Author: joeyh
Date: 2005-09-24 09:14:17 +0000 (Sat, 24 Sep 2005)
New Revision: 2146
Modified:
data/CAN/list
Log:
automatic CAN database update
Modified: data/CAN/list
==================================================================---
data/CAN/list 2005-09-24 03:58:31 UTC (rev 2145)
+++ data/CAN/list 2005-09-24 09:14:17 UTC (rev 2146)
@@ -938,15 +938,15 @@
CAN-2005-2637 (Multiple SQL injection vulnerabilities in PHPFreeNews 1.40 and
earlier ...)
NOT-FOR-US: PHPFreeNews
CAN-2005-2636 (SQL injection vulnerability in lib-view-direct.inc.php in
phpAdsNew ...)
- - phpadsnew <itp> (bug #226636)
+ - phpadsnew <itp> (bug #226636)
CAN-2005-2635 (Multiple directory traversal vulnerabilities in phpAdsNew and
phpPgAds ...)
- - phpadsnew <itp> (bug #226636)
+ - phpadsnew <itp> (bug #226636)
CAN-2005-2634 (Buffer overflow in the Log-SCR function in the "Log to
Screen" feature ...)
NOT-FOR-US: WinFTP Server
CAN-2005-2633 (Multiple PHP file inclusion vulnerabilities in (1) admin_o.php,
(2) ...)
NOT-FOR-US: PHPTB Topic Board
CAN-2005-2632 (SQL injection vulnerability in login_admin_mediabox404.php in
...)
- - mediabox404 <itp> (bug #294397)
+ - mediabox404 <itp> (bug #294397)
CAN-2005-2631 (Cisco Clean Access (CCA) 3.3.0 to 3.3.9, 3.4.0 to 3.4.5, and
3.5.0 to ...)
NOT-FOR-US: Cisco
CAN-2005-2630
@@ -2041,7 +2041,7 @@
CAN-2005-2397 (Cross-site scripting (XSS) vulnerability in guestbook.php in
phpBook ...)
NOT-FOR-US: phpBook
CAN-2005-2396 (Cross-site scripting (XSS) vulnerability in MediaWiki 1.4.6 and
...)
- - mediawiki <itp> (bug #276057)
+ - mediawiki <itp> (bug #276057)
CAN-2005-2395 (Mozilla Firefox 1.0.4 and 1.0.5 does not choose the challenge
with the ...)
- mozilla-firefox <unfixed> (bug #320539; medium)
- mozilla <unfixed> (bug #320538; medium)
@@ -2163,7 +2163,7 @@
CAN-2005-2332 (Cross-site scripting (XSS) vulnerability in PHPPageProtect
1.0.0a ...)
NOT-FOR-US: PHPPageProtect
CAN-2005-2331 (PHP remote file inclusion vulnerability in display.php in
MooseGallery ...)
- NOT-FOR-US: MooseGallery
+ NOT-FOR-US: MooseGallery
CAN-2005-2330 (Directory traversal vulnerability in update.php in osCommerce
2.2 ...)
NOT-FOR-US: osCommerce
CAN-2005-2329 (MRV Communications In-Reach LX-8000S, LX-4000S, and LX-1000S
3.5.0, ...)
@@ -2906,7 +2906,7 @@
{DSA-762-1}
- affix 2.1.2-2 (medium)
CAN-2005-2249 (Multiple unknown vulnerabilities in Jinzora 2.0.1 have unknown
impact ...)
- - jinzora <itp> (bug #289487)
+ - jinzora <itp> (bug #289487)
CAN-2005-2248 (Directory traversal vulnerability in DownloadProtect before
1.0.3 ...)
NOT-FOR-US: DownloadProtect
CAN-2005-2247 (Multiple unknown vulnerabilities in Moodle before 1.5.1 have
unknown ...)
@@ -3124,11 +3124,11 @@
CAN-2004-2188 (Cross-site scripting (XSS) vulnerability in DMXReady Site
Chassis ...)
NOT-FOR-US: DMXReady
CAN-2004-2187 (Unknown vulnerability in ImagePage for MediaWiki 1.3.5, related
to ...)
- - mediawiki <itp> (bug #276057)
+ - mediawiki <itp> (bug #276057)
CAN-2004-2186 (SQL injection vulnerability in MediaWiki 1.3.5 allows remote
attackers ...)
- - mediawiki <itp> (bug #276057)
+ - mediawiki <itp> (bug #276057)
CAN-2004-2185 (Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki
1.3.5 ...)
- - mediawiki <itp> (bug #276057)
+ - mediawiki <itp> (bug #276057)
CAN-2004-2184 (Directory traversal vulnerability in Digicraft Yak! server 2.0
through ...)
NOT-FOR-US: Digicraft Yak!
CAN-2004-2183 (Unknown vulnerability in WeHelpBUS 0.1 allows remote attackers
to ...)
@@ -3178,9 +3178,9 @@
CAN-2004-2159 (Multiple buffer overflows in XMLStarlet Command Line XML Toolkit
0.9.3 ...)
- xmlstarlet 1.0.0-1
CAN-2004-2158 (SQL injection vulnerability in Serendipity 0.7-beta1 allows
remote ...)
- - serendipity <itp> (bug #312413)
+ - serendipity <itp> (bug #312413)
CAN-2004-2157 (Cross-site scripting (XSS) vulnerability in Comment.php in
Serendipity ...)
