Author: joeyh Date: 2005-08-25 02:28:33 +0000 (Thu, 25 Aug 2005) New Revision: 1642 Modified: data/CAN/list Log: checked new batch Modified: data/CAN/list ==================================================================--- data/CAN/list 2005-08-24 21:48:44 UTC (rev 1641) +++ data/CAN/list 2005-08-25 02:28:33 UTC (rev 1642) @@ -1,44 +1,43 @@ CAN-2005-2684 (nquser.php in Virtual Edge Netquery 3.11 allows remote attackers to ...) - TODO: check + NOTE: not-for-us (Virtual Edge Netquery) CAN-2005-2683 (SQL injection vulnerability in include.php in PHPKit 1.6.1 allow ...) - TODO: check + NOTE: not-for-us (PHPKit) CAN-2005-2682 (aspell_setup.php in the SpellChecker plugin in DTLink AreaEdit before ...) - TODO: check + NOTE: not-for-us (DTLink AreaEdit) CAN-2005-2681 (Unspecified vulnerability in the command line processing (CLI) logic ...) - TODO: check + NOTE: not-for-us (Cisco) CAN-2005-2680 (Unspecified vulnerability in BEA WebLogic Portal 8.1 through SP4, when ...) - TODO: check + NOTE: not-for-us (BEA WebLogic Portal) CAN-2005-2679 (Buffer overflow in Sysinternals Process Explorer 9.23, and other ...) - TODO: check + NOTE: not-for-us (Sysinternals Process Explorer) CAN-2005-2678 (Microsoft IIS 5.1 and 6 allows remote attackers to spoof the ...) - TODO: check + NOTE: not-for-us (MSIE) CAN-2005-2677 (ACNews stores the database in a file under the web document root with ...) - TODO: check + NOTE: not-for-us (ACNews) CAN-2005-2676 (Cross-site scripting (XSS) vulnerability in displayimage.php in ...) - TODO: check + NOTE: not-for-us (Coppermine) CAN-2005-2675 (** DISPUTED ** Note: the vendor has disputed this issue. ...) - TODO: check + NOTE: not-for-us (Land Down Under) CAN-2005-2674 (** DISPUTED ** Note: the vendor has disputed this issue. ...) - TODO: check + NOTE: not-for-us (Land Down Under) CAN-2005-2673 (SQL injection vulnerability in modcp.php in WoltLab Burning Board ...) - TODO: check + NOTE: not-for-us (Burning Board) CAN-2005-2671 NOTE: rejected - TODO: check CAN-2005-2670 (Directory traversal vulnerability in HAURI Anti-Virus products ...) - TODO: check + NOTE: not-for-us (HAURI) CAN-2005-2669 (Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 ...) - TODO: check + NOTE: not-for-us (Computer Associates) CAN-2005-2668 (Multiple buffer overflows in Computer Associates (CA) Message Queuing ...) - TODO: check + NOTE: not-for-us (Computer Associates) CAN-2005-2667 (Unknown vulnerability in Computer Associates (CA) Message Queuing (CAM ...) - TODO: check + NOTE: not-for-us (Computer Associates) CAN-2005-2666 (SSH, as implemented in OpenSSH before 4.0 and possibly other ...) - TODO: check + - openssh 1:4.0p1-1 (low) CAN-2005-2665 (Stack-based buffer overflow in expires.c in Elm 2.5 PL5 through PL7, ...) - TODO: check + NOTE: elm-me+ is no longer in unstable or testing CAN-2005-2664 (Whisper 32 1.16, and possibly earlier versions, stores passwords in ...) - TODO: check + NOTE: not-for-us (Whisper) CAN-2005-2663 NOTE: reserved CAN-2005-2662 @@ -783,7 +782,7 @@ NOTE: Does not affect 2.6.8 or 2.4.27, fixed in current 2.6.12 kernels - linux-2.6 2.6.12-1 (medium) CAN-2005-2499 (slocate before 2.7 does not properly process very long paths, which ...) - TODO: check + - slocate (unfixed; bug filed; low) CAN-2005-2498 (Eval injection vulnerability in PHPXMLRPC 1.1.1 and earlier (PEAR ...) - drupal (unfixed; bug #323347; high) - phpgroupware (unfixed; bug #323349; high)