Author: joeyh
Date: 2005-08-22 09:14:20 +0000 (Mon, 22 Aug 2005)
New Revision: 1623
Modified:
data/CAN/list
Log:
automatic CAN database update
Modified: data/CAN/list
===================================================================
--- data/CAN/list 2005-08-22 00:54:20 UTC (rev 1622)
+++ data/CAN/list 2005-08-22 09:14:20 UTC (rev 1623)
@@ -1,3 +1,43 @@
+CAN-2005-2653 (Cross-site scripting (XSS) vulnerability in BBCaffe 2.0 allows
remote ...)
+ TODO: check
+CAN-2005-2652 (Zorum 3.5 allows remote attackers to obtain the full
installation path ...)
+ TODO: check
+CAN-2005-2651 (gorum/prod.php in Zorum 3.5 allows remote attackers to execute
...)
+ TODO: check
+CAN-2005-2650 (Cross-site scripting (XSS) vulnerability in sign.asp in Emefa
...)
+ TODO: check
+CAN-2005-2649 (Cross-site scripting (XSS) vulnerability in ATutor 1.5.1 allows
remote ...)
+ TODO: check
+CAN-2005-2648 (Directory traversal vulnerability in index.php in W-Agora 4.2.0
and ...)
+ TODO: check
+CAN-2005-2647 (Cross-site scripting (XSS) vulnerability in Xerox MicroServer
Web ...)
+ TODO: check
+CAN-2005-2646 (Unknown vulnerability in Xerox MicroServer Web Server in
Document ...)
+ TODO: check
+CAN-2005-2645 (Unknown vulnerability in Xerox MicroServer Web Server in
Document ...)
+ TODO: check
+CAN-2005-2644 (Buffer overflow in JaguarEditControl.dll in Isemarket
JaguarControl ...)
+ TODO: check
+CAN-2005-2643 (Tor 0.1.0.13 and earlier, and experimental versions
0.1.1.4-alpha and ...)
+ TODO: check
+CAN-2005-2642 (Buffer overflow in the mutt_decode_xbit function in Handler.c
for Mutt ...)
+ TODO: check
+CAN-2005-2641 (Unknown vulnerability in pam_ldap before 180 does not properly
handle ...)
+ TODO: check
+CAN-2004-2483 (Kerio WinRoute Firewall before 6.0.9 uses information from PTR
queries ...)
+ TODO: check
+CAN-2004-2482 (Microsoft Outlook 2000 and 2003, when configured to use
Microsoft Word ...)
+ TODO: check
+CAN-2004-2481 (MyProxy 6.58 allows remote authenticated users in the Users Tab
to ...)
+ TODO: check
+CAN-2004-2480 (Squid Web Proxy Cache 2.3.STABLE5 allows remote attackers to
bypass ...)
+ TODO: check
+CAN-2004-2479 (Squid Web Proxy Cache 2.5 might allow remote attackers to
obtain ...)
+ TODO: check
+CAN-2004-2478 (Unspecified vulnerability in Jetty HTTP Server, which is
included in ...)
+ TODO: check
+CAN-2004-2477 (DiamondCS Process Guard Free 2.000 allows local users to
disable the ...)
+ TODO: check
CAN-2005-2640 (Behavioral discrepancy information leak in Juniper Netscreen
VPN ...)
NOTE: not-for-us (Juniper)
CAN-2005-2639 (Buffer overflow in Chris Moneymaker's World Poker Championship
1.0 ...)
@@ -1506,38 +1546,49 @@
CAN-2005-2271 (iCab 2.9.8 does not clearly associate a Javascript dialog box
with the ...)
NOTE: not-for-us (iCab)
CAN-2005-2270 (Firefox before 1.0.5 and Mozilla before 1.7.9 does not properly
clone ...)
+ {DSA-779-1}
- mozilla-firefox 1.0.5-1 (high)
- mozilla 2:1.7.10-1 (high)
- mozilla-thunderbird 1.0.6-1 (high)
CAN-2005-2269 (Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2
does ...)
+ {DSA-779-1}
- mozilla-firefox 1.0.5-1 (high)
- mozilla 2:1.7.10-1 (medium)
- mozilla-thunderbird 1.0.6-1 (medium)
CAN-2005-2268 (Firefox before 1.0.5 and Mozilla before 1.7.9 does not clearly
...)
+ {DSA-779-1}
- mozilla-firefox 1.0.5-1 (medium)
- mozilla 2:1.7.10-1 (medium)
CAN-2005-2267 (Firefox before 1.0.5 allows remote attackers to steal
information and ...)
+ {DSA-779-1}
- mozilla-firefox 1.0.5-1 (medium)
CAN-2005-2266 (Firefox before 1.0.5 and Mozilla before 1.7.9 allows a child
frame to ...)
+ {DSA-779-1}
- mozilla-firefox 1.0.5-1 (medium)
- mozilla 2:1.7.10-1 (medium)
- mozilla-thunderbird 1.0.6-1 (low)
CAN-2005-2265 (Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2
and 7.2 ...)
+ {DSA-779-1}
- mozilla-firefox 1.0.5-1 (high)
- mozilla 2:1.7.10-1 (medium)
- mozilla-thunderbird 1.0.6-1 (medium)
CAN-2005-2264 (Firefox before 1.0.5 allows remote attackers to steal sensitive
...)
+ {DSA-779-1}
- mozilla-firefox 1.0.5-1 (medium)
CAN-2005-2263 (The InstallTrigger.install method in Firefox before 1.0.5 and
Mozilla ...)
+ {DSA-779-1}
- mozilla-firefox 1.0.5-1 (medium)
- mozilla 2:1.7.10-1 (medium)
CAN-2005-2262 (Firefox 1.0.3 and 1.0.4, and Netscape 8.0.2, allows remote
attackers ...)
+ {DSA-779-1}
- mozilla-firefox 1.0.5-1 (medium)
CAN-2005-2261 (Firefox before 1.0.5, Thunderbird before 1.0.5, Mozilla before
1.7.9, ...)
+ {DSA-779-1}
- mozilla-firefox 1.0.5-1 (medium)
- mozilla 2:1.7.10-1 (medium)
- mozilla-thunderbird 1.0.6-1 (medium)
CAN-2005-2260 (The browser user interface in Firefox before 1.0.5, Mozilla
before ...)
+ {DSA-779-1}
- mozilla-firefox 1.0.5-1 (medium)
- mozilla 2:1.7.10-1 (medium)
CAN-2002-2086 (Multiple cross-site scripting (XSS) vulnerabilities in
magicHTML of ...)
@@ -3953,7 +4004,7 @@
NOTE: not-for-us (Web Blog)
CAN-2004-2126 (The upgrade for BlackICE PC Protection 3.6 and earlier sets
insecure ...)
NOTE: not-for-us (BlackICE)
-CAN-2004-2125 (Buffer overflow in blackd.exe for BlackICE PC Protection 3.6
and ...)
+CAN-2004-2125 (Buffer overflow in blackd.exe for BlackICE PC Protection 3.6
and other ...)
NOTE: not-for-us (BlackICE)
CAN-2004-2124 (The register_globals simulation capability in Gallery 1.3.1
through ...)
- gallery 1.4.4-pl1-1
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
