Author: jmm-guest Date: 2005-07-07 07:41:51 +0000 (Thu, 07 Jul 2005) New Revision: 1346 Modified: data/CAN/list Log: cupsys issue already fixed reorg xmlrpc issues Modified: data/CAN/list ==================================================================--- data/CAN/list 2005-07-06 21:14:13 UTC (rev 1345) +++ data/CAN/list 2005-07-07 07:41:51 UTC (rev 1346) @@ -59,17 +59,18 @@ CAN-2005-2117 NOTE: reserved CAN-2004-2154 (CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf as ...) - TODO: check + - cupsys 1.1.20final+rc1-1 (low) CAN-2005-XXXX [Insecure tempfile generation in ekg] - ekg (unfixed; bug #317027; medium) -CAN-2005-XXXX [Missing input sanitization due in phpwiki''s xmlrpc code allow execution of arb. php code] - - phpwiki 1.3.7-4 (high) CAN-2005-XXXX [cacti: Multiple further SQL injection, auth bypass and remote command execution issues] - cacti 0.8.6f-1 (high) CAN-2005-2116 (Unknown vulnerability in the third-party XML-RPC library in Drupal ...) + NOTE: This will probably be re-organized by the CVE editor, but lets keep it for now, + NOTE: as it''s the same issue - drupal 4.5.4-1 (high) - phpgroupware 0.9.16.006-1 (high) - egroupware (unfixed) + - phpwiki 1.3.7-4 (high) - ewiki (unfixed) - horde3 (unfixed) CAN-2005-2115 (Soldier of Fortune II 1.02x and 1.03 allows remote attackers to cause ...)