Author: mhelas-guest
Date: 2005-08-28 18:50:13 +0000 (Sun, 28 Aug 2005)
New Revision: 1700
Modified:
data/CAN/list
Log:
unclaimed my CANs as i am too busy ATM with other stuff.
Modified: data/CAN/list
===================================================================
--- data/CAN/list 2005-08-28 18:35:35 UTC (rev 1699)
+++ data/CAN/list 2005-08-28 18:50:13 UTC (rev 1700)
@@ -1774,7 +1774,6 @@
CAN-2002-2050 (Directory traversal vulnerability in processor_web plugin for
ModLogAn ...)
NOTE: fixed in 0.7.12-1
- modlogan 0.7.12-1 (low)
-begin claimed by zobel
CAN-2002-2049 (configure for Dsniff 2.3, fragroute 1.2, and fragrouter 1.6,
when ...)
TODO: check
CAN-2002-2048 (Buffer overflow in PFinger 0.7.8 client allows remote attackers
to ...)
@@ -1791,43 +1790,45 @@
CAN-2002-2043 (SQL injection vulnerability in the LDAP and MySQL
authentication patch ...)
TODO: check
CAN-2002-2042 (ptrace in the QNX realtime operating system (RTOS) 4.25 and
6.1.0 ...)
- TODO: check
+ NOTE: not-for-us (QNX)
CAN-2002-2041 (Multiple buffer overflows in realtime operating system (RTOS)
6.1.0 ...)
- TODO: check
+ NOTE: not-for-us (QNX)
CAN-2002-2040 (The (1) phrafx and (2) phgrafx-startup programs in QNX realtime
...)
- TODO: check
+ NOTE: not-for-us (QNX)
CAN-2002-2039 (/bin/su in QNX realtime operating system (RTOS) 4.25 and 6.1.0
allows ...)
- TODO: check
+ NOTE: not-for-us (QNX)
CAN-2002-2038 (Next Generation POSIX Threading (NGPT) 1.9.0 uses a
filesystem-based ...)
- TODO: check
+ TODO: check, ISS says Linux: Linux Any version
+ NOTE: http://lists.debian.org/debian-user/2003/10/msg03627.html
CAN-2002-2037 (The Cisco Media Gateway Controller (MGC) in (1) SC2200 7.4 and
...)
- TODO: check
+ NOTE: not-for-us (Cisco)
CAN-2002-2036 (Sun Ray Server Software (SRSS) 1.3, when Non-Smartcard Mobility
(NSCM) ...)
- TODO: check
+ NOTE: not-for-us (Sun)
CAN-2002-2035 (SQL injection vulnerability in RealityScape MyLogin 2000 1.0.0
and ...)
- TODO: check
+ NOTE: not-for-us (RealityScape)
CAN-2002-2034 (The Email Sanitizer before 1.133 for Procmail allows remote
attackers ...)
- TODO: check
+ NOTE: not-for-us (Email Sanitizer)
CAN-2002-2033 (faqmanager.cgi in FAQManager 2.2.5 and earlier allows remote
attackers ...)
- TODO: check
+ NOTE: not-for-us (FAQManager)
CAN-2002-2032 (sql_layer.php in PHP-Nuke 5.4 and earlier does not restrict
access to ...)
TODO: check
CAN-2002-2031 (Internet Explorer 5.0, 5.0.1 and 5.5 with JavaScript execution
enabled ...)
- TODO: check
+ NOTE: not-for-us (Microsoft)
CAN-2002-2030 (Stack-based buffer overflow in SQLData Enterprise Server 3.0
allows ...)
TODO: check
CAN-2002-2029 (PHP, when installed on Windows with Apache and ScriptAlias for
/php/ ...)
- TODO: check
+ NOTE: not-for-us (PHP, Mircrosoft)
CAN-2002-2028 (The screensaver on Windows NT 4.0, 2000, XP, and 2002 does not
verify ...)
- TODO: check
+ NOTE: not-for-us (Microsoft)
CAN-2002-2027 (Database of Our Owlish Wisdom (DOOW) 0.1 through 0.2.1 does not
...)
TODO: check
CAN-2002-2026 (Buffer overflow in BrowseFTP 1.62 client allows remote FTP
servers to ...)
- TODO: check
+ NOTE: not-for-us (BrowseFTP)
CAN-2002-2025 (Lotus Domino server 5.0.9a and earlier allows remote attackers
to ...)
- TODO: check
+ NOTE: not-for-us (Lotus Domino)
CAN-2002-2024 (Horde IMP 2.2.7 allows remote attackers to obtain the full web
root ...)
- TODO: check
+ NOTE: fixed in 3:2.2.6-5
+ - imp 3:2.2.6-5 (high)
CAN-2002-2023 (The get_parameter_from_freqency_source function in beep2 1.0,
1.1 and ...)
TODO: check
CAN-2002-2022 (Format string vulnerability in Kaffe OpenVM 1.0.6 and earlier
allows ...)
@@ -1902,7 +1903,6 @@
TODO: check
CAN-2002-1987 (Directory traversal vulnerability in view_source.jsp in Resin
2.1.2 ...)
TODO: check
-end claimed by zobel
CAN-2001-1572 (The MAC module in Netfilter in Linux kernel 2.4.1 through
2.4.11, when ...)
NOTE: presumably fixed in linux 2.4.12
CAN-2001-1571 (The Remote Desktop client in Windows XP sends the most recent
user ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
