Author: joeyh Date: 2005-08-29 18:41:49 +0000 (Mon, 29 Aug 2005) New Revision: 1715 Modified: data/CAN/list Log: maildrop hole Modified: data/CAN/list ==================================================================--- data/CAN/list 2005-08-29 15:07:42 UTC (rev 1714) +++ data/CAN/list 2005-08-29 18:41:49 UTC (rev 1715) @@ -85,6 +85,7 @@ NOTE: reserved CAN-2005-2655 NOTE: reserved + - maildrop 1.5.3-2 (medium) CAN-2005-2654 NOTE: reserved CAN-2005-XXXX [cplay - still unsafe temporary file handling vulnerable to symlink attacks] @@ -596,7 +597,7 @@ CAN-2004-2344 (Unknown vulnerability in the ASN.1/H.323/H.225 stack of VocalTec ...) NOTE: not-for-us (VocalTec) CAN-2004-2343 (** DISPUTED ** ...) - TODO: check + NOTE: apache disputes this and I agree -- joeyh CAN-2004-2342 (ChatterBox 2.0 allows remote attackers to cause a denial of service ...) NOTE: not-for-us (ChatterBox) CAN-2004-2341 (PHP file include injection vulnerability in isearch.inc.php for ...)