Author: micah Date: 2005-08-21 15:31:49 +0000 (Sun, 21 Aug 2005) New Revision: 1618 Modified: data/CAN/list Log: Checked in my block Modified: data/CAN/list ==================================================================--- data/CAN/list 2005-08-21 14:51:42 UTC (rev 1617) +++ data/CAN/list 2005-08-21 15:31:49 UTC (rev 1618) @@ -248,61 +248,61 @@ begin claim by micah CAN-2005-2555 (Linux kernel 2.6.x does not properly restrict socket policy access to ...) TODO: check + NOTE: contacted debian-kernel CAN-2004-2388 (rexecd for AIX 4.3.3 does not properly use a local copy of the pwd ...) - TODO: check + NOTE: not-for-us (rexecd) CAN-2004-2387 (Buffer overflow in the HandleCPCCommand function of sercd before 2.3.1 ...) - TODO: check + NOTE: not-for-us (sercd) CAN-2004-2386 (Format string vulnerability in the LogMsg function in sercd before ...) - TODO: check + NOTE: not-for-us (sercd) CAN-2004-2385 (EMU Webmail 5.2.7 allows remote attackers to obtain sensitive path ...) - TODO: check + NOTE: not-for-us (EMU Webmail) CAN-2004-2384 (NullSoft Winamp 5.02 allows remote attackers to cause a denial of ...) - TODO: check + NOTE: not-for-us (Winamp) CAN-2004-2383 (Microsoft Internet Explorer 5.0 through 6.0 allows remote attackers to ...) - TODO: check + NOTE: not-for-us (Microsoft) CAN-2004-2382 (The PerfectNav plugin for Microsoft Internet Explorer allows remote ...) - TODO: check + NOTE: not-for-us (Microsoft) CAN-2004-2381 (HttpRequest.java in Jetty HTTP Server before 4.2.19 allows remote ...) - TODO: check + - jetty 4.2.19-1 (medium) CAN-2004-2380 (Directory traversal vulnerability in postfile.exe for Twilight ...) - TODO: check + NOTE: not-for-us (Twilight Utilities Web Server) CAN-2004-2379 (Multiple cross-site scripting (XSS) vulnerabilities in @Mail 3.64 for ...) - TODO: check + NOTE: not-for-us (@Mail) CAN-2004-2378 (@Mail 3.64 for Windows allows remote attackers to cause a denial of ...) - TODO: check + NOTE: not-for-us (@Mail) CAN-2004-2377 (Alcatel OmniSwitch 7000 and 7800 allows remote attackers to cause a ...) - TODO: check + NOTE: not-for-us (Alcatel OmniSwitch) CAN-2004-2376 (Buffer overflow in postfile.exe for Twilight Utilities Web Server ...) - TODO: check + NOTE: not-for-us (Twilight Utilities Web Server) CAN-2004-2375 (Buffer overflow in the POP3 server in 1st Class Mail Server 4.0 allows ...) - TODO: check + NOTE: not-for-us (1st Class Mail Server) CAN-2004-2374 (BadBlue 2.4 allows remote attackers to obtain the location of the ...) - TODO: check + NOTE: not-for-us (BadBlue) CAN-2004-2373 (The Buddy icon file for AOL Instant Messenger (AIM) 4.3 through 5.5 is ...) - TODO: check + NOTE: not-for-us (AIM) CAN-2004-2372 (Buffer overflow in Bochs before 2.1.1, if installed setuid, allows ...) - TODO: check + - bochs 2.1.1-1 CAN-2004-2371 (Multiple Red Storm web-based games, including Ghost Recon 1.4 and ...) - TODO: check + NOTE: not-for-us (Red Storm Games) CAN-2004-2370 (Stack-based buffer overflow in Trillian 0.71 through 0.74f and ...) - TODO: check + NOTE: not-for-us (Trillian) CAN-2004-2369 (Directory traversal vulnerability in webadmin.nsf for Lotus Domino R6 ...) - TODO: check + NOTE: not-for-us (Lotus Domino) CAN-2004-2368 (PHP remote file inclusion vulnerability in header.php in Opt-X 0.7.2 ...) - TODO: check + NOTE: not-for-us (Opt-X) CAN-2004-2367 (The Control Panel applet in WFTPD and WFTPD Pro 3.21 R1 and R2 allows ...) - TODO: check + NOTE: not-for-us (WFTPD) CAN-2004-2366 (Buffer overflow in GlobalSCAPE Secure FTP Server 2.0 B03.11.2004.2 ...) - TODO: check + NOTE: not-for-us (GlobalScape Secure FTP Server) CAN-2004-2365 (Memory leak in Microsoft Windows XP and Windows Server 2003 allows ...) - TODO: check + NOTE: not-for-us (Microsoft) CAN-2004-2364 (Cross-site request forgery (CSRF) vulnerability in PHPX 3.0 through ...) - TODO: check + NOTE: not-for-us (PHPX CMS) CAN-2004-2363 (Validate-Before-Canonicalize vulnerability in the checkURI function in ...) - TODO: check -end claimed by micah + NOTE: not-for-us (PHPX CMS) CAN-2004-2362 (PHPX 3.2.6 and earlier allows remote attackers to obtain the physical ...) - TODO: check + NOTE: not-for-us (PHPX CMS) CAN-2004-2361 (Digital Reality game engine, as used in Haegemonia 1.0 through 1.0.7 ...) TODO: check CAN-2004-2360 (Targem Battle Mages 1.0 allows remote attackers to cause a denial of ...)