Author: jmm-guest
Date: 2005-07-21 07:53:26 +0000 (Thu, 21 Jul 2005)
New Revision: 1448
Modified:
data/CAN/list
Log:
two new issues: freebsd and gopher
Modified: data/CAN/list
===================================================================
--- data/CAN/list 2005-07-21 07:38:21 UTC (rev 1447)
+++ data/CAN/list 2005-07-21 07:53:26 UTC (rev 1448)
@@ -1,3 +1,5 @@
+CAN-2005-XXXX [Insecure temp usage in gopher]
+ - gopher 3.0.8 (low)
CAN-2005-XXXX [fiaif: Package provided cron job updates conf files with access
definitions]
NOTE: This doesn't look like a real security issue as cron.daily should
only be
NOTE: writable by root, but lets include it as the maintainer considers
it an issue
@@ -498,8 +500,9 @@
NOTE: not-for-us (Dragonfly)
CAN-2005-2219 (Hosting Controller 6.1 Hotfix 2.1 allows remote authenticated
users to ...)
NOTE: not-for-us (Hosting Controller)
-CAN-2005-2218
+CAN-2005-2218 [freebsd: Weak permissions permit exposal of devfs nodes in
jails]
NOTE: reserved
+ - kfreebsd5-source 5.3-17 (medium)
CAN-2005-2217 (Dansie Shopping Cart stores the vars.dat file under the web
root with ...)
NOTE: not-for-us (Dansie Shopping Cart
CAN-2005-2216 (PHP remote file inclusion vulnerability in gals.php in PhotoGal
Photo ...)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
