[Secure-testing-commits] r21143 - data/CVE

Joey Hess joeyh at alioth.debian.org
Mon Feb 4 21:14:51 UTC 2013


Author: joeyh
Date: 2013-02-04 21:14:51 +0000 (Mon, 04 Feb 2013)
New Revision: 21143

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-02-04 20:49:08 UTC (rev 21142)
+++ data/CVE/list	2013-02-04 21:14:51 UTC (rev 21143)
@@ -1,52 +1,43 @@
 CVE-2013-1591 (Stack-based buffer overflow in libpixman, as used in Pale Moon before ...)
 	TODO: check
-CVE-2013-1590 [http://www.wireshark.org/security/wnpa-sec-2013-09.html]
-	RESERVED
+CVE-2013-1590 (Buffer overflow in the NTLMSSP dissector in Wireshark 1.6.x before ...)
 	- wireshark <unfixed>
-CVE-2013-1589 [http://www.wireshark.org/security/wnpa-sec-2013-08.html]
-	RESERVED
+CVE-2013-1589 (Double free vulnerability in epan/proto.c in the dissection engine in ...)
 	- wireshark <unfixed> (unimportant)
 	NOTE: Not suitable for code injection
-CVE-2013-1588 [DCP-ETSI dissector crash]
-	RESERVED
+CVE-2013-1588 (Multiple buffer overflows in the dissect_pft_fec_detailed function in ...)
 	- wireshark <unfixed>
 	NOTE: Upstream bug: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8213
 	NOTE: Upstream patch: http://anonsvn.wireshark.org/viewvc?view=revision&revision=47098
 	TODO: check
-CVE-2013-1587 [ROHC dissector crash]
-	RESERVED
+CVE-2013-1587 (The dissect_rohc_ir_packet function in epan/dissectors/packet-rohc.c ...)
 	- wireshark <unfixed>
 	NOTE: Upstream bug: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7679
 	NOTE: Upstream patch: http://anonsvn.wireshark.org/viewvc?view=revision&revision=44700
 	TODO: check
-CVE-2013-1586 [DTLS dissector crash]
-	RESERVED
+CVE-2013-1586 (The fragment_set_tot_len function in epan/reassemble.c in Wireshark ...)
 	- wireshark <unfixed>
 	NOTE: Upstream bug: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8111
 	NOTE: http://anonsvn.wireshark.org/viewvc?view=revision&revision=46999
 	NOTE: http://anonsvn.wireshark.org/viewvc?view=revision&revision=47000
 	TODO: check
-CVE-2013-1585 [MS-MMC dissector crash]
-	RESERVED
+CVE-2013-1585 (epan/tvbuff.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 ...)
 	- wireshark <unfixed>
 	NOTE: Upstream bug: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8112
 	NOTE: http://anonsvn.wireshark.org/viewvc?view=revision&revision=46705
 	NOTE: http://anonsvn.wireshark.org/viewvc?view=revision&revision=46678
 	TODO: check
-CVE-2013-1584 [Invalid read (crash) in the DTN dissector]
-	RESERVED
+CVE-2013-1584 (The dissect_version_5_and_6_primary_header function in ...)
 	- wireshark <unfixed>
 	NOTE: Upstream bug: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7945
 	NOTE: http://anonsvn.wireshark.org/viewvc?view=revision&revision=46579
 	TODO: check
-CVE-2013-1583 [Invalid read (crash) in the DTN dissector]
-	RESERVED
+CVE-2013-1583 (The dissect_version_4_primary_header function in ...)
 	- wireshark <unfixed>
 	NOTE: Upstream bug: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7945
 	NOTE: http://anonsvn.wireshark.org/viewvc?view=revision&revision=46577
 	TODO: check
-CVE-2013-1582 [Infinite loop / crash in the CLNP dissector]
-	RESERVED
+CVE-2013-1582 (The dissect_clnp function in epan/dissectors/packet-clnp.c in the CLNP ...)
 	- wireshark <unfixed>
 	NOTE: Upstream bug: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7871
