[Secure-testing-team] [patch 1/3] Syntax tweaks for data/CAN/list
Florian Weimer
fw at deneb.enyo.de
Sat Sep 10 14:46:29 UTC 2005
Index: secure-testing/data/CAN/list
===================================================================
--- secure-testing.orig/data/CAN/list 2005-09-10 16:28:02.000000000 +0200
+++ secure-testing/data/CAN/list 2005-09-10 16:31:21.000000000 +0200
@@ -1611,7 +1611,7 @@
CAN-2005-2404 (SQL injection vulnerability in sendcard.php in Sendcard 3.2.3 allows ...)
NOTE: not-for-us (Sendcard)
CAN-2005-2403 (The login protocol in RealChat 3.5.1b does not use authentication, ...)
- NPTE: not-for-us (RealChat)
+ NOTE: not-for-us (RealChat)
CAN-2005-2402 (Cross-site scripting (XSS) vulnerability in search.php in ...)
NOTE: not-for-us (PHPSiteSearch)
CAN-2005-2401 (PHP-Fusion allows remote attackers to inject arbitrary Cascading Style ...)
@@ -2152,7 +2152,7 @@
CAN-2002-2060 (Buffer overflow in Links 2.0 pre4 allows remote attackers to crash ...)
- links2 2.1pre16-2 (low)
CAN-2002-2059 (BIOS D845BG, D845HV, D845PT and D845WN on Intel motherboards does not ...)
- NOTE; not-for-us (Intel)
+ NOTE: not-for-us (Intel)
CAN-2002-2058 (TeeKai Tracking Online 1.0 uses weak encryption of web usage ...)
NOTE: not-for-us (TeeKai)
CAN-2002-2057 (TeeKai Forum 1.2 uses weak encryption of web usage statistics in ...)
@@ -4439,7 +4439,7 @@
- kernel-source-2.4.27 2.4.27-11 (medium)
CAN-2005-1767 (Unknown vulnerability in the Linux kernel 2.6.x and 2.4.x allows local ...)
NOTE: linux-2.6 not affected (already fixed)
- - kernel-source 2.4.27 2.4.27-11 (unknown)
+ - kernel-source-2.4.27 2.4.27-11 (unknown)
CAN-2005-1766 (Heap-based buffer overflow in rtffplin.cpp in RealPlayer 10.5 ...)
NOTE: not-for-us (RealPlayer)
CAN-2005-1765 (syscall in the Linux kernel 2.6.8.1 and 2.6.10 for the AMD64 platform, ...)
@@ -6019,7 +6019,7 @@
NOTE: not-for-us (Apple)
CAN-2005-1471 (Heap-based buffer overflow in RSA SecurID Web Agent 5, 5.2, and 5.3 ...)
NOTE: not-for-us (RSA SecurID Web Agent)
-CAn-2005-XXXX [race condition with a buffered temp file]
+CAN-2005-XXXX [race condition with a buffered temp file]
NOTE: no bug ever filed for this one
- pysvn 1.1.2-3
CAN-2005-XXXX [mailutils: sql injection vulnerability in sql authentication module]
@@ -12371,7 +12371,7 @@
NOTE: not-for-us (BEA WebLogic Server and WebLogic Express)
CAN-2004-0651 (Unknown vulnerability in Sun Java Runtime Environment (JRE) 1.4.2 ...)
NOTE: JRE is not in Debian, assuming the various wrappers handle
- NOTE the new version. Not worrying about upgrades.
+ NOTE: the new version. Not worrying about upgrades.
CAN-2004-0650 (UploadServlet in Cisco Collaboration Server (CCS) running ServletExec ...)
NOTE: not-for-us (Cisco)
CAN-2004-0649 (Buffer overflow in write_packet in control.c for l2tpd may allow ...)
@@ -14739,7 +14739,7 @@
CAN-2003-0512 (Cisco IOS 12.2 and earlier generates a "% Login invalid" message ...)
NOTE: not-for-us (Cisco)
CAN-2003-0511 (The web server for Cisco Aironet AP1x00 Series Wireless devices ...)
- NOTE not-for-us (Cisco Aironet AP1x00 Series Wireless devices)
+ NOTE: not-for-us (Cisco Aironet AP1x00 Series Wireless devices)
CAN-2003-0510 (Format string vulnerability in ezbounce 1.0 through 1.50 allows remote ...)
NOTE: not-for-us (ezbounce)
CAN-2003-0509 (SQL injection vulnerability in Cyberstrong eShop 4.2 and earlier ...)
--
More information about the Secure-testing-team
mailing list