Author: joeyh
Date: 2005-08-24 21:14:18 +0000 (Wed, 24 Aug 2005)
New Revision: 1639
Modified:
data/CAN/list
Log:
automatic CAN database update
Modified: data/CAN/list
==================================================================---
data/CAN/list 2005-08-24 20:57:08 UTC (rev 1638)
+++ data/CAN/list 2005-08-24 21:14:18 UTC (rev 1639)
@@ -1,3 +1,64 @@
+CAN-2005-2684 (nquser.php in Virtual Edge Netquery 3.11 allows remote attackers
to ...)
+ TODO: check
+CAN-2005-2683 (SQL injection vulnerability in include.php in PHPKit 1.6.1 allow
...)
+ TODO: check
+CAN-2005-2682 (aspell_setup.php in the SpellChecker plugin in DTLink AreaEdit
before ...)
+ TODO: check
+CAN-2005-2681 (Unspecified vulnerability in the command line processing (CLI)
logic ...)
+ TODO: check
+CAN-2005-2680 (Unspecified vulnerability in BEA WebLogic Portal 8.1 through
SP4, when ...)
+ TODO: check
+CAN-2005-2679 (Buffer overflow in Sysinternals Process Explorer 9.23, and other
...)
+ TODO: check
+CAN-2005-2678 (Microsoft IIS 5.1 and 6 allows remote attackers to spoof the
...)
+ TODO: check
+CAN-2005-2677 (ACNews stores the database in a file under the web document root
with ...)
+ TODO: check
+CAN-2005-2676 (Cross-site scripting (XSS) vulnerability in displayimage.php in
...)
+ TODO: check
+CAN-2005-2675 (** DISPUTED ** Note: the vendor has disputed this issue. ...)
+ TODO: check
+CAN-2005-2674 (** DISPUTED ** Note: the vendor has disputed this issue. ...)
+ TODO: check
+CAN-2005-2673 (SQL injection vulnerability in modcp.php in WoltLab Burning
Board ...)
+ TODO: check
+CAN-2005-2671
+ NOTE: rejected
+ TODO: check
+CAN-2005-2670 (Directory traversal vulnerability in HAURI Anti-Virus products
...)
+ TODO: check
+CAN-2005-2669 (Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07
...)
+ TODO: check
+CAN-2005-2668 (Multiple buffer overflows in Computer Associates (CA) Message
Queuing ...)
+ TODO: check
+CAN-2005-2667 (Unknown vulnerability in Computer Associates (CA) Message
Queuing (CAM ...)
+ TODO: check
+CAN-2005-2666 (SSH, as implemented in OpenSSH before 4.0 and possibly other
...)
+ TODO: check
+CAN-2005-2665 (Stack-based buffer overflow in expires.c in Elm 2.5 PL5 through
PL7, ...)
+ TODO: check
+CAN-2005-2664 (Whisper 32 1.16, and possibly earlier versions, stores passwords
in ...)
+ TODO: check
+CAN-2005-2663
+ NOTE: reserved
+CAN-2005-2662
+ NOTE: reserved
+CAN-2005-2661
+ NOTE: reserved
+CAN-2005-2660
+ NOTE: reserved
+CAN-2005-2659
+ NOTE: reserved
+CAN-2005-2658
+ NOTE: reserved
+CAN-2005-2657
+ NOTE: reserved
+CAN-2005-2656
+ NOTE: reserved
+CAN-2005-2655
+ NOTE: reserved
+CAN-2005-2654
+ NOTE: reserved
CAN-2005-XXXX [cplay - still unsafe temporary file handling vulnerable to
symlink attacks]
- cplay (unfixed; bug #324913; low)
CAN-2005-XXXX [$servers[$i][''disable_anon_bind''] = true
doesn''t prevent anonymous to access ldap directory]
@@ -2,3 +63,3 @@
- phpldapadmin 0.9.6c-5 (bug #322423; low)
-CAN-2005-2672 [lm-sensors: Insecure tempfile usage in pwmconfig]
+CAN-2005-2672 (pwmconfig in LM_sensors before 2.9.1 creates temporary files
...)
- lm-sensors 1:2.9.1-7 (bug #324193; medium)
@@ -504,6 +565,7 @@
CAN-2004-2344 (Unknown vulnerability in the ASN.1/H.323/H.225 stack of VocalTec
...)
NOTE: not-for-us (VocalTec)
CAN-2004-2343 (** DISPUTED ** ...)
+ TODO: check
CAN-2004-2342 (ChatterBox 2.0 allows remote attackers to cause a denial of
service ...)
NOTE: not-for-us (ChatterBox)
CAN-2004-2341 (PHP file include injection vulnerability in isearch.inc.php for
...)
@@ -617,6 +679,7 @@
CAN-2005-2551 (Buffer overflow in dhost.exe in iMonitor for Novell eDirectory
8.7.3 ...)
NOTE: not-for-us (Novell eDirectory)
CAN-2005-2547 (security.c in hcid for BlueZ 2.18 and earlier allows remote
attackers ...)
