[Secure-testing-commits] r23466 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Thu Aug 29 09:14:33 UTC 2013
Author: joeyh
Date: 2013-08-29 09:14:33 +0000 (Thu, 29 Aug 2013)
New Revision: 23466
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-08-29 09:11:11 UTC (rev 23465)
+++ data/CVE/list 2013-08-29 09:14:33 UTC (rev 23466)
@@ -1,5 +1,12 @@
+CVE-2013-5638
+ RESERVED
+CVE-2013-5637
+ RESERVED
+CVE-2013-5636
+ RESERVED
+CVE-2013-5635
+ RESERVED
CVE-2013-5647 [Command Injection]
- RESERVED
NOT-FOR-US: Sounder Ruby Gem
CVE-2013-5642
- asterisk <unfixed> (bug #721220)
@@ -3297,9 +3304,11 @@
CVE-2013-4164
RESERVED
CVE-2013-4163 (The ip6_append_data_mtu function in net/ipv6/ip6_output.c in the IPv6 ...)
+ {DSA-2745-1}
- linux 3.10.5-1
- linux-2.6 <not-affected> (Introduced in 3.5)
CVE-2013-4162 (The udp_v6_push_pending_frames function in net/ipv6/udp.c in the IPv6 ...)
+ {DSA-2745-1}
- linux 3.10.5-1 (low)
- linux-2.6 <removed> (low)
CVE-2013-4161
@@ -3696,8 +3705,8 @@
RESERVED
CVE-2013-4040
RESERVED
-CVE-2013-4039
- RESERVED
+CVE-2013-4039 (IBM WebSphere Extended Deployment Compute Grid 8.0 before 8.0.0.3 ...)
+ TODO: check
CVE-2013-4038 (The Intelligent Platform Management Interface (IPMI) implementation in ...)
TODO: check
CVE-2013-4037 (The RAKP protocol support in the Intelligent Platform Management ...)
@@ -3708,8 +3717,7 @@
RESERVED
CVE-2013-4034
RESERVED
-CVE-2013-4033
- RESERVED
+CVE-2013-4033 (IBM DB2 and DB2 Connect 9.7 through FP8, 9.8 through FP5, 10.1 through ...)
NOT-FOR-US: IBM DB2
CVE-2013-4032
RESERVED
@@ -4671,10 +4679,10 @@
RESERVED
CVE-2013-3599
RESERVED
-CVE-2013-3598
- RESERVED
-CVE-2013-3597
- RESERVED
+CVE-2013-3598 (Directory traversal vulnerability in servlet/CreateTemplateServlet in ...)
+ TODO: check
+CVE-2013-3597 (servlet/CollectionListServlet in SearchBlox before 7.5 build 1 allows ...)
+ TODO: check
CVE-2013-3596
RESERVED
CVE-2013-3595
@@ -4687,8 +4695,8 @@
RESERVED
CVE-2013-3591
RESERVED
-CVE-2013-3590
- RESERVED
+CVE-2013-3590 (Unrestricted file upload vulnerability in admin/uploadImage.html in ...)
+ TODO: check
CVE-2013-3589
RESERVED
CVE-2013-3588
@@ -4696,16 +4704,16 @@
CVE-2013-3587
RESERVED
TODO: check
-CVE-2013-3586
- RESERVED
-CVE-2013-3585
- RESERVED
-CVE-2013-3584
- RESERVED
-CVE-2013-3583
- RESERVED
-CVE-2013-3582
- RESERVED
+CVE-2013-3586 (Samsung Web Viewer for Samsung DVR devices allows remote attackers to ...)
+ TODO: check
+CVE-2013-3585 (Samsung Web Viewer for Samsung DVR devices stores credentials in ...)
+ TODO: check
+CVE-2013-3584 (Cross-site scripting (XSS) vulnerability in Corporater EPM Suite ...)
+ TODO: check
+CVE-2013-3583 (Cross-site request forgery (CSRF) vulnerability in saveProperties.html ...)
+ TODO: check
+CVE-2013-3582 (Buffer overflow in Dell BIOS on Dell Latitude D###, E####, XT2, and ...)
+ TODO: check
CVE-2013-3581 (ajax.cgi in the web interface on the Choice Wireless Green Packet ...)
NOT-FOR-US: Choice Wireless Green Packet WIXFMR-111 4G WiMax modem
CVE-2013-3580 (The TrustGo Antivirus & Mobile Security application before 1.3.6 for ...)
@@ -5378,8 +5386,7 @@
NOT-FOR-US: EMC
CVE-2013-3272 (EMC Replication Manager (RM) before 5.4.4 places encoded passwords in ...)
NOT-FOR-US: EMC
-CVE-2013-3271
- RESERVED
+CVE-2013-3271 (EMC RSA Authentication Agent for PAM 7.0 before 7.0.2.1 enforces the ...)
NOT-FOR-US: EMC
CVE-2013-3270 (EMC VNX Control Station before 7.1.70.2 and Celerra Control Station ...)
NOT-FOR-US: EMC
@@ -5830,8 +5837,7 @@
NOT-FOR-US: vCenter
CVE-2013-3078
RESERVED
-CVE-2013-3077 [local ip_multicast buffer overflow]
- RESERVED
+CVE-2013-3077 (Multiple integer overflows in the IP_MSFILTER and IPV6_MSFILTER ...)
