[Secure-testing-commits] r22889 - data/CVE

Joey Hess joeyh at alioth.debian.org
Tue Jul 9 21:14:31 UTC 2013 

Author: joeyh
Date: 2013-07-09 21:14:31 +0000 (Tue, 09 Jul 2013)
New Revision: 22889

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-07-09 14:40:25 UTC (rev 22888)
+++ data/CVE/list	2013-07-09 21:14:31 UTC (rev 22889)
@@ -1,8 +1,26 @@
-CVE-2013-4785
+CVE-2013-4786 (The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange ...)
+	TODO: check
+CVE-2013-4784 (The HP Integrated Lights-Out (iLO) BMC implementation allows remote ...)
+	TODO: check
+CVE-2013-4781
+	RESERVED
+CVE-2013-4780
+	RESERVED
+CVE-2013-4779
+	RESERVED
+CVE-2013-4778
+	RESERVED
+CVE-2013-4777
+	RESERVED
+CVE-2013-4776
+	RESERVED
+CVE-2013-4775
+	RESERVED
+CVE-2013-4785 (The web interface for Dell iDRAC 6 firmware 1.7, and possibly other ...)
 	NOT-FOR-US: Dell
-CVE-2013-4783
+CVE-2013-4783 (The Dell iDRAC 6 BMC implementation allows remote attackers to bypass ...)
 	NOT-FOR-US: Dell
-CVE-2013-4782
+CVE-2013-4782 (The Supermicro BMC implementation allows remote attackers to bypass ...)
 	NOT-FOR-US: Supermicro
 CVE-2013-4774
 	RESERVED
@@ -3218,10 +3236,9 @@
 	RESERVED
 CVE-2013-3274
 	RESERVED
-CVE-2013-3273
-	RESERVED
-CVE-2013-3272
-	RESERVED
+CVE-2013-3273 (EMC RSA Authentication Manager 8.0 before P2 and 7.1 before SP4 P26, ...)
+	TODO: check
+CVE-2013-3272 (EMC Replication Manager (RM) before 5.4.4 places encoded passwords in ...)
 	NOT-FOR-US: EMC
 CVE-2013-3271
 	RESERVED
@@ -5813,32 +5830,25 @@
 	- linux-2.6 <removed>
 	- linux 3.9.4-1
 	[wheezy] - linux 3.2.46-1
-CVE-2013-2205
-	RESERVED
+CVE-2013-2205 (The default configuration of SWFUpload in WordPress before 3.5.2 has ...)
 	{DSA-2718-1}
 	- wordpress 3.5.2+dfsg-1 (bug #713947)
-CVE-2013-2204
-	RESERVED
+CVE-2013-2204 (moxieplayer.as in Moxiecode moxieplayer, as used in the TinyMCE Media ...)
 	{DSA-2718-1}
 	- wordpress 3.5.2+dfsg-1 (bug #713947)
-CVE-2013-2203
-	RESERVED
+CVE-2013-2203 (WordPress before 3.5.2, when the uploads directory forbids write ...)
 	{DSA-2718-1}
 	- wordpress 3.5.2+dfsg-1 (bug #713947)
-CVE-2013-2202
-	RESERVED
+CVE-2013-2202 (WordPress before 3.5.2 allows remote attackers to read arbitrary files ...)
 	{DSA-2718-1}
 	- wordpress 3.5.2+dfsg-1 (bug #713947)
-CVE-2013-2201
-	RESERVED
+CVE-2013-2201 (Multiple cross-site scripting (XSS) vulnerabilities in WordPress ...)
 	{DSA-2718-1}
 	- wordpress 3.5.2+dfsg-1 (bug #713947)
-CVE-2013-2200
-	RESERVED
+CVE-2013-2200 (WordPress before 3.5.2 does not properly check the capabilities of ...)
 	{DSA-2718-1}
 	- wordpress 3.5.2+dfsg-1 (bug #713947)
-CVE-2013-2199
-	RESERVED
+CVE-2013-2199 (The HTTP API in WordPress before 3.5.2 allows remote attackers to send ...)
 	{DSA-2718-1}
 	- wordpress 3.5.2+dfsg-1 (bug #713947)