 	NOTE: http://anonsvn.wireshark.org/viewvc?view=revision&revision=45646
@@ -282,44 +273,34 @@
 	TODO: check
 CVE-2010-5287 (SQL injection vulnerability in default.php in Cornerstone Technologies ...)
 	TODO: check
-CVE-2013-1581 [http://www.wireshark.org/security/wnpa-sec-2013-01.html]
-	RESERVED
+CVE-2013-1581 (The dissect_pft_fec_detailed function in ...)
 	- wireshark <unfixed> (unimportant)
 	NOTE: Not suitable for code injection
-CVE-2013-1580 [http://www.wireshark.org/security/wnpa-sec-2013-01.html]
-	RESERVED
+CVE-2013-1580 (The dissect_cmstatus_tlv function in plugins/docsis/packet-cmstatus.c ...)
 	- wireshark <unfixed> (unimportant)
 	NOTE: Not suitable for code injection
-CVE-2013-1579 [http://www.wireshark.org/security/wnpa-sec-2013-01.html]
-	RESERVED
+CVE-2013-1579 (The rtps_util_add_bitmap function in epan/dissectors/packet-rtps.c in ...)
 	- wireshark <unfixed> (unimportant)
 	NOTE: Not suitable for code injection
-CVE-2013-1578 [http://www.wireshark.org/security/wnpa-sec-2013-01.html]
-	RESERVED
+CVE-2013-1578 (The dissect_pw_eth_heuristic function in ...)
 	- wireshark <unfixed> (unimportant)
 	NOTE: Not suitable for code injection
-CVE-2013-1577 [http://www.wireshark.org/security/wnpa-sec-2013-01.html]
-	RESERVED
+CVE-2013-1577 (The dissect_sip_p_charging_func_addresses function in ...)
 	- wireshark <unfixed> (unimportant)
 	NOTE: Not suitable for code injection
-CVE-2013-1576 [http://www.wireshark.org/security/wnpa-sec-2013-01.html]
-	RESERVED
+CVE-2013-1576 (The dissect_sdp_media_attribute function in ...)
 	- wireshark <unfixed> (unimportant)
 	NOTE: Not suitable for code injection
-CVE-2013-1575 [http://www.wireshark.org/security/wnpa-sec-2013-01.html]
-	RESERVED
+CVE-2013-1575 (The dissect_r3_cmd_alarmconfigure function in ...)
 	- wireshark <unfixed> (unimportant)
 	NOTE: Not suitable for code injection
-CVE-2013-1574 [http://www.wireshark.org/security/wnpa-sec-2013-01.html]
-	RESERVED
+CVE-2013-1574 (The dissect_bthci_eir_ad_data function in ...)
 	- wireshark <unfixed> (unimportant)
 	NOTE: Not suitable for code injection
-CVE-2013-1573 [http://www.wireshark.org/security/wnpa-sec-2013-01.html]
-	RESERVED
+CVE-2013-1573 (The csnStreamDissector function in epan/dissectors/packet-csn1.c in ...)
 	- wireshark <unfixed> (unimportant)
 	NOTE: Not suitable for code injection
-CVE-2013-1572 [http://www.wireshark.org/security/wnpa-sec-2013-01.html]
-	RESERVED
+CVE-2013-1572 (The dissect_oampdu_event_notification function in ...)
 	- wireshark <unfixed> (unimportant)
 	NOTE: Not suitable for code injection
 CVE-2013-1470
@@ -2805,8 +2786,8 @@
 	RESERVED
 CVE-2012-6353
 	RESERVED
-CVE-2012-6352
-	RESERVED
+CVE-2012-6352 (The Session Manager in IBM Sterling Connect:Direct through 4.1.0.3 on ...)
+	TODO: check
 CVE-2012-6351
 	RESERVED
 CVE-2012-6350 (Cross-site scripting (XSS) vulnerability in the Web component in IBM ...)
@@ -3411,13 +3392,11 @@
 	RESERVED
 CVE-2013-0215
 	RESERVED
-CVE-2013-0214 [potential XSRF in SWAT]
-	RESERVED
+CVE-2013-0214 (Cross-site request forgery (CSRF) vulnerability in the Samba Web ...)
 	{DSA-2617-1}
 	- samba 2:3.6.6-5
 	- samba4 <unfixed>
-CVE-2013-0213 [clickjacking issue in SWAT]
-	RESERVED
+CVE-2013-0213 (The Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.21, ...)
 	{DSA-2617-1}
 	- samba 2:3.6.6-5
 	- samba4 <unfixed>




More information about the Secure-testing-commits mailing list