Author: fw Date: 2005-09-18 10:25:05 +0000 (Sun, 18 Sep 2005) New Revision: 2038 Modified: data/CAN/list Log: Resolve a few TODOs, adding BTS xrefs where necessary. Modified: data/CAN/list ==================================================================--- data/CAN/list 2005-09-18 10:11:02 UTC (rev 2037) +++ data/CAN/list 2005-09-18 10:25:05 UTC (rev 2038) @@ -2266,8 +2266,9 @@ CAN-2002-2039 (/bin/su in QNX realtime operating system (RTOS) 4.25 and 6.1.0 allows ...) NOTE: not-for-us (QNX) CAN-2002-2038 (Next Generation POSIX Threading (NGPT) 1.9.0 uses a filesystem-based ...) - TODO: check, ISS says Linux: Linux Any version + NOTE: not-for-us (NGPT) NOTE: http://lists.debian.org/debian-user/2003/10/msg03627.html + NOTE: NPTL does not have this problem. CAN-2002-2037 (The Cisco Media Gateway Controller (MGC) in (1) SC2200 7.4 and ...) NOTE: not-for-us (Cisco) CAN-2002-2036 (Sun Ray Server Software (SRSS) 1.3, when Non-Smartcard Mobility (NSCM) ...) @@ -2440,7 +2441,11 @@ CAN-2001-1541 (Buffer overflow in Unix-to-Unix Copy Protocol (UUCP) in BSDI BSD/OS ...) NOTE: not-for-us (BSDI UUCP) CAN-2001-1540 (IPRoute 0.973, 0.974 and 1.18 allows remote attackers to cause a ...) - TODO: try nmap exploit + NOTE: not-for-us (IPRoute router software) + NOTE: This is not for iproute/iproute2. + NOTE: From Chris Gragsone''s message on BUGTRAQ: + NOTE: "IPRoute, by David F. Mischler, is PC-based router software + NOTE: "for networks running the Internet Protocol (IP)." CAN-2001-1539 (The JavaScript settimeout function in Internet Explorer allows remote ...) NOTE: not-for-us (MSIE) CAN-2001-1538 (SpeedXess HA-120 DSL router has a default administrative password of ...) @@ -2451,12 +2456,12 @@ CAN-2001-1536 (Autogalaxy stores usernames and passwords in cleartext in cookies, ...) NOTE: not-for-us (Autogalaxy) CAN-2001-1535 (Slashcode 2.0 creates new accounts with an 8-character random ...) - NOTE: cannot find paper about this anymore - TODO: followup + - slash (bug #328927; unfixed; low) CAN-2001-1534 (mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID''s ...) - NOTE: cannot find paper about this anymore - NOTE: only affects things misusing apache session IDs - TODO: followup + - apache (bug #328919; unimportant) + - apache2 (unfixed; unimportant) + NOTE: Cookies are only used for invading user privacy, + NOTE: not for authentication, so apache and apache2 should be fine. CAN-2001-1533 (** DISPUTED * ...) NOTE: not-for-us (Microsoft) CAN-2001-1532 (WebX stores authentication information in the HTTP_REFERER variable, ...) @@ -3189,9 +3194,10 @@ CAN-2002-1977 (Network Associates PGP 7.0.4 and 7.1 does not time out according to ...) NOTE: not-for-us (Proprietary PGP) CAN-2002-1976 (ifconfig, when used on the Linux kernel 2.2 and later, does not report ...) - NOTE: Kernel 2.2 introduced a different way to set promisc mode through setsockopt() - NOTE: instead through an ioctl() as before. - TODO: check, whether current ifconfig handles that correctly, I guess so + - net-tools (unfixed; unimportant) + NOTE: This seems to be a misunderstanding of what the PROMISC flag + NOTE: is about. ifconfig reports properly when it is set using + NOTE: "ifconfig promisc". CAN-2002-1975 (Sharp Zaurus PDA SL-5000D and SL-5500 uses a salt of "A0" to encrypt ...) NOTE: not-for-us (Zaurus hardware) CAN-2002-1974 (The FTP service in Zaurus PDAs SL-5000D and SL-5500 does not require ...) @@ -4029,7 +4035,7 @@ CAN-2001-1484 (Alcatel ADSL modems allow remote attackers to access the Trivial File ...) NOTE: not-for-us (Alcatel hardware issue) CAN-2001-1483 (One-Time Passwords In Everything (a.k.a OPIE) 2.32 and 2.4 allows ...) - TODO: check + - libpam-opie (unfixed; bug #112279; low) CAN-2001-1482 (SQL injection vulnerability in bb_memberlist.php for phpBB 1.4.2 ...) NOTE: phpbb was initially uploaded as version 2 or phpbb has been removed now CAN-2001-1481 (Xitami 2.4 through 2.5 b4 stores the Administrator password in ...) @@ -9014,10 +9020,10 @@ CAN-2003-1085 (The HTTP server in the Thomson TWC305, TWC315, and TCW690 cable modem ...) NOTE: not-for-us (Thomson cable modem) CAN-2005-0488 (Certain BSD-based Telnet clients, including those used on Solaris and ...) - NOTE: netkit-telnet not affected - TODO: check heimdal + TODO: check heimdal, netkit-telnet-ssl - krb4 (unfixed; low) - krb5 (unfixed; low) + - netkit-telnet not-affected (netkit-telnet is not affected) CAN-2004-1639 (Mozilla Firefox before 0.10, Mozilla 5.0, and Gecko 20040913 allows ...) NOTE: This is not a real security issue; it just describes the fact that the Gecko NOTE: engine of the Mozillae may be lead into a crash if you feed it with large chunks