Author: jmm-guest
Date: 2005-10-19 15:11:26 +0000 (Wed, 19 Oct 2005)
New Revision: 2452
Modified:
data/CAN/list
Log:
convert more old data to the new syntax
Modified: data/CAN/list
==================================================================---
data/CAN/list 2005-10-19 09:29:37 UTC (rev 2451)
+++ data/CAN/list 2005-10-19 15:11:26 UTC (rev 2452)
@@ -3991,7 +3991,7 @@
{DSA-780-1}
- kdegraphics 4:3.4.2-1 (bug #322458; low)
- xpdf 3.00-15 (bug #322462; low)
- NOTE: tetex-bin not affected re bug #322467
+ - tetex-bin <not-affected> (pdftex doesn''t include or use the
vulnerable code)
- gpdf <unfixed> (bug #334454; low)
NOTE: only affects cupsys source package, not used in binary
- cupsys <unfixed> (bug #324464; unimportant)
@@ -4009,7 +4009,7 @@
- aide 0.10-6.1.1 (bug #317523; medium)
- amd64-libs 1.3 (bug #317970; medium)
- ia32-libs <unfixed> (bug #317971; medium)
- NOTE: dar-static claimed not used on untrusted input by maintainer in #317989
+ - dar <not-affected> (zlib not used on unstrusted input, see #317989)
- bacula 1.36.3-2 (bug #318014; medium)
- sash 3.7-6 (bug #318246; bug #318069; medium)
- libphysfs 1.0.0-5 (bug #318091; medium)
@@ -4045,7 +4045,7 @@
CAN-2005-2087 (Internet Explorer 6.0.2900.2180 on Windows XP allows remote
attackers ...)
NOT-FOR-US: Microsoft
CAN-2005-2086 (PHP remote file inclusion vulnerability in viewtopic.php in
phpBB ...)
- NOTE: phpbb versions in Debian not affected
+ - phpbb2 <unfixed> (phpbb versions in Debian not affected)
CAN-2005-2085 (Buffer overflow in Inframail Advantage Server Edition 6.0
through 6.7 ...)
NOT-FOR-US: Inframail
CAN-2005-2084 (Cross-site scripting (XSS) vulnerability in SearchResults.aspx
in ...)
@@ -4091,7 +4091,6 @@
- sdd 1.52-1
CAN-2004-2141
REJECTED
- NOT-FOR-US: YaBB
CAN-2004-2140 (CRLF injection vulnerability in YaBB 1 Gold before 1.3.2 allows
remote ...)
NOT-FOR-US: YaBB
CAN-2004-2139 (Unknown vulnerability in Adminedit.pl YaBB 1 Gold before 1.3.2
allows ...)
@@ -4216,7 +4215,7 @@
CAN-2002-1958 (Cross-site scripting (XSS) vulnerability in kmMail 1.0 through
1.0b ...)
NOT-FOR-US: kmMail
CAN-2002-1957 (Buffer overflow in the netlog function in pen.c for Pen 0.9.1
and ...)
- NOTE: pen was introduced after this old vulnerability
+ - pen <not-affected> (pen was introduced after this old vulnerability)
CAN-2002-1956 (ROX Filer 1.1.9 and 1.2 is installed with world writable
permissions, ...)
- rox 1.3.0-1
CAN-2002-1955 (Iomega NAS A300U uses cleartext LANMAN authentication when
mounting ...)
@@ -4232,42 +4231,42 @@
CAN-2002-1952 (phpRank 1.8 does not properly check the return codes for MySQL
...)
NOT-FOR-US: phpRank
CAN-2002-1951 (Buffer overflow in GoAhead WebServer 2.1 allows remote attackers
to ...)
- NOTE: not-for-us
+ NOT-FOR-US: GoAhead WebServer
CAN-2002-1950 (Cross-site scripting (XSS) vulnerability in phpRank 1.8 allows
remote ...)
- NOTE: not-for-us
+ NOT-FOR-US: phpRank
CAN-2002-1949 (The Network Attached Storage (NAS) Administration Web Page for
Iomega ...)
- NOTE: not-for-us
+ NOT-FOR-US: Iomega NAS
+ NOT-FOR-US:
CAN-2002-1948 (Multiple buffer overflows in Gringotts 0.5.9 allows local users
to ...)
- NOTE: not-for-us
- NOTE: fixed before Gringotts was in Debian
+ - gringotts <not-affected (fixed before Gringotts was in Debian)
CAN-2002-1947 (Webmin 0.21 through 1.0 uses the same built-in SSL key for all
...)
- webmin 1.000-2
CAN-2002-1946 (Videsh Sanchar Nigam Limited (VSNL) Integrated Dialer Software
...)
- NOTE: not-for-us
+ NOT-FOR-US: VNSL
CAN-2002-1945 (Buffer overflow in SmartMail Server 1.0 Beta 10 allows remote
...)
- NOTE: not-for-us
+ NOT-FOR-US: SmailMail
CAN-2002-1944 (Motorola Surfboard 4200 cable modem allows remote attackers to
cause a ...)
- NOTE: not-for-us
+ NOT-FOR-US: Motorola Surfboard
CAN-2002-1943 (SafeTP 1.46, when network address translation (NAT) is being
used, ...)
- NOTE: not-for-us
+ NOT-FOR-US: SafeTP
CAN-2002-1942 (Imatix Xitami 2.5 b5 does not properly terminate certain
Keep-Alive ...)
- NOTE: not-for-us
+ NOT-FOR-US: Imatix
CAN-2002-1941 (Buffer overflow in RadioBird WebServer 4 Everyone 1.28 allows
remote ...)
- NOTE: not-for-us
+ NOT-FOR-US: RadioBird
CAN-2002-1940 (LCC-Win32 3.2 compiler, when running on Windows 95, 98, or ME,
writes ...)
- NOTE: not-for-us
+ NOT-FOR-US: LCC-Win32
CAN-2002-1939 (FlashFXP 1.4 prints FTP passwords in plaintext when there are
...)
- NOTE: not-for-us
+ NOT-FOR-US: FlashFXP
CAN-2002-1938 (Virgil CGI Scanner 0.9 allows remote attackers to execute
arbitrary ...)
- NOTE: not-for-us
+ NOT-FOR-US: Virgil CGI Scanner
CAN-2002-1937 (Symantec Firewall/VPN Appliance 100 through 200R hardcodes the
...)
- NOTE: not-for-us
+ NOT-FOR-US: Symantex Appliance
CAN-2002-1936 (UTStarcom BAS 1000 3.1.10 creates several default or back door
...)
- NOTE: not-for-us
+ NOT-FOR-US: UTStarcom
CAN-2002-1935 (Pingtel Xpressa 1.2.5 through 2.0.1 uses predictable (1)
Call-ID, (2) ...)
- NOTE: not-for-us
+ NOT-FOR-US: Pingtel Xpressa
CAN-2002-1934 (Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through
2.0.1 ...)
- NOTE: not-for-us
+ NOT-FOR-US: Pingtel Xpressa
CAN-2002-1933 (The terminal services screensaver for Microsoft Windows 2000
does not ...)
NOTE: not-for-us
CAN-2002-1932 (Microsoft Windows XP and Windows 2000, when configured to send
...)