thr3ads.net - Secure testing commits - [Secure-testing-commits] r2194

If this information is useful, please help other people find it:
Share via:

Moritz Muehlenhoff

2005-Sep-27 17:40 UTC

[Secure-testing-commits] r2194 - data/CAN

Author: jmm-guest
Date: 2005-09-27 17:40:11 +0000 (Tue, 27 Sep 2005)
New Revision: 2194

Modified:
   data/CAN/list
Log:
three new issues:
two new local kernel dos
incorrect access control in php4/5


Modified: data/CAN/list
==================================================================---
data/CAN/list	2005-09-27 16:55:45 UTC (rev 2193)
+++ data/CAN/list	2005-09-27 17:40:11 UTC (rev 2194)
@@ -1,37 +1,36 @@
-begin claimed by jmm
 CAN-2005-3060
-	NOTE: reserved
+	RESERVED
 CAN-2005-3059 (Multiple unspecified vulnerabilities in Opera 8.50 on Linux and
...)
-	TODO: check
+	NOT-FOR-US: Opera
 CAN-2005-3058
-	NOTE: reserved
+	RESERVED
 CAN-2005-3057
-	NOTE: reserved
+	RESERVED
 CAN-2005-3056
-	NOTE: reserved
+	RESERVED
 CAN-2005-3055 (Linux kernel 2.6.8 to 2.6.14-rc2 allows local users to cause a
denial ...)
-	TODO: check
+	- linux-2.6 <unfixed> (bug filed; medium)
 CAN-2005-3054 (fopen_wrappers.c in PHP 4.4.0, and possibly other versions, does
not ...)
-	TODO: check
+	- php4 <unfixed> (bug #353585; medium)
+	- php5 <unfixed> (bug #353585; medium)
 CAN-2005-3053 (The sys_set_mempolicy function in mempolicy.c in Linux kernel
2.6.x ...)
-	TODO: check
+	- linux-2.6 <unfixed> (bug filed; medium)
 CAN-2005-3052 (SQL injection vulnerability in module/down.inc.php in jportal
2.3.1 ...)
-	TODO: check
+	NOT-FOR-US: jportal
 CAN-2005-3051 (Stack-based buffer overflow in 7-Zip 3.13, 4.23, and 4.26 BETA
allows ...)
-	TODO: check
+	NOT-FOR-US: 7-Zip
 CAN-2005-3050 (PhpMyFaq 1.5.1 allows remote attackers to obtain sensitive
information ...)
-	TODO: check
+	NOT-FOR-US: PhpMyFaq
 CAN-2005-3049 (PhpMyFaq 1.5.1 stores data files under the web document root
with ...)
-	TODO: check
+	NOT-FOR-US: PhpMyFaq
 CAN-2005-3048 (Directory traversal vulnerability in index.php in PhpMyFaq 1.5.1
...)
-	TODO: check
+	NOT-FOR-US: PhpMyFaq
 CAN-2005-3047 (Multiple cross-site scripting (XSS) vulnerabilities in PhpMyFaq
1.5.1 ...)
-	TODO: check
+	NOT-FOR-US: PhpMyFaq
 CAN-2005-3046 (SQL injection vulnerability in password.php in PhpMyFaq 1.5.1
allows ...)
-	TODO: check
+	NOT-FOR-US: PhpMyFaq
 CAN-2005-3045 (SQL injection vulnerability in search.php in My Little Forum 1.5
and ...)
-	TODO: check
-end claimed by jmm
+	NOT-FOR-US: My Little Forum
 CAN-2003-1232 (Emacs 21.2.1 does not prompt or warn the user before executing
Lisp ...)
 	- emacs21 21.3-1 (bug #286183; medium)
 	TODO: check xemacs21

Secure testing commits - Sep 2005 - r2194 - data/CAN

[Secure-testing-commits] r2194 - data/CAN