[Secure-testing-commits] r20204 - data/CVE
Luciano Bello
luciano at alioth.debian.org
Thu Sep 20 18:51:54 UTC 2012
Author: luciano
Date: 2012-09-20 18:51:54 +0000 (Thu, 20 Sep 2012)
New Revision: 20204
Modified:
data/CVE/list
Log:
CVEs assigned to fwknop issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-09-20 18:41:46 UTC (rev 20203)
+++ data/CVE/list 2012-09-20 18:51:54 UTC (rev 20204)
@@ -1,5 +1,3 @@
-CVE-2012-XXXX [fwknop 2.0.3: Multiple security issues]
- - fwknop <unfixed> (bug #688151)
CVE-2012-4969 (Use-after-free vulnerability in the CMshtmlEd::Exec function in ...)
NOT-FOR-US: Internet Explorer
CVE-2012-4968 (Multiple cross-site scripting (XSS) vulnerabilities in SilverStripe ...)
@@ -1538,15 +1536,27 @@
NOTE: http://secunia.com/advisories/50589/
NOTE: http://code.google.com/p/smarty-php/source/browse/trunk/distribution/change_log.txt
NOTE: http://code.google.com/p/smarty-php/source/detail?r=4658
-CVE-2012-4436
+CVE-2012-4436 [local buffer overflow in --last processing with a maliciously constructed ~/.fwknop.run file]
RESERVED
-CVE-2012-4435
+ - fwknop <unfixed> (bug #688151)
+ TODO: check
+ NOTE: http://seclists.org/oss-sec/2012/q3/509
+ NOTE: http://www.cipherdyne.org/cgi-bin/gitweb.cgi?p=fwknop.git;a=commitdiff;h=a60f05ad44e824f6230b22f8976399340cb535dc
+CVE-2012-4435 [fwknop 2.0.3: server did not properly validate allow IP addresses ... ]
RESERVED
-CVE-2012-4434
+ - fwknop <unfixed> (bug #688151)
+ TODO: check
+ NOTE: http://seclists.org/oss-sec/2012/q3/509
+ NOTE: http://www.cipherdyne.org/cgi-bin/gitweb.cgi?p=fwknop.git;a=commitdiff;h=f4c16bc47fc24a96b63105556b62d61c1ba7d799
+CVE-2012-4434 [fwknop 2.0.3: multiple DoS / code execution flaw]
RESERVED
+ - fwknop <unfixed> (bug #688151)
+ TODO: check
+ NOTE: http://seclists.org/oss-sec/2012/q3/509
+ NOTE: http://www.cipherdyne.org/cgi-bin/gitweb.cgi?p=fwknop.git;a=commitdiff;h=d46ba1c027a11e45821ba897a4928819bccc8f22
CVE-2012-4433
RESERVED
-CVE-2012-4432 [[OptiPNG Palette Reduction Use-After-Free Vulnerability]
+CVE-2012-4432 [OptiPNG Palette Reduction Use-After-Free Vulnerability]
RESERVED
- optipng <not-affected> (Introduced in 0.7, bug #687998)
CVE-2012-4431
More information about the Secure-testing-commits
mailing list