Author: mhelas-guest Date: 2005-08-28 18:50:13 +0000 (Sun, 28 Aug 2005) New Revision: 1700 Modified: data/CAN/list Log: unclaimed my CANs as i am too busy ATM with other stuff. Modified: data/CAN/list ==================================================================--- data/CAN/list 2005-08-28 18:35:35 UTC (rev 1699) +++ data/CAN/list 2005-08-28 18:50:13 UTC (rev 1700) @@ -1774,7 +1774,6 @@ CAN-2002-2050 (Directory traversal vulnerability in processor_web plugin for ModLogAn ...) NOTE: fixed in 0.7.12-1 - modlogan 0.7.12-1 (low) -begin claimed by zobel CAN-2002-2049 (configure for Dsniff 2.3, fragroute 1.2, and fragrouter 1.6, when ...) TODO: check CAN-2002-2048 (Buffer overflow in PFinger 0.7.8 client allows remote attackers to ...) @@ -1791,43 +1790,45 @@ CAN-2002-2043 (SQL injection vulnerability in the LDAP and MySQL authentication patch ...) TODO: check CAN-2002-2042 (ptrace in the QNX realtime operating system (RTOS) 4.25 and 6.1.0 ...) - TODO: check + NOTE: not-for-us (QNX) CAN-2002-2041 (Multiple buffer overflows in realtime operating system (RTOS) 6.1.0 ...) - TODO: check + NOTE: not-for-us (QNX) CAN-2002-2040 (The (1) phrafx and (2) phgrafx-startup programs in QNX realtime ...) - TODO: check + NOTE: not-for-us (QNX) CAN-2002-2039 (/bin/su in QNX realtime operating system (RTOS) 4.25 and 6.1.0 allows ...) - TODO: check + NOTE: not-for-us (QNX) CAN-2002-2038 (Next Generation POSIX Threading (NGPT) 1.9.0 uses a filesystem-based ...) - TODO: check + TODO: check, ISS says Linux: Linux Any version + NOTE: http://lists.debian.org/debian-user/2003/10/msg03627.html CAN-2002-2037 (The Cisco Media Gateway Controller (MGC) in (1) SC2200 7.4 and ...) - TODO: check + NOTE: not-for-us (Cisco) CAN-2002-2036 (Sun Ray Server Software (SRSS) 1.3, when Non-Smartcard Mobility (NSCM) ...) - TODO: check + NOTE: not-for-us (Sun) CAN-2002-2035 (SQL injection vulnerability in RealityScape MyLogin 2000 1.0.0 and ...) - TODO: check + NOTE: not-for-us (RealityScape) CAN-2002-2034 (The Email Sanitizer before 1.133 for Procmail allows remote attackers ...) - TODO: check + NOTE: not-for-us (Email Sanitizer) CAN-2002-2033 (faqmanager.cgi in FAQManager 2.2.5 and earlier allows remote attackers ...) - TODO: check + NOTE: not-for-us (FAQManager) CAN-2002-2032 (sql_layer.php in PHP-Nuke 5.4 and earlier does not restrict access to ...) TODO: check CAN-2002-2031 (Internet Explorer 5.0, 5.0.1 and 5.5 with JavaScript execution enabled ...) - TODO: check + NOTE: not-for-us (Microsoft) CAN-2002-2030 (Stack-based buffer overflow in SQLData Enterprise Server 3.0 allows ...) TODO: check CAN-2002-2029 (PHP, when installed on Windows with Apache and ScriptAlias for /php/ ...) - TODO: check + NOTE: not-for-us (PHP, Mircrosoft) CAN-2002-2028 (The screensaver on Windows NT 4.0, 2000, XP, and 2002 does not verify ...) - TODO: check + NOTE: not-for-us (Microsoft) CAN-2002-2027 (Database of Our Owlish Wisdom (DOOW) 0.1 through 0.2.1 does not ...) TODO: check CAN-2002-2026 (Buffer overflow in BrowseFTP 1.62 client allows remote FTP servers to ...) - TODO: check + NOTE: not-for-us (BrowseFTP) CAN-2002-2025 (Lotus Domino server 5.0.9a and earlier allows remote attackers to ...) - TODO: check + NOTE: not-for-us (Lotus Domino) CAN-2002-2024 (Horde IMP 2.2.7 allows remote attackers to obtain the full web root ...) - TODO: check + NOTE: fixed in 3:2.2.6-5 + - imp 3:2.2.6-5 (high) CAN-2002-2023 (The get_parameter_from_freqency_source function in beep2 1.0, 1.1 and ...) TODO: check CAN-2002-2022 (Format string vulnerability in Kaffe OpenVM 1.0.6 and earlier allows ...) @@ -1902,7 +1903,6 @@ TODO: check CAN-2002-1987 (Directory traversal vulnerability in view_source.jsp in Resin 2.1.2 ...) TODO: check -end claimed by zobel CAN-2001-1572 (The MAC module in Netfilter in Linux kernel 2.4.1 through 2.4.11, when ...) NOTE: presumably fixed in linux 2.4.12 CAN-2001-1571 (The Remote Desktop client in Windows XP sends the most recent user ...)