Author: joeyh Date: 2005-06-23 20:59:32 +0000 (Thu, 23 Jun 2005) New Revision: 1268 Modified: data/CAN/list Log: completed block, no new holes Modified: data/CAN/list ==================================================================--- data/CAN/list 2005-06-23 20:40:07 UTC (rev 1267) +++ data/CAN/list 2005-06-23 20:59:32 UTC (rev 1268) @@ -169,7 +169,6 @@ NOTE: not-for-us (FormMail) CAN-2002-1770 (Qualcomm Eudora 5.1 allows remote attackers to execute arbitrary code ...) NOTE: not-for-us (Eudora) -begin claimed by joeyh CAN-2002-1769 (Microsoft Site Server 3.0 prior to SP4 installs a default user, ...) NOTE: not-for-us (Mirosoft) CAN-2002-1768 (Cisco IOS 11.1 through 12.2, when HSRP support is not enabled, allows ...) @@ -177,78 +176,78 @@ CAN-2002-1767 (Buffer overflow in tnslsnr of Oracle 8i Database Server 8.1.5 for ...) NOTE: not-for-su (Oracle) CAN-2002-1766 (Buffer overflow in Composer in Netscape 4.77 allows local users to ...) - TODO: check + NOTE: not-for-us (Netscape) + NOTE: didn''t check mozilla CAN-2002-1765 (Evolution 1.0.3 and 1.0.4 allows remote attackers to cause a denial of ...) - TODO: check + - evolution 1.0.5 CAN-2002-1764 (acroread in Adobe Acrobat Reader 4.05 on Linux allows local users to ...) - TODO: check + NOTE: not-for-us (acrobat) CAN-2002-1763 (The dtscreen Sun Solaris 8 CDE screensaver crashes when the "Shift" ...) - TODO: check + NOTE: not-for-us (dtscreen Sun Solaris 8 CDE screensaver) CAN-2002-1762 (Microsoft Baseline Security Analyzer (MBSA) 1.0 stores security scans ...) - TODO: check + NOTE: not-for-us (Microsoft) CAN-2002-1761 (Directory traversal vulnerability in PHProjekt 2.0 through 3.1 allows ...) - TODO: check + NOTE: not-for-us (PHProjekt) CAN-2002-1760 (Multiple SQL injection vulnerabilities in PHProjekt 2.0 through 3.1 ...) - TODO: check + NOTE: not-for-us (PHProjekt) CAN-2002-1759 (The upload function in PHPProjekt 2.0 through 3.1 does not properly ...) - TODO: check + NOTE: not-for-us (PHProjekt) CAN-2002-1758 (PHProjekt 2.0 through 3.1 allows remote attackers to view or modify ...) - TODO: check + NOTE: not-for-us (PHProjekt) CAN-2002-1757 (PHProjekt 2.0 through 3.1 relies on the $PHP_SELF variable for ...) - TODO: check + NOTE: not-for-us (PHProjekt) CAN-2002-1756 (ACDSee 4.0 allows remote attackers to cause a denial of service ...) - TODO: check + NOTE: not-for-us (ACDSee) CAN-2002-1755 (tinc 1.0pre3 and 1.0pre4 VPN does not authenticate forwarded packets, ...) - TODO: check + - tinc 1.0pre5 CAN-2002-1754 (Buffer overflow in Novell NetWare Client 4.80 through 4.83 allows ...) - TODO: check + NOTE: not-for-us (Novell NetWare) CAN-2002-1753 (csNewsPro.cgi in CGIScript.net csNews Professional (csNewsPro) allows ...) - TODO: check + NOTE: not-for-us (csNews) CAN-2002-1752 (csChatRBox.cgi in CGIScript.net csChat-R-Box allows remote attackers ...) - TODO: check + NOTE: not-for-us (csChat-R-Box) CAN-2002-1751 (csLiveSupport.cgi in CGIScript.net csLiveSupport allows remote ...) - TODO: check + NOTE: not-for-us (csLiveSupport) CAN-2002-1750 (csGuestbook.cgi in CGISCRIPT.NET csGuestbook 1.0 allows remote ...) - TODO: check + NOTE: not-for-us (csGuestbook) CAN-2002-1749 (Windows 2000 Terminal Services, when using the disconnect feature of ...) - TODO: check + NOTE: not-for-us (Windows 2000 Terminal Services) CAN-2002-1748 (Unknown vulnerability in Slash 2.1.x and 2.2 through 2.2.2, as used in ...) - TODO: check + - slash 2.2.3 CAN-2002-1747 (Vtun 2.5b1 does not authenticate forwarded packets, which allows ...) - TODO: check + - vtun 2.5b2 CAN-2002-1746 (Vtun 2.5b1 allows remote attackers to inject data into user sessions ...) - TODO: check + - vtun 2.5b2 CAN-2002-1745 (Off-by-one error in the CodeBrws.asp sample script in Microsoft IIS ...) - TODO: check + NOTE: not-for-us (Microsoft) CAN-2002-1744 (Directory traversal vulnerability in CodeBrws.asp in Microsoft IIS 5.0 ...) - TODO: check + NOTE: not-for-us (Microsoft) CAN-2002-1743 (AOL ICQ 2002a Build 3722 allows remote attackers to cause a denial of ...) - TODO: check + NOTE: not-for-us (AOL ICQ) CAN-2002-1742 (SOAP::Lite 0.50 through 0.52 allows remote attackers to load arbitrary ...) - TODO: check + - libsoap-lite-perl 0.55 CAN-2002-1741 (Directory traversal vulnerability in WorldClient.cgi in WorldClient ...) - TODO: check + NOTE: not-for-us (WorldClient) CAN-2002-1740 (Buffer overflow in WorldClient.cgi in WorldClient in Alt-N ...) - TODO: check + NOTE: not-for-us (WorldClient) CAN-2002-1739 (Alt-N Technologies Mdaemon 5.0 through 5.0.6 uses a weak encryption ...) - TODO: check + NOTE: not-for-us (Alt-N Technologies Mdaemon) CAN-2002-1738 (Alt-N Technologies MDaemon 5.0.5.0 and earlier creates a default ...) - TODO: check + NOTE: not-for-us (Alt-N Technologies Mdaemon) CAN-2002-1737 (Astaro Security Linux 2.016 creates world-writable files and ...) - TODO: check + NOTE: not-for-us (Astaro Security Linux) CAN-2002-1736 (Unknown vulnerability in CGINews before 1.06 allow remote attackers to ...) - TODO: check + NOTE: not-for-us (CGINews) CAN-2002-1735 (Buffer overflow in dlogin 1.0a could allow local users to gain ...) - TODO: check + NOTE: not-for-us (dlogin) CAN-2002-1734 (NewsPro 1.01 allows remote attackers to gain unauthorized ...) - TODO: check + NOTE: not-for-us (NewsPro) CAN-2002-1733 (Cross-site scripting (XSS) vulnerability in the web-based message ...) - TODO: check + NOTE: not-for-us (Prospero MessageBoards) CAN-2002-1732 (Multiple cross-site scripting (XSS) vulnerabilities in Actinic Catalog ...) - TODO: check + NOTE: not-for-us (Actinic Catalog) CAN-2002-1731 (The System Request menu in IBM AS/400 allows local users to list valid ...) - TODO: check -end claimed by joeyh + NOTE: not-for-us (IBM AS/400) CAN-2002-1730 (ASPjar Guestbook 1.00 allows remote attackers to delete arbitrary ...) TODO: check CAN-2002-1729 (Cross-site scripting vulnerability (XSS) in ASPjar Guestbook 1.00 ...)