[Secure-testing-commits] r17367 - data/CVE

Joey Hess joeyh at alioth.debian.org
Tue Oct 4 21:14:31 UTC 2011 

Author: joeyh
Date: 2011-10-04 21:14:31 +0000 (Tue, 04 Oct 2011)
New Revision: 17367

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-10-04 20:19:16 UTC (rev 17366)
+++ data/CVE/list	2011-10-04 21:14:31 UTC (rev 17367)
@@ -1,3 +1,17 @@
+CVE-2011-3981 (PHP remote file inclusion vulnerability in actions.php in the ...)
+	TODO: check
+CVE-2011-3980 (Unspecified vulnerability in the Drag Drop Mass Upload ...)
+	TODO: check
+CVE-2011-3979 (Cross-site scripting (XSS) vulnerability in ...)
+	TODO: check
+CVE-2011-3978 (Multiple cross-site scripting (XSS) vulnerabilities in LightNEasy.php ...)
+	TODO: check
+CVE-2011-3977 (Unspecified vulnerability in nxconfigure.sh in NoMachine NX Node 3.x ...)
+	TODO: check
+CVE-2011-3976 (Stack-based buffer overflow in AmmSoft ScriptFTP 3.3 allows remote FTP ...)
+	TODO: check
+CVE-2011-3975 (A certain HTC update for Android 2.3.4 build GRJ22, when the Sense ...)
+	TODO: check
 CVE-2011-3974 (Integer signedness error in the decode_residual_inter function in ...)
 	- libav 4:0.7.1-7 (bug #641478)
 	- ffmpeg <removed>
@@ -361,7 +375,7 @@
 	TODO: check
 CVE-2011-3815 (WeBid 1.0.0 allows remote attackers to obtain sensitive information ...)
 	TODO: check
-CVE-2011-3814 (WebCaLendar 1.2.3 allows remote attackers to obtain sensitive ...)
+CVE-2011-3814 (WebCalendar 1.2.3 allows remote attackers to obtain sensitive ...)
 	- webcalendar <removed> (unimportant)
 CVE-2011-3813 (Virtual War (aka VWar) 1.5.0r15 allows remote attackers to obtain ...)
 	TODO: check
@@ -1307,8 +1321,7 @@
 	NOT-FOR-US: Phorum
 CVE-2011-3391 (IBM Rational Build Forge 7.1.2 relies on client-side JavaScript code ...)
 	NOT-FOR-US: IBM Rational Build Forge
-CVE-2011-3354 [quassel ctcp DoS]
-	RESERVED
+CVE-2011-3354 (The CtcpParser::packedReply method in core/ctcpparser.cpp in Quassel ...)
 	- quassel 0.7.3-1 (low; bug #640960)
 	[squeeze] - quassel <no-dsa> (Minor issue)
 	NOTE: http://git.quassel-irc.org/?p=quassel.git;a=commit;h=da215fcb9cd3096a3e223c87577d5d4ab8f8518b
@@ -1583,32 +1596,32 @@
 	RESERVED
 CVE-2011-3283
 	RESERVED
-CVE-2011-3282
-	RESERVED
-CVE-2011-3281
-	RESERVED
-CVE-2011-3280
-	RESERVED
-CVE-2011-3279
-	RESERVED
-CVE-2011-3278
-	RESERVED
-CVE-2011-3277
-	RESERVED
-CVE-2011-3276
-	RESERVED
-CVE-2011-3275
-	RESERVED
-CVE-2011-3274
-	RESERVED
-CVE-2011-3273
-	RESERVED
-CVE-2011-3272
-	RESERVED
-CVE-2011-3271
-	RESERVED
-CVE-2011-3270
-	RESERVED
+CVE-2011-3282 (Unspecified vulnerability in Cisco IOS 12.2SRE before 12.2(33)SRE4, ...)
+	TODO: check
+CVE-2011-3281 (Unspecified vulnerability in Cisco IOS 15.0 through 15.1, in certain ...)
+	TODO: check
+CVE-2011-3280 (Memory leak in the NAT implementation in Cisco IOS 12.1 through 12.4 ...)
+	TODO: check
+CVE-2011-3279 (The provider-edge MPLS NAT implementation in Cisco IOS 12.1 through ...)
+	TODO: check
