[Secure-testing-commits] r17656 - data/CVE

Mon Nov 21 21:15:54 UTC 2011

Author: joeyh
Date: 2011-11-21 21:15:54 +0000 (Mon, 21 Nov 2011)
New Revision: 17656

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2011-11-21 19:17:54 UTC (rev 17655)
+++ data/CVE/list	2011-11-21 21:15:54 UTC (rev 17656)
@@ -1,3 +1,71 @@
+CVE-2011-4498 (Cross-site request forgery (CSRF) vulnerability in the web console in ...)
+	TODO: check
+CVE-2011-4497 (QIS_wizard.htm on the ASUS RT-N56U router with firmware before ...)
+	TODO: check
+CVE-2011-4496 (Buffer overflow in Aviosoft DTV Player 1.0.1.2 allows remote attackers ...)
+	TODO: check
+CVE-2011-4495
+	RESERVED
+CVE-2011-4494
+	RESERVED
+CVE-2011-4493
+	RESERVED
+CVE-2011-4492
+	RESERVED
+CVE-2011-4491
+	RESERVED
+CVE-2011-4490
+	RESERVED
+CVE-2011-4489
+	RESERVED
+CVE-2011-4488
+	RESERVED
+CVE-2011-4487
+	RESERVED
+CVE-2011-4486
+	RESERVED
+CVE-2011-4485
+	RESERVED
+CVE-2011-4484
+	RESERVED
+CVE-2011-4483
+	RESERVED
+CVE-2011-4482
+	RESERVED
+CVE-2011-4481
+	RESERVED
+CVE-2011-4480
+	RESERVED
+CVE-2011-4479
+	RESERVED
+CVE-2011-4478
+	RESERVED
+CVE-2011-4477
+	RESERVED
+CVE-2011-4476
+	RESERVED
+CVE-2011-4475
+	RESERVED
+CVE-2011-4474
+	RESERVED
+CVE-2011-4473
+	RESERVED
+CVE-2011-4472
+	RESERVED
+CVE-2011-4471
+	RESERVED
+CVE-2011-4470
+	RESERVED
+CVE-2011-4469
+	RESERVED
+CVE-2011-4468
+	RESERVED
+CVE-2011-4467
+	RESERVED
+CVE-2011-4466
+	RESERVED
+CVE-2011-4465 (Cross-site scripting (XSS) vulnerability in IBM Lotus Mobile Connect ...)
+	TODO: check
 CVE-2011-XXXX [busybox integer overflow]
 	- busybox <unfixed> (unimportant; bug #635370)
 	NOTE: not sure if this has a security impact, but its something that should be corrected
@@ -163,8 +231,8 @@
 	RESERVED
 CVE-2011-4405
 	RESERVED
-CVE-2011-4404
-	RESERVED
+CVE-2011-4404 (The default configuration of the HTTP server in Jetty in vSphere ...)
+	TODO: check
 CVE-2011-4403
 	RESERVED
 CVE-2011-4402
@@ -363,8 +431,8 @@
 	NOTE: http://www.isc.org/software/bind/advisories/cve-2011-4313
 CVE-2011-4312
 	RESERVED
-CVE-2011-4311
-	RESERVED
+CVE-2011-4311 (ResourceSpace before 4.2.2833 does not properly validate access keys, ...)
+	TODO: check
 CVE-2011-4310
 	RESERVED
 CVE-2011-4309
@@ -894,8 +962,8 @@
 	RESERVED
 CVE-2011-4160
 	RESERVED
-CVE-2011-4159
-	RESERVED
+CVE-2011-4159 (Unspecified vulnerability in System Administration Manager (SAM) in ...)
+	TODO: check
 CVE-2011-4158 (Unspecified vulnerability in HP Directories Support for ProLiant ...)
 	NOT-FOR-US: HP Directories Support
 CVE-2011-4157 (Stack-based buffer overflow in hydra.exe in HP SAN/iQ before 9.5 on ...)
@@ -1040,6 +1108,7 @@
 	{DSA-2344-1}
 	- python-django-piston 0.2.2-2 (high; bug #647315)
 CVE-2011-4102 (Heap-based buffer overflow in the erf_read_header function in ...)
+	{DSA-2351-1}
 	- wireshark 1.6.3-1
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2011-19.html
 	NOTE: http://anonsvn.wireshark.org/viewvc/trunk/wiretap/erf.c?r1=39508&r2=39507&pathrev=39508&view=patch
@@ -1213,8 +1282,8 @@
 	RESERVED
 CVE-2011-4041
 	RESERVED
-CVE-2011-4040
-	RESERVED
+CVE-2011-4040 (Buffer overflow in MiniSmtp 3.0.11818 in NJStar Communicator allows ...)
+	TODO: check
 CVE-2011-4039
 	RESERVED
 CVE-2011-4038
@@ -1896,8 +1965,8 @@
 	NOT-FOR-US: Wordpress theme
 CVE-2011-3850 (Cross-site scripting (XSS) vulnerability in the Atahualpa theme before ...)
 	NOT-FOR-US: Wordpress theme
-CVE-2011-3849
-	RESERVED
+CVE-2011-3849 (Unspecified vulnerability in dxserver before 6279 in CA Directory 8.1 ...)
+	TODO: check
 CVE-2011-3848 (Directory traversal vulnerability in Puppet 2.6.x before 2.6.10 and ...)
 	{DSA-2314-1}
 	- puppet 2.7.3-2


