Secure testing commits - Jul 2005 - r1386 - data/CAN

Author: joeyh
Date: 2005-07-14 14:26:57 +0000 (Thu, 14 Jul 2005)
New Revision: 1386

Modified:
   data/CAN/list
Log:
process

Modified: data/CAN/list
==================================================================---
data/CAN/list	2005-07-14 14:00:43 UTC (rev 1385)
+++ data/CAN/list	2005-07-14 14:26:57 UTC (rev 1386)
@@ -1,45 +1,44 @@
-begin claimed by joeyh
 CAN-2005-2259 (The dispallclosed2 function in dispallclosed.pl for multiple
USANet ...)
-	TODO: check
+	NOTE: not-for-us (USANet)
 CAN-2005-2258 (PHP remote file inclusion vulnerability in photolist.inc.php in
Squito ...)
-	TODO: check
+	NOTE: not-for-us (Squito Gallery)
 CAN-2005-2257 (The saveProfile function in PhpSlash 0.8.0 allows remote
attackers to ...)
-	TODO: check
+	NOTE: not-for-us (PhpSlash)
 CAN-2005-2256 (Encoded directory traversal vulnerability in phpPgAdmin 3.1 to
3.5.3 ...)
-	TODO: check
+	- phppgadmin (unfixed; bug filed; medium)
 CAN-2005-2255 (Directory traversal vulnerability in PhpAuction 2.5 allows
remote ...)
-	TODO: check
+	NOTE: not-for-us (PhpAuction)
 CAN-2005-2254 (Multiple cross-site scripting (XSS) vulnerabilities in
PhpAuction 2.5 ...)
-	TODO: check
+	NOTE: not-for-us (PhpAuction)
 CAN-2005-2253 (SQL injection vulnerability in PhpAuction 2.5 allow remote
attackers ...)
-	TODO: check
+	NOTE: not-for-us (PhpAuction)
 CAN-2005-2252 (PhpAuction 2.5 allows remote attackers to bypass authentication
and ...)
-	TODO: check
+	NOTE: not-for-us (PhpAuction)
 CAN-2005-2251 (PHP remote file inclusion vulnerability in secure.php in ...)
-	TODO: check
+	NOTE: not-for-us (PHPSecurePages (phpSP))
 CAN-2005-2250 (Buffer overflow in Bluetooth FTP client (BTFTP) in Nokia Affix
2.1.2 ...)
-	TODO: check
+	NOTE: not-for-us (Nokia Affix)
 CAN-2005-2249 (Multiple unknown vulnerabilities in Jinzora 2.0.1 have unknown
impact ...)
-	TODO: check
+	TODO: track ITP#289487
 CAN-2005-2248 (Directory traversal vulnerability in DownloadProtect before
1.0.3 ...)
-	TODO: check
+	NOTE: not-for-us (DownloadProtect)
 CAN-2005-2247 (Multiple unknown vulnerabilities in Moodle before 1.5.1 have
unknown ...)
-	TODO: check
+	NOTE: no details available
+	- moodle 1.5.1-1
 CAN-2005-2246 (Multiple PHP remote file inclusion vulnerabilities in
iPhotoAlbum 1.1 ...)
-	TODO: check
+	NOTE: not-for-us (iPhotoAlbum)
 CAN-2005-2245 (Unknown vulnerability in F5 BIG-IP 9.0.2 through 9.1 allows
attackers ...)
-	TODO: check
+	NOTE: not-for-us (BIG-IP)
 CAN-2005-2244 (The aupair service (aupair.exe) in Cisco CallManager (CCM) 3.2
and ...)
-	TODO: check
+	NOTE: not-for-us (Cisco CallManager)
 CAN-2005-2243 (Memory leak in inetinfo.exe in Cisco CallManager (CCM) 3.2 and
...)
-	TODO: check
+	NOTE: not-for-us (Cisco CallManager)
 CAN-2005-2242 (Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0
before ...)
-	TODO: check
+	NOTE: not-for-us (Cisco CallManager)
 CAN-2005-2241 (Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0
before ...)
-	TODO: check
+	NOTE: not-for-us (Cisco CallManager)
 CAN-2005-2240 (xpvm.tcl in xpvm 1.2.5 allows local users to overwrite arbitrary
files ...)
-	TODO: check
-end claimed by joeyh
+	- xpvm (unfixed; bug filed; medium)
 CAN-2005-2239 (oftpd 0.3.7 allows remote attackers to cause a denial of service
via a ...)
 	TODO: check
 CAN-2005-2238 (ftpd in IBM AIX 5.1, 5.2 and 5.3 allows remote authenticated
users to ...)