+CVE-2011-3278 (Unspecified vulnerability in the NAT implementation in Cisco IOS 12.1 ...)
+	TODO: check
+CVE-2011-3277 (Unspecified vulnerability in the NAT implementation in Cisco IOS 12.1 ...)
+	TODO: check
+CVE-2011-3276 (Unspecified vulnerability in the NAT implementation in Cisco IOS 12.1 ...)
+	TODO: check
+CVE-2011-3275 (Memory leak in Cisco IOS 12.4, 15.0, and 15.1, and IOS XE 2.5.x ...)
+	TODO: check
+CVE-2011-3274 (Unspecified vulnerability in Cisco IOS 12.2SRE before 12.2(33)SRE4, ...)
+	TODO: check
+CVE-2011-3273 (Memory leak in Cisco IOS 15.0 through 15.1, when IPS or Zone-Based ...)
+	TODO: check
+CVE-2011-3272 (The IP Service Level Agreement (IP SLA) functionality in Cisco IOS ...)
+	TODO: check
+CVE-2011-3271 (Unspecified vulnerability in the Smart Install functionality in Cisco ...)
+	TODO: check
+CVE-2011-3270 (Unspecified vulnerability in Cisco IOS 12.2SB before 12.2(33)SB10 and ...)
+	TODO: check
 CVE-2011-3269
 	RESERVED
 CVE-2011-3268 (Buffer overflow in the crypt function in PHP before 5.3.7 allows ...)
@@ -2661,8 +2674,8 @@
 CVE-2011-2895 (The LZW decompressor in (1) the BufCompressedFill function in ...)
 	{DSA-2293-1}
 	- libxfont 1:1.4.4-1
-CVE-2011-2894
-	RESERVED
+CVE-2011-2894 (Spring Framework 3.0.0 through 3.0.5, Spring Security 3.0.0 through ...)
+	TODO: check
 CVE-2011-2893 (The DataPilot feature in IBM Lotus Symphony 3 before FP3 allows ...)
 	NOT-FOR-US: IBM Lotus Symphony
 CVE-2011-2892 (Joomla! 1.6.x before 1.6.2 does not prevent page rendering inside a ...)
@@ -4927,8 +4940,8 @@
 	NOT-FOR-US: Skype
 CVE-2011-2073
 	RESERVED
-CVE-2011-2072
-	RESERVED
+CVE-2011-2072 (Memory leak in Cisco IOS 12.4, 15.0, and 15.1, Cisco IOS XE 2.5.x ...)
+	TODO: check
 CVE-2011-2071
 	RESERVED
 CVE-2011-2070
@@ -6255,8 +6268,7 @@
 	- libmodplug 1:0.8.8.2-1 (low; bug #622091)
 CVE-2011-1573
 	RESERVED
-CVE-2011-1572 [ADC path traversal]
-	RESERVED
+CVE-2011-1572 (Directory traversal vulnerability in the Admin Defined Commands (ADC) ...)
 	{DSA-2215-1}
 	- gitolite 1.5.7-2
 	NOTE: https://github.com/sitaramc/gitolite/commit/a33f0f85047834212ff4baf5b479c6cf3d2a6075
@@ -8281,12 +8293,12 @@
 	RESERVED
 CVE-2011-0947
 	RESERVED
-CVE-2011-0946
-	RESERVED
-CVE-2011-0945
-	RESERVED
-CVE-2011-0944
-	RESERVED
+CVE-2011-0946 (The NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through ...)
+	TODO: check
+CVE-2011-0945 (Memory leak in the Data-link switching (aka DLSw) feature in Cisco IOS ...)
+	TODO: check
+CVE-2011-0944 (Cisco IOS 12.4, 15.0, and 15.1 allows remote attackers to cause a ...)
+	TODO: check
 CVE-2011-0943 (Cisco IOS XR 3.8.3, 3.8.4, and 3.9.1 allows remote attackers to cause ...)
 	NOT-FOR-US: Cisco
 CVE-2011-0942
@@ -8295,8 +8307,8 @@
 	RESERVED
 CVE-2011-0940
 	RESERVED
-CVE-2011-0939
-	RESERVED
+CVE-2011-0939 (Unspecified vulnerability in Cisco IOS 12.4, 15.0, and 15.1, and IOS ...)
+	TODO: check
 CVE-2011-0938
 	RESERVED
 CVE-2011-0937

More information about the Secure-testing-commits mailing list