Author: joeyh Date: 2005-09-09 09:14:15 +0000 (Fri, 09 Sep 2005) New Revision: 1870 Modified: data/CAN/list Log: automatic CAN database update Modified: data/CAN/list ==================================================================--- data/CAN/list 2005-09-09 02:28:32 UTC (rev 1869) +++ data/CAN/list 2005-09-09 09:14:15 UTC (rev 1870) @@ -1,3 +1,63 @@ +CAN-2005-2870 (Unknown vulnerability in the net-svc script on Solaris 10 allows ...) + TODO: check +CAN-2005-2869 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...) + TODO: check +CAN-2005-2868 (ZipTorrent 1.3.7.3 stores sensitive information in plaintext in the ...) + TODO: check +CAN-2005-2867 (SQL injection vulnerability in BlueWhaleCRM allows remote attackers to ...) + TODO: check +CAN-2005-2866 (Mercora IMRadio 4.0.0.0 stores usernames and passwords in plaintext in ...) + TODO: check +CAN-2005-2865 (Multiple PHP remote file inclusion vulnerabilities in aMember Pro ...) + TODO: check +CAN-2005-2864 (URBAN 1.5.3_1 allows local users to overwrite arbitrary files via a ...) + TODO: check +CAN-2005-2863 (Cross-site scripting (XSS) vulnerability in openwebmail-main.pl in ...) + TODO: check +CAN-2005-2862 (ADSL Road Runner modem in the Annex A family has a service running on ...) + TODO: check +CAN-2005-2861 (Cross-site scripting (XSS) vulnerability in N-Stealth Commercial ...) + TODO: check +CAN-2005-2860 (Cross-site scripting (XSS) vulnerability in Nikto 1.35 and earlier ...) + TODO: check +CAN-2005-2859 (Savant Web Server stores user credentials in plaintext in the ...) + TODO: check +CAN-2005-2858 (The Fetch.FetchContact.1 ActiveX control (Fetch.dll) for Rediff Bol ...) + TODO: check +CAN-2005-2857 (Free SMTP Server 2.2 allows remote attackers to use the server as an ...) + TODO: check +CAN-2005-2856 (Stack-based buffer overflow in UNACEV2.DLL for ALZip 5.51 through 6.11 ...) + TODO: check +CAN-2005-2855 (Cross-site scripting (XSS) vulnerability in Unclassified NewsBoard ...) + TODO: check +CAN-2005-2854 (CRLF injection vulnerability in thesitewizard.com chfeedback.pl ...) + TODO: check +CAN-2005-2853 (Multiple cross-site scripting (XSS) vulnerabilities in GuppY 4.5.3a ...) + TODO: check +CAN-2005-2852 (Unknown vulnerability in CIFS.NLM in Novell Netware 6.5 SP2 and SP3, ...) + TODO: check +CAN-2005-2851 (smb4k 0.4 and other versions before 0.6.3 allows local users to read ...) + TODO: check +CAN-2005-2850 (SlimFTPd 3.17 allows remote attackers to cause a denial of service ...) + TODO: check +CAN-2005-2849 (Argument injection vulnerability in Barracuda Spam Firewall running ...) + TODO: check +CAN-2005-2848 (Directory traversal vulnerability in img.pl in Barracuda Spam Firewall ...) + TODO: check +CAN-2005-2847 (img.pl in Barracuda Spam Firewall running firmware 3.1.16 and 3.1.17 ...) + TODO: check +CAN-2005-2846 (PHP remote file inclusion vulnerability in lang.php in CMS Made Simple ...) + TODO: check +CAN-2005-2845 (Ariba Spend Management System sends the username and password to the ...) + TODO: check +CAN-2005-2844 (Buffer overflow in MMClient.exe in Indiatimes Messenger 6.0 allows ...) + TODO: check +CAN-2005-2843 (Helpdesk software Hesk 0.92 does not properly verify usernames and ...) + TODO: check +CAN-2005-2842 (Buffer overflow in dwrcs.exe in DameWare Mini Remote Control before ...) + TODO: check +CAN-2005-2841 (Buffer overflow in Firewall Authentication Proxy for FTP and/or Telnet ...) + TODO: check CAN-2005-2840 (Multiple unknown vulnerabilities in MAXdev MD-Pro 1.0.72 and earlier ...) NOTE: not-for-us (MAXdev) CAN-2005-2839 (Multiple cross-site scripting (XSS) vulnerabilities in MAXdev MD-Pro ...) @@ -135,9 +195,9 @@ NOTE: not-for-us (HP OpenView) CAN-2005-2772 (Multiple stack-based buffer overflows in University of Minnesota ...) TODO: check -CAN-2005-2771 (Reflection for Secure IT Windows Server 6.0 (formerly known as ...) +CAN-2005-2771 (WRQ Reflection for Secure IT Windows Server 6.0 (formerly known as ...) NOTE: not-for-us (Reflection for Secure IT) -CAN-2005-2770 (WRQ Reflection for Secure IT Windows Server 6.0 does not properly ...) +CAN-2005-2770 (WRQ Reflection for Secure IT Windows Server 6.0 (formerly known as ...) NOTE: not-for-us (Reflection for Secure IT) CAN-2005-2769 (Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 and ...) TODO: check @@ -3518,8 +3578,8 @@ NOTE: not-for-us (iPlanet) CAN-2005-2021 (Cross-site scripting (XSS) vulnerability in cPanel 9.1 and earlier ...) NOTE: not-for-us (cPanel) -CAN-2005-2020 - NOTE: reserved +CAN-2005-2020 (Directory traversal vulnerability in the web server for 3Com Network ...) + TODO: check CAN-2005-2019 (ipfw in FreeBSD 5.4, when running on Symmetric Multi-Processor (SMP) ...) NOTE: not-for-us (FreeBSD ipfw) CAN-2005-2018