ticket.php in
Lpanel ...)
+	TODO: check
+CAN-2005-1876 (Direct code injection vulnerability in CuteNews 1.3.6 and
earlier ...)
+	TODO: check
+CAN-2005-1875 (Multiple SQL injection vulnerabilities in list.php in Exhibit
Engine ...)
+	TODO: check
+CAN-2005-1874 (Directory traversal vulnerability in Dzip before 2.9 allows
remote ...)
+	TODO: check
+CAN-2005-1873 (Multiple buffer overflows in Crob FTP 3.6.1, and possibly
earlier ...)
+	TODO: check
+CAN-2005-1872 (Buffer overflow in the administrative console in IBM WebSphere
...)
+	TODO: check
+CAN-2005-1871 (Unknown vulnerability in the privilege system in Drupal 4.4.0
through ...)
+	TODO: check
+CAN-2005-1870 (PHP remote code injection vulnerability in childwindow.inc.php
in ...)
+	TODO: check
+CAN-2005-1869 (PHP remote code injection vulnerability in start_lobby.php in
MWChat ...)
+	TODO: check
+CAN-2005-1868 (I-Man 0.9, and possibly earlier versions, allows remote
attackers to ...)
+	TODO: check
+CAN-2005-1867 (Symantec Brightmail AntiSpam before 6.0.2 has a hard-coded
database ...)
+	TODO: check
+CAN-2005-1866 (Cross-site scripting (XSS) vulnerability in calendar.php in
Calendarix ...)
+	TODO: check
+CAN-2005-1865 (Multiple SQL injection vulnerabilities in Calendarix Advanced
1.5 ...)
+	TODO: check
+CAN-2005-1864 (PHP remote code injection vulnerability in cal_admintop.php in
...)
+	TODO: check
+CAN-2003-1218
+	NOTE: reserved
+CAN-2003-1217
+	NOTE: reserved
 CAN-2005-XXXX [Minor DoS through malicous NNTP servers in leafnode''s
fetchnews]
 	- leafnode 1.11.3.rel-1
 CAN-2005-1863
@@ -52,7 +190,7 @@
 	- websieve (unfixed; bug #311838)
 CAN-2005-1840 (Directory traversal vulnerability in class.layout_phpcms.php in
phpCMS ...)
 	NOTE: not-for-us (phpCMS)
-CAN-2005-1839 (Multiple SQL injection vulnerabilities in Liberum Help Desk
0.97.3 ...)
+CAN-2005-1839 (Multiple SQL injection vulnerabilities in Doug Luxem Liberum
Help Desk ...)
 	NOTE: not-for-us (Liberum)
 CAN-2005-1838 (Multiple cross-site scripting vulnerabilities in castnewPost.asp
in ...)
 	NOTE: not-for-us (Liberum)
@@ -3634,7 +3772,7 @@
 CAN-2005-0752 [PLUGINSPAGE privileged javascript execution in Firefox] 
 	- mozilla-firefox 1.0.3-1
 CAN-2005-0751
-	NOTE: reserved
+	NOTE: rejected
 CAN-2005-0750 [Linux kernel af_bluetooth range check flaw; possibly local root]
 	- kernel-source-2.4.27-10
 	- kernel-source-2.6.8 2.6.8-16
@@ -5157,7 +5295,7 @@
 	NOTE: fix in -4 was broken
 	- kdelibs 3.3.2-6
 CAN-2005-0395
-	NOTE: reserved
+	NOTE: rejected
 CAN-2005-0394
 	NOTE: reserved
 CAN-2005-0393
@@ -5861,7 +5999,7 @@
 	- kernel-source-2.6.8 2.6.8-14
 	- kernel-source-2.6.11 2.6.11-1
 CAN-2005-0203
-	NOTE: reserved
+	NOTE: rejected
 CAN-2005-0202 (Directory traversal vulnerability in the true_path function in
...)
 	{DSA-674-1}
 	- mailman 2.1.5-6
Secure testing commits - Jun 2005 - r1213 - sarge-checks/CAN

[Secure-testing-commits] r1213 - sarge-checks/CAN