+ {DSA-782-1}
- bluez-utils 2.19-1 (bug #323365; medium)
CAN-2005-XXXX [centericq embeds libgadu, which had multiple vulns]
NOTE: Will be split once the maintainer has investigated this
@@ -719,8 +782,8 @@
CAN-2005-2500 (Buffer overflow in the xdr_xcode_array2 function in xdr.c in
Linux ...)
NOTE: Does not affect 2.6.8 or 2.4.27, fixed in current 2.6.12 kernels
- linux-2.6 2.6.12-1 (medium)
-CAN-2005-2499
- NOTE: reserved
+CAN-2005-2499 (slocate before 2.7 does not properly process very long paths,
which ...)
+ TODO: check
CAN-2005-2498 (Eval injection vulnerability in PHPXMLRPC 1.1.1 and earlier
(PEAR ...)
- drupal (unfixed; bug #323347; high)
- phpgroupware (unfixed; bug #323349; high)
@@ -740,8 +803,7 @@
NOTE: reserved
CAN-2005-2492
NOTE: reserved
-CAN-2005-2491 [PCRE Heap Overflow May Let Users Execute Arbitrary Code]
- NOTE: reserved
+CAN-2005-2491 (Integer overflow in pcre_compile.c in Perl Compatible Regular
...)
- pcre3 (unfixed; bug #324531; medium)
CAN-2005-2490
NOTE: reserved
@@ -822,13 +884,11 @@
NOTE: not-for-us (Adobe)
CAN-2005-2469
NOTE: reserved
-CAN-2005-2459 [kernel zlib vulnerability]
- NOTE: reserved
+CAN-2005-2459 (The huft_build function in inflate.c in the zlib routines in the
Linux ...)
NOTE: 2.6.8 will be handled in DSA, 2.6.8 will soon be removed from sid
- linux-2.6 2.6.12-3 (bug #323173)
- kernel-source-2.4.27 2.4.27-11 (medium)
-CAN-2005-2458 [kernel zlib vulnerability]
- NOTE: reserved
+CAN-2005-2458 (inflate.c in the zlib routines in the Linux kernel before
2.6.12.5 ...)
NOTE: 2.6.8 will be handled in DSA, 2.6.8 will soon be removed from sid
- linux-2.6 2.6.12-3 (bug #323173; medium)
- kernel-source-2.4.27 2.4.27-11 (medium)
@@ -972,8 +1032,8 @@
- hiki 0.8.3-1
CAN-2005-XXXX [Crypto weakness in Tor''s handshaking process]
- tor 0.1.0.14-1 (medium)
-CAN-2005-2457
- NOTE: reserved
+CAN-2005-2457 (The driver for compressed ISO file systems (zisofs) in the Linux
...)
+ TODO: check
CAN-2005-2456 (Array index overflow in the xfrm_sk_policy_insert function in
...)
NOTE: Will also be fixed in DSAs for 2.4.27 and 2.6.8
- linux-2.6 2.6.12-2 (bug #321401; medium)
@@ -1196,7 +1256,7 @@
- gaim 1:1.4.0-5 (low)
CAN-2005-2369 (Multiple integer signedness errors in libgadu, as used in ekg
before ...)
TODO: check gaim and others that embed libgadu in source tree
-CAN-2005-2368 (vim 6.3 before 6.3.082, with modelines enabled, allows attackers
to ...)
+CAN-2005-2368 (vim 6.3 before 6.3.082, with modelines enabled, allows external
...)
- vim 1:6.3-085+1 (bug #320017; medium)
CAN-2005-2367 (Format string vulnerability in the proto_item_set_text function
in ...)
- ethereal 0.10.12 (medium)
@@ -1554,12 +1614,12 @@
CAN-2005-2271 (iCab 2.9.8 does not clearly associate a Javascript dialog box
with the ...)
NOTE: not-for-us (iCab)
CAN-2005-2270 (Firefox before 1.0.5 and Mozilla before 1.7.9 does not properly
clone ...)
- {DSA-779-1}
+ {DSA-781-1 DSA-779-1}
- mozilla-firefox 1.0.5-1 (high)
- mozilla 2:1.7.10-1 (high)
- mozilla-thunderbird 1.0.6-1 (high)
CAN-2005-2269 (Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2
does ...)
- {DSA-779-1}
+ {DSA-781-1 DSA-779-1}
- mozilla-firefox 1.0.5-1 (high)
- mozilla 2:1.7.10-1 (medium)
- mozilla-thunderbird 1.0.6-1 (medium)
@@ -1571,12 +1631,12 @@
{DSA-779-1}
- mozilla-firefox 1.0.5-1 (medium)
CAN-2005-2266 (Firefox before 1.0.5 and Mozilla before 1.7.9 allows a child
frame to ...)
- {DSA-779-1}
+ {DSA-781-1 DSA-779-1}
- mozilla-firefox 1.0.5-1 (medium)
- mozilla 2:1.7.10-1 (medium)
- mozilla-thunderbird 1.0.6-1 (low)
CAN-2005-2265 (Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2
and 7.2 ...)
