[Secure-testing-commits] r21143 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Mon Feb 4 21:14:51 UTC 2013
Author: joeyh
Date: 2013-02-04 21:14:51 +0000 (Mon, 04 Feb 2013)
New Revision: 21143
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-02-04 20:49:08 UTC (rev 21142)
+++ data/CVE/list 2013-02-04 21:14:51 UTC (rev 21143)
@@ -1,52 +1,43 @@
CVE-2013-1591 (Stack-based buffer overflow in libpixman, as used in Pale Moon before ...)
TODO: check
-CVE-2013-1590 [http://www.wireshark.org/security/wnpa-sec-2013-09.html]
- RESERVED
+CVE-2013-1590 (Buffer overflow in the NTLMSSP dissector in Wireshark 1.6.x before ...)
- wireshark <unfixed>
-CVE-2013-1589 [http://www.wireshark.org/security/wnpa-sec-2013-08.html]
- RESERVED
+CVE-2013-1589 (Double free vulnerability in epan/proto.c in the dissection engine in ...)
- wireshark <unfixed> (unimportant)
NOTE: Not suitable for code injection
-CVE-2013-1588 [DCP-ETSI dissector crash]
- RESERVED
+CVE-2013-1588 (Multiple buffer overflows in the dissect_pft_fec_detailed function in ...)
- wireshark <unfixed>
NOTE: Upstream bug: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8213
NOTE: Upstream patch: http://anonsvn.wireshark.org/viewvc?view=revision&revision=47098
TODO: check
-CVE-2013-1587 [ROHC dissector crash]
- RESERVED
+CVE-2013-1587 (The dissect_rohc_ir_packet function in epan/dissectors/packet-rohc.c ...)
- wireshark <unfixed>
NOTE: Upstream bug: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7679
NOTE: Upstream patch: http://anonsvn.wireshark.org/viewvc?view=revision&revision=44700
TODO: check
-CVE-2013-1586 [DTLS dissector crash]
- RESERVED
+CVE-2013-1586 (The fragment_set_tot_len function in epan/reassemble.c in Wireshark ...)
- wireshark <unfixed>
NOTE: Upstream bug: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8111
NOTE: http://anonsvn.wireshark.org/viewvc?view=revision&revision=46999
NOTE: http://anonsvn.wireshark.org/viewvc?view=revision&revision=47000
TODO: check
-CVE-2013-1585 [MS-MMC dissector crash]
- RESERVED
+CVE-2013-1585 (epan/tvbuff.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 ...)
- wireshark <unfixed>
NOTE: Upstream bug: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8112
NOTE: http://anonsvn.wireshark.org/viewvc?view=revision&revision=46705
NOTE: http://anonsvn.wireshark.org/viewvc?view=revision&revision=46678
TODO: check
-CVE-2013-1584 [Invalid read (crash) in the DTN dissector]
- RESERVED
+CVE-2013-1584 (The dissect_version_5_and_6_primary_header function in ...)
- wireshark <unfixed>
NOTE: Upstream bug: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7945
NOTE: http://anonsvn.wireshark.org/viewvc?view=revision&revision=46579
TODO: check
-CVE-2013-1583 [Invalid read (crash) in the DTN dissector]
- RESERVED
+CVE-2013-1583 (The dissect_version_4_primary_header function in ...)
- wireshark <unfixed>
NOTE: Upstream bug: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7945
NOTE: http://anonsvn.wireshark.org/viewvc?view=revision&revision=46577
TODO: check
-CVE-2013-1582 [Infinite loop / crash in the CLNP dissector]
- RESERVED
+CVE-2013-1582 (The dissect_clnp function in epan/dissectors/packet-clnp.c in the CLNP ...)
- wireshark <unfixed>
NOTE: Upstream bug: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7871
NOTE: http://anonsvn.wireshark.org/viewvc?view=revision&revision=45646
@@ -282,44 +273,34 @@
TODO: check
CVE-2010-5287 (SQL injection vulnerability in default.php in Cornerstone Technologies ...)
