Author: joeyh Date: 2005-07-30 03:59:53 +0000 (Sat, 30 Jul 2005) New Revision: 1495 Modified: data/CAN/list Log: claim more Modified: data/CAN/list ==================================================================--- data/CAN/list 2005-07-30 03:51:07 UTC (rev 1494) +++ data/CAN/list 2005-07-30 03:59:53 UTC (rev 1495) @@ -127,46 +127,45 @@ NOTE: reserved CAN-2005-2336 NOTE: reserved -begin claimed by joeyh CAN-2005-2334 (Y.SAK allows remote attackers to execute arbitrary commands via shell ...) - TODO: check + NOTE: not-for-us (Y.SAK) CAN-2005-2333 (Cross-site scripting (XSS) vulnerability in smilies_popup.php in ...) - TODO: check + NOTE: not-for-us (smilies_popup.php) CAN-2005-2332 (Cross-site scripting (XSS) vulnerability in PHPPageProtect 1.0.0a ...) - TODO: check + NOTE: not-for-us (PHPPageProtect) CAN-2005-2331 (PHP remote file inclusion vulnerability in display.php in MooseGallery ...) - TODO: check + NOTE: not-for-us (MooseGallery) CAN-2005-2330 (Directory traversal vulnerability in update.php in osCommerce 2.2 ...) - TODO: check + NOTE: not-for-us (osCommerce) CAN-2005-2329 (MRV Communications In-Reach LX-8000S, LX-4000S, and LX-1000S 3.5.0, ...) - TODO: check + NOTE: not-for-us (MRV Communications In-Reach LX-8000S, LX-4000S, and LX-1000S) CAN-2005-2328 (PHP remote file inclusion vulnerability in im.php in Laffer 0.3.2.6 ...) - TODO: check + NOTE: not-for-us (Laffer) CAN-2005-2327 (Cross-site scripting (XSS) vulnerability in e107 0.617 and earlier ...) - TODO: check + NOTE: not-for-us (e107) CAN-2005-2326 (Cross-site scripting (XSS) vulnerability in Clever Copy 2.0 and 2.0a ...) - TODO: check + NOTE: not-for-us (Clever Copy) CAN-2005-2325 (Clever Copy 2.0 and 2.0a allows remote attackers to obtain the full ...) - TODO: check + NOTE: not-for-us (Clever Copy) CAN-2005-2324 (Cross-site scripting (XSS) vulnerability in Clever Copy 2.0 and 2.0a ...) - TODO: check + NOTE: not-for-us (Clever Copy) CAN-2005-2323 (Multiple SQL injection vulnerabilities in Class-1 Forum 0.24.4 and ...) - TODO: check + NOTE: not-for-us (Class-1 Forum) CAN-2005-2322 (Cross-site scripting (XSS) vulnerability in Class-1 Forum 0.24.4 and ...) - TODO: check + NOTE: not-for-us (Class-1 Forum) CAN-2005-2321 (PHP remote file inclusion vulnerability in CaLogic 1.2.2 allows remote ...) - TODO: check + NOTE: not-for-us (CaLogic) CAN-2005-2319 (PHP remote file include vulnerability in Yawp library 1.0.6 and ...) - TODO: check + NOTE: not-for-us (Yawp) CAN-2005-2318 (Cross-site scripting (XSS) vulnerability in showerr.asp in DVBBS 7.1 ...) - TODO: check -end claimed by joeyh + NOTE: not-for-us (DVBBS) CAN-2005-2317 (Shorewall 2.4.x before 2.4.1, 2.2.x before 2.2.5, and 2.0.x before ...) - shorewall 2.4.1-2 (medium) CAN-2005-2316 NOTE: reserved CAN-2005-2315 NOTE: reserved +begin claimed by joeyh CAN-2005-2314 (inc.login.php in PHPsFTPd 0.2 through 0.4 allows remote attackers to ...) TODO: check CAN-2005-2313 (Check Point SecuRemote NG with Application Intelligence R54 allows ...) @@ -223,6 +222,7 @@ TODO: check CAN-2005-2287 (SoftiaCom wMailServer 1.0 and 2.0 allows remote attackers to cause a ...) TODO: check +end claimed by joeyh CAN-2005-2286 (WebEOC before 6.0.2 does not properly check user authorization, which ...) TODO: check CAN-2005-2285 (WebEOC before 6.0.2 stores sensitive information in locations such as ...)