Secure testing commits - Sep 2005 - r2110 - data/CAN

Author: jmm-guest
Date: 2005-09-22 21:33:28 +0000 (Thu, 22 Sep 2005)
New Revision: 2110

Modified:
   data/CAN/list
Log:
processed block, only nfus, claim remaining block


Modified: data/CAN/list
==================================================================---
data/CAN/list	2005-09-22 21:27:28 UTC (rev 2109)
+++ data/CAN/list	2005-09-22 21:33:28 UTC (rev 2110)
@@ -32,38 +32,37 @@
 	NOTE: not-for-us (Ahnlab Anti virus)
 CAN-2005-3028
 	NOTE: rejected
-begin claimed by jmm
 CAN-2005-3027 (Sybari Antigen 8.0 SR2 does not properly filter SMTP messages,
which ...)
-	TODO: check
+	NOTE: not-for-us (Sybari Antigen anti spam solution)
 CAN-2005-3026 (Directory traversal vulnerability in index.php in Alstrasoft
Epay Pro ...)
-	TODO: check
+	NOTE: not-for-us (Epay Pro)
 CAN-2005-3025 (Multiple cross-site scripting (XSS) vulnerabilities in vBulletin
3.0.7 ...)
-	TODO: check
+	NOTE: not-for-us (vBulletin)
 CAN-2005-3024 (Multiple SQL injection vulnerabilities in vBulletin 3.0.7 and
earlier ...)
-	TODO: check
+	NOTE: not-for-us (vBulletin)
 CAN-2005-3023 (Multiple cross-site scripting (XSS) vulnerabilities in vBulletin
3.0.9 ...)
-	TODO: check
+	NOTE: not-for-us (vBulletin)
 CAN-2005-3022 (Multiple SQL injection vulnerabilities in vBulletin 3.0.9 and
earlier ...)
-	TODO: check
+	NOTE: not-for-us (vBulletin)
 CAN-2005-3021 (image.php in vBulletin 3.0.9 and earlier allows remote attackers
with ...)
-	TODO: check
+	NOTE: not-for-us (vBulletin)
 CAN-2005-3020 (Multiple cross-site scripting (XSS) vulnerabilities in vBulletin
...)
-	TODO: check
+	NOTE: not-for-us (vBulletin)
 CAN-2005-3019 (Multiple SQL injection vulnerabilities in vBulletin before 3.0.9
allow ...)
-	TODO: check
+	NOTE: not-for-us (vBulletin)
 CAN-2005-3018 (Apple Safari allows remote attackers to cause a denial of
service ...)
-	TODO: check
+	NOTE: not-for-us (Safari)
 CAN-2005-3017 (PHP file inclusion vulnerability in index.php in Content2Web
1.0.1 ...)
-	TODO: check
+	NOTE: not-for-us (Content2Web)
 CAN-2005-3016 (Multiple unspecified vulnerabilities in the WYSIWYG editor in
PHP-Nuke ...)
-	TODO: check
+	NOTE: not-for-us (PHP-Nuke)
 CAN-2005-3015 (Cross-site scripting (XSS) vulnerability in IBM Lotus Domino
6.5.2 ...)
-	TODO: check
+	NOTE: not-for-us (Lotus Domino)
 CAN-2005-3014 (Cross-site scripting (XSS) vulnerability in Ensim webplliance
allows ...)
-	TODO: check
+	NOTE: not-for-us (Ensim webppliance)
 CAN-2005-3013 (Buffer overflow in YaST for SuSE Linux 9.3 allows local users to
...)
-	TODO: check
-end claimed by jmm
+	NOTE: not-for-us (YaST)
+begin claimed by jmm
 CAN-2005-3012 (The MasterDataCD::createImage function in masterdatacd.cpp for
...)
 	TODO: check
 CAN-2005-3011 (texindex in texinfo 4.7 and earlier allows local users to
overwrite ...)
@@ -109,6 +108,7 @@
 CAN-2005-2992 [Another arc tempfile issue]
 	NOTE: reserved
 	- arc 5.21m-1 (low)
+end claimed by jmm
 CAN-2005-XXXX [Firefox passes URLs with backticks from external programs to the
shell]
 	- mozilla-firefox not-affected (Debian ships a non-vulnerable wrapper script)
 	- mozilla-thunderbird (unfixed; bug #329667; high)