- {DSA-779-1}
+ {DSA-781-1 DSA-779-1}
- mozilla-firefox 1.0.5-1 (high)
- mozilla 2:1.7.10-1 (medium)
- mozilla-thunderbird 1.0.6-1 (medium)
@@ -1591,7 +1651,7 @@
{DSA-779-1}
- mozilla-firefox 1.0.5-1 (medium)
CAN-2005-2261 (Firefox before 1.0.5, Thunderbird before 1.0.5, Mozilla before
1.7.9, ...)
- {DSA-779-1}
+ {DSA-781-1 DSA-779-1}
- mozilla-firefox 1.0.5-1 (medium)
- mozilla 2:1.7.10-1 (medium)
- mozilla-thunderbird 1.0.6-1 (medium)
@@ -2429,12 +2489,10 @@
TODO: check
CAN-2005-2100
NOTE: reserved
-CAN-2005-2099 [kernel 2.6 keyring related DoS]
- NOTE: reserved
+CAN-2005-2099 (The Linux kernel before 2.6.12.5 does not properly destroy a
keyring ...)
NOTE: 2.6.8 and 2.4.27 not affected
- linux-2.6 2.6.12-3 (unfixed; bug #323039; medium)
-CAN-2005-2098 [kernel 2.6 keyring related DoS]
- NOTE: reserved
+CAN-2005-2098 (The KEYCTL_JOIN_SESSION_KEYRING operation in the Linux kernel
before ...)
NOTE: 2.6.8 and 2.4.27 not affected
- linux-2.6 2.6.12-3 (unfixed; bug #323039; medium)
CAN-2005-2097 (xpdf and kpdf do not properly validate the
"loca" table in PDF files, ...)
@@ -3045,7 +3103,7 @@
NOTE: not-for-us (XAMPP)
CAN-2005-2042 (Cross-site scripting (XSS) vulnerability in ajax-spell before
1.8 ...)
NOTE: not-for-us (ajax-spell)
-CAN-2005-2041 (Buffer overflow in addschup in ViRobot 2.0 allows remote
attackers to ...)
+CAN-2005-2041 (Buffer overflow in addschup in HAURI ViRobot 2.0, and possibly
other ...)
NOTE: not-for-us (ViRobot)
CAN-2005-2040 (Multiple buffer overflows in the getterminaltype function in
telnetd ...)
{DSA-758-1}
@@ -4423,6 +4481,7 @@
CAN-2005-1637 (Multiple SQL injection vulnerabilities in NPDS 4.8 and 5.0 allow
...)
NOTE: not-for-us (NPDS)
CAN-2005-1636 (mysql_install_db in MySQL 4.1.x before 4.1.12 and 5.x up to
5.0.4 ...)
+ {DSA-783-1}
- mysql-dfsg 4.0.12-2
CAN-2005-1635 (JGS-XA JGS-Portal 3.0.2 and earlier allows remote attackers to
obtain ...)
NOTE: not-for-us (JGS-Portal)
@@ -4650,6 +4709,7 @@
CAN-2005-1533
NOTE: reserved
CAN-2005-1532 (Firefox before 1.0.4 and Mozilla Suite before 1.7.8 does not
properly ...)
+ {DSA-781-1}
- mozilla-firefox 1.0.4
- mozilla-browser 2:1.7.8
- mozilla-thunderbird 1.0.6-1 (high)
@@ -6389,10 +6449,12 @@
CAN-2005-1161 (Multiple SQL injection vulnerabilities in OneWorldStore allow
remote ...)
NOTE: not-for-us (OneWorldStore)
CAN-2005-1160 (The privileged "chrome" UI code in Firefox
before 1.0.3 and Mozilla ...)
+ {DSA-781-1}
- mozilla-firefox 1.0.3-1
- mozilla 1.7.7-1
- mozilla-thunderbird 1.0.6-1 (high)
CAN-2005-1159 (The native implementations of InstallTrigger and other functions
in ...)
+ {DSA-781-1}
- mozilla-firefox 1.0.3-1
- mozilla 1.7.7-1
- mozilla-thunderbird 1.0.6-1 (medium)
@@ -6777,6 +6839,7 @@
CAN-2005-0990 (unshar (unshar.c) in sharutils 4.2.1 allows local users to
overwrite ...)
- sharutils 4.2.1-13
CAN-2005-0989 (The find_replen function in jsstr.c in the the Javascript engine
for ...)
+ {DSA-781-1}
- mozilla 1.7.7-1
- mozilla-firefox 1.0.2-3
- mozilla-thunderbird 1.0.6-1 (medium)
@@ -12836,7 +12899,7 @@
NOTE: apparently the security team thinks this is a minor issue; nevertheless,
NOTE: the bug is still open, so they should close it if it really is
neglectible.
NOTE: not listed in usual format since I''m tired of looking at it in
the report -- JEH
-CAN-2004-0174 (Apache before 2.0.49, when using multiple listening sockets on
certain ...)
+CAN-2004-0174 (Apache 1.4.x before 1.3.30, and 2.0.x before 2.0.49, when using
...)
- apache 1.3.29.0.2-5
CAN-2004-0172 (Heap-based buffer overflow in the search_for_command function of
...)
NOTE: not-for-us (ltrace; Debian (and no other distribution) installs this
SUID root)