{DSA-2743-1}
- kfreebsd-8 <unfixed> (bug #720470)
- kfreebsd-9 9.2~svn254368-2 (bug #720468)
@@ -6392,9 +6398,11 @@
- chromium-browser 28.0.1500.71-1
[squeeze] - chromium-browser <end-of-life>
CVE-2013-2852 (Format string vulnerability in the b43_request_firmware function in ...)
+ {DSA-2745-1}
- linux 3.9.8-1 (low)
- linux-2.6 <removed> (low)
CVE-2013-2851 (Format string vulnerability in the register_disk function in ...)
+ {DSA-2745-1}
- linux 3.9.8-1 (low)
- linux-2.6 <removed> (low)
CVE-2013-2850 (Heap-based buffer overflow in the iscsi_add_notunderstood_response ...)
@@ -6519,8 +6527,8 @@
RESERVED
CVE-2013-2805
RESERVED
-CVE-2013-2804
- RESERVED
+CVE-2013-2804 (The DNP Master Driver in Software Toolbox TOP Server before 5.12.140.0 ...)
+ TODO: check
CVE-2013-2803
RESERVED
CVE-2013-2802 (The universal protocol implementation in Sixnet UDR before 2.0 and RTU ...)
@@ -6563,8 +6571,8 @@
NOT-FOR-US: Triangle Research International
CVE-2013-2783 (The DNP3 driver in IOServer drivers 1.0.19.0 allows remote attackers ...)
NOT-FOR-US: IOServer DNP3 drivers
-CVE-2013-2782
- RESERVED
+CVE-2013-2782 (Schneider Electric Trio J-Series License Free Ethernet Radio with ...)
+ TODO: check
CVE-2013-2781 (Use-after-free vulnerability in the server application in 3S CODESYS ...)
NOT-FOR-US: 3S CODESYS Gateway
CVE-2013-2780 (Siemens SIMATIC S7-1200 PLCs 2.x and 3.x allow remote attackers to ...)
@@ -7730,8 +7738,7 @@
NOT-FOR-US: HP SMH
CVE-2013-2354
RESERVED
-CVE-2013-2353
- RESERVED
+CVE-2013-2353 (Unspecified vulnerability in HP StoreOnce D2D Backup System 1.x before ...)
NOT-FOR-US: HP
CVE-2013-2352 (LeftHand OS (aka SAN iQ) 10.5 and earlier on HP StoreVirtual Storage ...)
NOT-FOR-US: HP
@@ -8015,6 +8022,7 @@
RESERVED
- freeswitch <itp> (bug #389591)
CVE-2013-2237 (The key_notify_policy_flush function in net/key/af_key.c in the Linux ...)
+ {DSA-2745-1}
- linux-2.6 <removed> (low)
- linux 3.9.4-1 (low)
NOTE: https://github.com/torvalds/linux/commit/85dfb745ee40232876663ae206cba35f24ab2a40
@@ -8025,6 +8033,7 @@
CVE-2013-2235
RESERVED
CVE-2013-2234 (The (1) key_notify_sa_flush and (2) key_notify_policy_flush functions ...)
+ {DSA-2745-1}
- linux-2.6 <removed>
- linux 3.10.1-1
CVE-2013-2233 [not caching SSH host keys]
@@ -8032,6 +8041,7 @@
- ansible <unfixed> (bug #714822)
NOTE: https://github.com/ansible/ansible/issues/857
CVE-2013-2232 (The ip6_sk_dst_check function in net/ipv6/ip6_output.c in the Linux ...)
+ {DSA-2745-1}
- linux-2.6 <removed>
- linux 3.10.1-1
CVE-2013-2231 [qemu-ga win32 service unquoted search path]
@@ -8266,6 +8276,7 @@
CVE-2013-2165 (ResourceBuilderImpl.java in the RichFaces 3.x through 5.x ...)
- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
CVE-2013-2164 (The mmc_ioctl_cdrom_read_data function in drivers/cdrom/cdrom.c in the ...)
+ {DSA-2745-1}
- linux-2.6 <removed> (low)
- linux 3.9.8-1 (low)
CVE-2013-2163 [monkey denial of service]
@@ -8315,6 +8326,7 @@
RESERVED
- owncloud 4.0.16debian-1 (bug #711517)
CVE-2013-2148 (The fill_event_metadata function in fs/notify/fanotify/fanotify_user.c ...)
+ {DSA-2745-1}
- linux-2.6 <removed> (low)
[squeeze] - linux-2.6 <not-affected> (fanotify introduced in 2.6.36)
- linux 3.9.8-1 (low)
@@ -11535,6 +11547,7 @@
CVE-2013-1060
RESERVED
CVE-2013-1059 (net/ceph/auth_none.c in the Linux kernel through 3.10 allows remote ...)
+ {DSA-2745-1}
- linux 3.10.1-1 (low)
- linux-2.6 <removed> (low)
[squeeze] - linux-2.6 <not-affected> (CEPH was introduced in 2.6.34)
More information about the Secure-testing-commits
mailing list