[Secure-testing-commits] r24977 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Dec 30 15:26:06 UTC 2013
Author: carnil
Date: 2013-12-30 15:26:06 +0000 (Mon, 30 Dec 2013)
New Revision: 24977
Modified:
data/CVE/list
Log:
Add source package for CVE
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-12-30 14:47:17 UTC (rev 24976)
+++ data/CVE/list 2013-12-30 15:26:06 UTC (rev 24977)
@@ -6067,10 +6067,12 @@
CVE-2013-5212
RESERVED
NOT-FOR-US: easyXDM
-CVE-2013-5211
+CVE-2013-5211 [ntp monlist DDoS]
RESERVED
- TODO: check
+ - ntp <unfixed>
NOTE: http://bugs.ntp.org/show_bug.cgi?id=1532
+ NOTE: mitigated if noquery used. Only a problem for (public) ntp servers allowing
+ NOTE: querying ntpd status, so allowing monlist
CVE-2013-5210
RESERVED
NOT-FOR-US: Adtran Netvanta
More information about the Secure-testing-commits
mailing list