Author: joeyh
Date: 2005-09-11 21:14:16 +0000 (Sun, 11 Sep 2005)
New Revision: 1918
Modified:
data/CAN/list
Log:
automatic CAN database update
Modified: data/CAN/list
==================================================================---
data/CAN/list 2005-09-11 21:01:42 UTC (rev 1917)
+++ data/CAN/list 2005-09-11 21:14:16 UTC (rev 1918)
@@ -1200,7 +1200,7 @@
CAN-2005-2499 (slocate before 2.7 does not properly process very long paths,
which ...)
- slocate (unfixed; bug #324951; low)
CAN-2005-2498 (Eval injection vulnerability in PHPXMLRPC 1.1.1 and earlier
(PEAR ...)
- {DSA-798-1 DSA-789-1}
+ {DSA-798-1 DSA-789-1 DTSA-16-1}
- drupal 4.5.5-1 (bug #323347; high)
- phpgroupware 0.9.16.008-1 (bug #323349; high)
- egroupware 1.0.0.009.dfsg-1 (bug #323350; high)
@@ -4086,7 +4086,7 @@
{DSA-737-1 DTSA-3-1}
- clamav 0.86.1-1 (low)
CAN-2005-1921 (Eval injection vulnerability in PEAR XML_RPC 1.3.0 and earlier
(aka ...)
- {DSA-789-1 DSA-746-1 DSA-747-1 DSA-745-1}
+ {DSA-789-1 DSA-746-1 DSA-747-1 DSA-745-1 DTSA-16-1}
NOTE: ITP #312413 - submitter contacted, she has already addressed this
NOTE: This will probably be re-organized by the CVE editor, but lets keep it
for now,
NOTE: as it''s the same issue
@@ -4481,7 +4481,7 @@
CAN-2005-1756 (Cross-site scripting (XSS) vulnerability in the ModWeb agent for
...)
NOTE: not-for-us (Novell)
CAN-2005-1751 (Race condition in shtool 2.0.1 and earlier allows local users to
...)
- {DSA-789-1}
+ {DSA-789-1 DTSA-16-1}
- shtool 2.0.1-2 (low)
- mysql-ocaml 1.0.3-6 (low)
- php4 4:4.4.0-1 (low)
@@ -6568,7 +6568,7 @@
NOTE: CVE id requested from mitre
CAN-2005-1245 (Cross-site scripting (XSS) vulnerability in MediaWiki before
1.4.2, ...)
NOTE: not-for-us (MediaWiki)
- NOTE: see CAN-2005-1888
+ NOTE: see CAN-2005-1888
CAN-2005-1244 (Directory traversal vulnerability in the third party tool from
NetIQ, ...)
NOTE: not-for-us (AS/400 FTP server addon)
CAN-2005-1243 (Directory traversal vulnerability in the third party tool from
...)
@@ -8692,13 +8692,13 @@
NOTE: not-for-us (iGeneric (iG) Shop)
CAN-2005-0536 (Directory traversal vulnerability in MediaWiki 1.3.x before
1.3.11 and ...)
NOTE: not-for-us (MediaWiki not yet in Debian)
- NOTE: see CAN-2005-1888
+ NOTE: see CAN-2005-1888
CAN-2005-0535 (Cross-site request forgery (CSRF) vulnerability in MediaWiki
1.3.x ...)
NOTE: not-for-us (MediaWiki not yet in Debian)
- NOTE: see CAN-2005-1888
+ NOTE: see CAN-2005-1888
CAN-2005-0534 (Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki
1.3.x ...)
NOTE: not-for-us (MediaWiki not yet in Debian)
- NOTE: see CAN-2005-1888
+ NOTE: see CAN-2005-1888
CAN-2005-0533 (Heap-based buffer overflow in Trend Micro AntiVirus Library
VSAPI ...)
NOTE: not-for-us (Trend Micro AntiVirus)
CAN-2005-0532 (The reiserfs_copy_from_user_to_file_region function in
reiserfs/file.c ...)
@@ -9736,7 +9736,7 @@
NOTE: not-for-us (Ikonboard)
CAN-2004-1405 (MediaWiki 1.3.8 and earlier, when used with Apache mod_mime,
does not ...)
NOTE: not-for-us (MediaWiki not yet in Debian)
- NOTE: see CAN-2005-1888
+ NOTE: see CAN-2005-1888
CAN-2004-1404 (Attachment Mod 2.3.10 module for phpBB, when used with Apache
...)
NOTE: not-for-us (Attachment Mod for phpBB)
CAN-2004-1403 (PHP remote code injection vulnerability in index.php in GNUBoard
3.39 ...)