TODO: check
-CVE-2013-1581 [http://www.wireshark.org/security/wnpa-sec-2013-01.html]
- RESERVED
+CVE-2013-1581 (The dissect_pft_fec_detailed function in ...)
- wireshark <unfixed> (unimportant)
NOTE: Not suitable for code injection
-CVE-2013-1580 [http://www.wireshark.org/security/wnpa-sec-2013-01.html]
- RESERVED
+CVE-2013-1580 (The dissect_cmstatus_tlv function in plugins/docsis/packet-cmstatus.c ...)
- wireshark <unfixed> (unimportant)
NOTE: Not suitable for code injection
-CVE-2013-1579 [http://www.wireshark.org/security/wnpa-sec-2013-01.html]
- RESERVED
+CVE-2013-1579 (The rtps_util_add_bitmap function in epan/dissectors/packet-rtps.c in ...)
- wireshark <unfixed> (unimportant)
NOTE: Not suitable for code injection
-CVE-2013-1578 [http://www.wireshark.org/security/wnpa-sec-2013-01.html]
- RESERVED
+CVE-2013-1578 (The dissect_pw_eth_heuristic function in ...)
- wireshark <unfixed> (unimportant)
NOTE: Not suitable for code injection
-CVE-2013-1577 [http://www.wireshark.org/security/wnpa-sec-2013-01.html]
- RESERVED
+CVE-2013-1577 (The dissect_sip_p_charging_func_addresses function in ...)
- wireshark <unfixed> (unimportant)
NOTE: Not suitable for code injection
-CVE-2013-1576 [http://www.wireshark.org/security/wnpa-sec-2013-01.html]
- RESERVED
+CVE-2013-1576 (The dissect_sdp_media_attribute function in ...)
- wireshark <unfixed> (unimportant)
NOTE: Not suitable for code injection
-CVE-2013-1575 [http://www.wireshark.org/security/wnpa-sec-2013-01.html]
- RESERVED
+CVE-2013-1575 (The dissect_r3_cmd_alarmconfigure function in ...)
- wireshark <unfixed> (unimportant)
NOTE: Not suitable for code injection
-CVE-2013-1574 [http://www.wireshark.org/security/wnpa-sec-2013-01.html]
- RESERVED
+CVE-2013-1574 (The dissect_bthci_eir_ad_data function in ...)
- wireshark <unfixed> (unimportant)
NOTE: Not suitable for code injection
-CVE-2013-1573 [http://www.wireshark.org/security/wnpa-sec-2013-01.html]
- RESERVED
+CVE-2013-1573 (The csnStreamDissector function in epan/dissectors/packet-csn1.c in ...)
- wireshark <unfixed> (unimportant)
NOTE: Not suitable for code injection
-CVE-2013-1572 [http://www.wireshark.org/security/wnpa-sec-2013-01.html]
- RESERVED
+CVE-2013-1572 (The dissect_oampdu_event_notification function in ...)
- wireshark <unfixed> (unimportant)
NOTE: Not suitable for code injection
CVE-2013-1470
@@ -2805,8 +2786,8 @@
RESERVED
CVE-2012-6353
RESERVED
-CVE-2012-6352
- RESERVED
+CVE-2012-6352 (The Session Manager in IBM Sterling Connect:Direct through 4.1.0.3 on ...)
+ TODO: check
CVE-2012-6351
RESERVED
CVE-2012-6350 (Cross-site scripting (XSS) vulnerability in the Web component in IBM ...)
@@ -3411,13 +3392,11 @@
RESERVED
CVE-2013-0215
RESERVED
-CVE-2013-0214 [potential XSRF in SWAT]
- RESERVED
+CVE-2013-0214 (Cross-site request forgery (CSRF) vulnerability in the Samba Web ...)
{DSA-2617-1}
- samba 2:3.6.6-5
- samba4 <unfixed>
-CVE-2013-0213 [clickjacking issue in SWAT]
- RESERVED
+CVE-2013-0213 (The Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.21, ...)
{DSA-2617-1}
- samba 2:3.6.6-5
- samba4 <unfixed>
More information about the Secure-testing-commits
mailing list