Secure testing commits - Aug 2005 - r1627 - data/CAN

Author: joeyh
Date: 2005-08-22 21:03:31 +0000 (Mon, 22 Aug 2005)
New Revision: 1627

Modified:
   data/CAN/list
Log:
checked new CANs


Modified: data/CAN/list
==================================================================---
data/CAN/list	2005-08-22 20:45:03 UTC (rev 1626)
+++ data/CAN/list	2005-08-22 21:03:31 UTC (rev 1627)
@@ -1,43 +1,44 @@
 CAN-2005-2653 (Cross-site scripting (XSS) vulnerability in BBCaffe 2.0 allows
remote ...)
-	TODO: check
+	NOTE: not-for-us (BBCaffe)
 CAN-2005-2652 (Zorum 3.5 allows remote attackers to obtain the full
installation path ...)
-	TODO: check
+	NOTE: not-for-us (Zorum)
 CAN-2005-2651 (gorum/prod.php in Zorum 3.5 allows remote attackers to execute
...)
-	TODO: check
+	NOTE: not-for-us (Zorum)
 CAN-2005-2650 (Cross-site scripting (XSS) vulnerability in sign.asp in Emefa
...)
-	TODO: check
+	NOTE: not-for-us (Emefa Guestbook)
 CAN-2005-2649 (Cross-site scripting (XSS) vulnerability in ATutor 1.5.1 allows
remote ...)
-	TODO: check
+	NOTE: not-for-us (ATutor)
 CAN-2005-2648 (Directory traversal vulnerability in index.php in W-Agora 4.2.0
and ...)
-	TODO: check
+	NOTE: not-for-us (W-Agora)
 CAN-2005-2647 (Cross-site scripting (XSS) vulnerability in Xerox MicroServer
Web ...)
-	TODO: check
+	NOTE: not-for-us (Xerox MicroServer Web Server in Document Centre)
 CAN-2005-2646 (Unknown vulnerability in Xerox MicroServer Web Server in
Document ...)
-	TODO: check
+	NOTE: not-for-us (Xerox MicroServer Web Server in Document Centre)
 CAN-2005-2645 (Unknown vulnerability in Xerox MicroServer Web Server in
Document ...)
-	TODO: check
+	NOTE: not-for-us (Xerox MicroServer Web Server in Document Centre)
 CAN-2005-2644 (Buffer overflow in JaguarEditControl.dll in Isemarket
JaguarControl ...)
-	TODO: check
+	NOTE: not-for-us (JaguarControl)
 CAN-2005-2643 (Tor 0.1.0.13 and earlier, and experimental versions
0.1.1.4-alpha and ...)
-	TODO: check
+	- tor 0.1.0.14-1 (medium)
 CAN-2005-2642 (Buffer overflow in the mutt_decode_xbit function in Handler.c
for Mutt ...)
-	TODO: check
+	- mutt (unfixed; bug #323956; high)
 CAN-2005-2641 (Unknown vulnerability in pam_ldap before 180 does not properly
handle ...)
 	TODO: check
+	NOTE: detail url 404ed
 CAN-2004-2483 (Kerio WinRoute Firewall before 6.0.9 uses information from PTR
queries ...)
-	TODO: check
+	NOTE: not-for-us (Kerio WinRoute Firewall)
 CAN-2004-2482 (Microsoft Outlook 2000 and 2003, when configured to use
Microsoft Word ...)
-	TODO: check
+	NOTE: not-for-us (Outlook)
 CAN-2004-2481 (MyProxy 6.58 allows remote authenticated users in the Users Tab
to ...)
-	TODO: check
+	NOTE: not-for-us (MyProxy)
 CAN-2004-2480 (Squid Web Proxy Cache 2.3.STABLE5 allows remote attackers to
bypass ...)
 	TODO: check
 CAN-2004-2479 (Squid Web Proxy Cache 2.5 might allow remote attackers to obtain
...)
-	TODO: check
+	- squid 2.5.8
 CAN-2004-2478 (Unspecified vulnerability in Jetty HTTP Server, which is
included in ...)
-	TODO: check
+	NOTE: "the original vendor report is too vague to know whether this issue
is already identified by another CVE name."
 CAN-2004-2477 (DiamondCS Process Guard Free 2.000 allows local users to disable
the ...)
-	TODO: check
+	NOTE: not-for-us (DiamondCS)
 CAN-2005-2640 (Behavioral discrepancy information leak in Juniper Netscreen VPN
...)
 	NOTE: not-for-us (Juniper)
 CAN-2005-2639 (Buffer overflow in Chris Moneymaker''s World Poker
Championship 1.0 ...)