Author: stef-guest
Date: 2005-08-24 20:57:08 +0000 (Wed, 24 Aug 2005)
New Revision: 1638
Modified:
data/CAN/list
Log:
check a few old CANs
Modified: data/CAN/list
===================================================================
--- data/CAN/list 2005-08-24 19:53:08 UTC (rev 1637)
+++ data/CAN/list 2005-08-24 20:57:08 UTC (rev 1638)
@@ -564,46 +564,48 @@
TODO: check
CAN-2004-2313 (Inter7 SqWebMail 3.4.1 through 3.6.1 generates different error
...)
TODO: check
+ NOTE: Did not find reference to fix in upstream changelog or any other
hint that it is fixed
+ NOTE: pinged Maintainer
CAN-2004-2312 (Buffer overflow in GNU make for IBM AIX 4.3.3, when installed
setgid, ...)
- TODO: check
+ NOTE: not-for-us (AIX only)
CAN-2004-2311 (Directory traversal vulnerability in webadmin.nsf in Lotus
Domino R6 ...)
- TODO: check
+ NOTE: not-for-us (Lotus Domino)
CAN-2004-2310 (Cross-site scripting (XSS) vulnerability in webadmin.nsf in
Lotus ...)
- TODO: check
+ NOTE: not-for-us (Lotus Domino)
CAN-2004-2309 (Directory traversal vulnerability in Crob FTP Server 3.5.1
allows ...)
- TODO: check
+ NOTE: not-for-us (Crob FTP Server)
CAN-2004-2308 (Cross-site scripting (XSS) vulnerability in cPanel 9.1.0 and
possibly ...)
- TODO: check
+ NOTE: not-for-us (cPanel; see www.cpanel.net; has nothing to do with
Debian package cpanel)
CAN-2004-2307 (Microsoft Internet Explorer 6.0.2600 on Windows XP allows
remote ...)
- TODO: check
+ NOTE: not-for-us (MS IE)
CAN-2004-2306 (Sun Solaris 7 through 9, when Basic Security Module (BSM) is
enabled ...)
- TODO: check
+ NOTE: not-for-us (Solaris)
CAN-2004-2305 (Computer Associates eTrust Antivirus EE 6.0 through 7.0 allows
remote ...)
- TODO: check
+ NOTE: not-for-us (Computer Associates)
CAN-2004-2304 (Integer overflow in Trillian 0.74 and earlier, and Trillian Pro
2.01 ...)
- TODO: check
+ NOTE: not-for-us (Trillian)
CAN-2004-2303 (MTools Mformat before 3.9.9, when installed setuid root,
creates files ...)
- TODO: check
+ - mtools 3.9.9
CAN-2003-1228 (Buffer overflow in the prepare_reply function in request.c for
Mathopd ...)
- TODO: check
+ - mathopd 1.5b14
CAN-2003-1227 (PHP remote file include vulnerability in index.php for Gallery
1.4 and ...)
- TODO: check
+ - gallery 1.4.1
CAN-2003-1226 (BEA WebLogic Server and Express 7.0 and 7.0.0.1 stores certain
secrets ...)
- TODO: check
+ NOTE: not-for-us (BEA)
CAN-2003-1225 (The default CredentialMapper for BEA WebLogic Server and
Express 7.0 ...)
- TODO: check
+ NOTE: not-for-us (BEA)
CAN-2003-1224 (Weblogic.admin for BEA WebLogic Server and Express 7.0 and
7.0.0.1 ...)
- TODO: check
+ NOTE: not-for-us (BEA)
CAN-2003-1223 (The Node Manager for BEA WebLogic Express and Server 6.1
through 8.1 ...)
- TODO: check
+ NOTE: not-for-us (BEA)
CAN-2003-1222 (BEA Weblogic Express and Server 8.0 through 8.1 SP 1, when
using a ...)
- TODO: check
+ NOTE: not-for-us (BEA)
CAN-2003-1221 (BEA WebLogic Express and Server 7.0 through 8.1 SP 1, under
certain ...)
- TODO: check
+ NOTE: not-for-us (BEA)
CAN-2003-1220 (BEA WebLogic Server proxy plugin for BEA Weblogic Express and
Server ...)
- TODO: check
+ NOTE: not-for-us (BEA)
CAN-2002-2123 (PHP remote file inclusion vulnerability in publish_xp_docs.php
for ...)
- TODO: check
+ - gallery 1.3.3
CAN-2005-XXXX [DoS against clamav through infinite loop in cli_rmdirs]
- clamav 0.86.2-1 (low)
CAN-2005-2554 (The web server for Network Associates ePolicy Orchestrator
Agent 3.5.0 ...)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