- - serendipity <itp> (bug #312413)
+ - serendipity <itp> (bug #312413)
CAN-2004-2156 (Multiple unknown vulnerabilities in Online Recruitment Agency
1.0 have ...)
NOT-FOR-US: Online Recruitment Agency
CAN-2004-2155 (Online-bookmarks before 0.4.6 allows remote attackers to bypass
its ...)
@@ -3427,7 +3427,7 @@
CAN-2004-2153 (Multiple unknown vulnerabilities in Real Estate Management
Software ...)
NOT-FOR-US: Real Estate Management Software
CAN-2004-2152 (Cross-site scripting (XSS) vulnerability in
''raw'' page output mode for ...)
- - mediawiki <itp> (bug #276057)
+ - mediawiki <itp> (bug #276057)
CAN-2004-2151 (Chatman 1.1.1 RCL and earlier allows remote attackers to cause a
...)
NOT-FOR-US: Chatman
CAN-2004-2150 (Nettica Corporation INTELLIPEER Email Server 1.01 displays
different ...)
@@ -3892,7 +3892,7 @@
CAN-2002-1803 (Cross-site scripting (XSS) vulnerability in PHP-Nuke 6.0 allows
remote ...)
NOT-FOR-US: PHP-Nuke
CAN-2002-1802 (Cross-site scripting (XSS) vulnerability in Xoops 1.0 RC3 allows
...)
- - xoops <itp> (bug #207640)
+ - xoops <itp> (bug #207640)
CAN-2002-1801 (ImageFolio 2.23 through 2.27 allows remote attackers to obtain
...)
NOT-FOR-US: ImageFolio
CAN-2002-1800 (phpRank 1.8 stores the administrative password in plaintext on
the ...)
@@ -4505,7 +4505,7 @@
- clamav 0.86.1-1 (low)
CAN-2005-1921 (Eval injection vulnerability in PEAR XML_RPC 1.3.0 and earlier
(aka ...)
{DSA-789-1 DSA-746-1 DSA-747-1 DSA-745-1 DTSA-15-1}
- - serendipity <itp> (bug #312413)
+ - serendipity <itp> (bug #312413)
- drupal 4.5.4-1 (high; bug #316362)
- phpgroupware 0.9.16.006-1 (high)
- egroupware 1.0.0.007-3.dfsg-1 (high)
@@ -4583,7 +4583,7 @@
CAN-2005-1889 (Unknown vulnerability in Sun ONE Application Server 6.5 SP1 ...)
NOT-FOR-US: Sun ONE
CAN-2005-1888 (Cross-site scripting (XSS) vulnerability in MediaWiki before
1.4.5 ...)
- - mediawiki <itp> (bug #276057)
+ - mediawiki <itp> (bug #276057)
CAN-2005-1887 (Unknown vulnerability in the Sun Solaris C library (libc and
...)
NOT-FOR-US: Solaris
CAN-2005-1886 (Cross-site scripting (XSS) vulnerability in view.php in YaPiG
0.92b, ...)
@@ -6988,7 +6988,7 @@
- quake2 <unfixed> (bug #280573; low)
NOTE: CVE id requested from mitre
CAN-2005-1245 (Cross-site scripting (XSS) vulnerability in MediaWiki before
1.4.2, ...)
- - mediawiki <itp> (bug #276057)
+ - mediawiki <itp> (bug #276057)
CAN-2005-1244 (Directory traversal vulnerability in the third party tool from
NetIQ, ...)
NOT-FOR-US: AS/400 FTP server addon
CAN-2005-1243 (Directory traversal vulnerability in the third party tool from
...)
@@ -9115,11 +9115,11 @@
CAN-2005-0537 (Multiple SQL injection vulnerabilities in page.php for iGeneric
(iG) ...)
NOT-FOR-US: iGeneric (iG) Shop
CAN-2005-0536 (Directory traversal vulnerability in MediaWiki 1.3.x before
1.3.11 and ...)
- - mediawiki <itp> (bug #276057)
+ - mediawiki <itp> (bug #276057)
CAN-2005-0535 (Cross-site request forgery (CSRF) vulnerability in MediaWiki
1.3.x ...)
- - mediawiki <itp> (bug #276057)
+ - mediawiki <itp> (bug #276057)
CAN-2005-0534 (Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki
1.3.x ...)
- - mediawiki <itp> (bug #276057)
+ - mediawiki <itp> (bug #276057)
CAN-2005-0533 (Heap-based buffer overflow in Trend Micro AntiVirus Library
VSAPI ...)
NOT-FOR-US: Trend Micro AntiVirus
CAN-2005-0532 (The reiserfs_copy_from_user_to_file_region function in
reiserfs/file.c ...)
@@ -10164,7 +10164,7 @@
CAN-2004-1406 (SQL injection vulnerability in ikonboard.cgi in Ikonboard 3.1.0
...)
NOT-FOR-US: Ikonboard
CAN-2004-1405 (MediaWiki 1.3.8 and earlier, when used with Apache mod_mime,
does not ...)
- - mediawiki <itp> (bug #276057)
+ - mediawiki <itp> (bug #276057)
CAN-2004-1404 (Attachment Mod 2.3.10 module for phpBB, when used with Apache
...)
NOT-FOR-US: Attachment Mod for phpBB
CAN-2004-1403 (PHP remote code injection vulnerability in index.php in GNUBoard
3.39 ...)