 CVE-2013-2198
@@ -7865,12 +7875,12 @@
 	RESERVED
 CVE-2013-1616
 	RESERVED
-CVE-2013-1615
-	RESERVED
-CVE-2013-1614
-	RESERVED
-CVE-2013-1613
-	RESERVED
+CVE-2013-1615 (The management console (aka Java console) on the Symantec Security ...)
+	TODO: check
+CVE-2013-1614 (Multiple cross-site scripting (XSS) vulnerabilities in the management ...)
+	TODO: check
+CVE-2013-1613 (SQL injection vulnerability in the management console (aka Java ...)
+	TODO: check
 CVE-2013-1612 (Buffer overflow in secars.dll in the management console in Symantec ...)
 	NOT-FOR-US: Symantec
 CVE-2013-1611 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
@@ -8413,8 +8423,8 @@
 	[squeeze] - krb5 <no-dsa> (Minor issue)
 	NOTE: https://github.com/krb5/krb5/commit/c773d3c775e9b2d88bcdff5f8a8ba88d7ec4e8ed
 	NOTE: https://github.com/krb5/krb5/commit/b71f8c4aacea8849ceaf31a2fa95e143f3943097
-CVE-2013-1414
-	RESERVED
+CVE-2013-1414 (Multiple cross-site request forgery (CSRF) vulnerabilities in Fortinet ...)
+	TODO: check
 CVE-2012-6521 (Cross-site scripting (XSS) vulnerability in ...)
 	NOT-FOR-US: Elefant CMS
 CVE-2012-6520 (Multiple SQL injection vulnerabilities in the advanced search in ...)
@@ -9196,8 +9206,7 @@
 	RESERVED
 CVE-2013-1060
 	RESERVED
-CVE-2013-1059
-	RESERVED
+CVE-2013-1059 (net/ceph/auth_none.c in the Linux kernel through 3.10 allows remote ...)
 	- linux <unfixed> (low)
 	- linux-2.6 <removed> (low)
 	[squeeze] - linux-2.6 <not-affected> (CEPH was introduced in 2.6.34)
@@ -11812,18 +11821,15 @@
 	- ircd-hybrid 1:7.2.2.dfsg.2-10 (bug #699267; high)
 	[squeeze] - ircd-hybrid 7.2.2.dfsg.2-6.2+squeeze1
 	- oftc-hybrid <unfixed>
-CVE-2013-0237 [wordpress: XSS in external library Plupload fixed in 3.5.1]
-	RESERVED
+CVE-2013-0237 (Cross-site scripting (XSS) vulnerability in Plupload.as in Moxiecode ...)
 	- wordpress 3.5.1+dfsg-1 (bug #698929)
 	NOTE: http://wordpress.org/news/2013/01/wordpress-3-5-1/
 	NOTE: CVE request http://www.openwall.com/lists/oss-security/2013/01/25/7
-CVE-2013-0236 [wordpress: XSS fixed in 3.5.1]
-	RESERVED
+CVE-2013-0236 (Multiple cross-site scripting (XSS) vulnerabilities in WordPress ...)
 	- wordpress 3.5.1+dfsg-1 (bug #698927)
 	NOTE: http://wordpress.org/news/2013/01/wordpress-3-5-1/
 	NOTE: CVE request http://www.openwall.com/lists/oss-security/2013/01/25/7
-CVE-2013-0235 [wordpress: server-side request forgery and remote port scanning using pingbacks]
-	RESERVED
+CVE-2013-0235 (The XMLRPC API in WordPress before 3.5.1 allows remote attackers to ...)
 	- wordpress 3.5.1+dfsg-1 (bug #698916)
 	NOTE: http://wordpress.org/news/2013/01/wordpress-3-5-1/
 	NOTE: CVE request http://www.openwall.com/lists/oss-security/2013/01/25/7

More information about the Secure-testing-commits mailing list