thr3ads.net - Secure testing commits - [Secure-testing-commits] r1292

If this information is useful, please help other people find it:
Share via:

Moritz Muehlenhoff

2005-Jun-28 09:26 UTC

[Secure-testing-commits] r1292 - data/CAN

Author: jmm-guest
Date: 2005-06-28 09:26:22 +0000 (Tue, 28 Jun 2005)
New Revision: 1292

Modified:
   data/CAN/list
Log:
tor CANified
new phpbb2 issue
some n-f-u


Modified: data/CAN/list
==================================================================---
data/CAN/list	2005-06-28 09:14:28 UTC (rev 1291)
+++ data/CAN/list	2005-06-28 09:26:22 UTC (rev 1292)
@@ -1,21 +1,23 @@
+CAN-2005-XXXX [Improper escaping in viewtopic.php in phpbb2]
+	- phpbb2 (unfixed; bug filed; high)
 CAN-2005-2053 (Just another flat file (JAF) CMS before 3.0 Final allows remote
...)
-	TODO: check
+	NOTE: not-for-us (JAF CMS)
 CAN-2005-2052 (Heap-based buffer overflow in vidplin.dll in RealPlayer 10 and
10.5 ...)
-	TODO: check
+	NOTE: not-for-us (RealPlayer)
 CAN-2005-2051 (Buffer overflow in the Backup Exec Web Administration Console
(BEWAC) ...)
-	TODO: check
+	NOTE: not-for-us (BEWAC)
 CAN-2005-2050 (Unknown vulnerability in Tor before 0.1.0.10 allows remote
attackers ...)
-	TODO: check
+	- tor 0.0.9.10-1 (medium)
 CAN-2005-2049 (Multiple SQL injection vulnerabilities in DUware DUclassmate 1.2
allow ...)
-	TODO: check
+	NOTE: not-for-us (Duware)
 CAN-2005-2048 (Multiple SQL injection vulnerabilities in DUware DUforum 3.1
allow ...)
-	TODO: check
+	NOTE: not-for-us (Duware)
 CAN-2005-2047 (Multiple SQL injection vulnerabilities in DUware DUpaypal Pro
3.0 ...)
-	TODO: check
+	NOTE: not-for-us (Duware)
 CAN-2005-2046 (Multiple SQL injection vulnerabilities in DUware DUamazon Pro
3.0 and ...)
-	TODO: check
+	NOTE: not-for-us (Duware)
 CAN-2005-2045 (Multiple SQL injection vulnerabilities in DUware DUportal PRO
3.4.3 ...)
-	TODO: check
+	NOTE: not-for-us (Duware)
 CAN-2005-XXXX [Insecure handling of tempfile for burning the backup in
backup-manager]
 	- backup-manager 0.5.8-2 (low)
 CAN-2005-XXXX [clamav libmspack decompressor DoS]
@@ -460,8 +462,6 @@
 	- snort 1.6.1-1
 CAN-2000-1225 (Xitami 2.5b installs the testcgi.exe program by default in the
cgi-bin ...)
 	NOTE: not-for-us (Xitami)
-CAN-2005-XXXX [Tor: Information leak through insufficient length verification
of relay calls]
-	- tor 0.0.9.10-1 (medium)
 CAN-2005-1975 (Multiple cross-site scripting (XSS) vulnerabilities in Annuaire
1Two ...)
 	NOTE: not-for-us (Annuaire)
 CAN-2005-1974 (Unknown vulnerability in Java 2 Platform, Standard Edition
(J2SE) 5.0 ...)

Secure testing commits - Jun 2005 - r1292 - data/CAN

[Secure-testing-commits] r1292 - data/CAN