[Secure-testing-commits] r21552 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Fri Mar 8 13:32:00 UTC 2013
Author: jmm
Date: 2013-03-08 13:32:00 +0000 (Fri, 08 Mar 2013)
New Revision: 21552
Modified:
data/CVE/list
Log:
mark wiresharks not suitable for code injection as unimportant
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-03-08 08:07:51 UTC (rev 21551)
+++ data/CVE/list 2013-03-08 13:32:00 UTC (rev 21552)
@@ -15,74 +15,74 @@
TODO: squeeze version 1.2.x affected also?
CVE-2013-2487 [RELOAD dissector infinite loop]
RESERVED
- - wireshark <unfixed>
+ - wireshark <unfixed> (unimportant)
[squeeze] - wireshark <not-affected> (only 1.8.x series)
NOTE: http://www.wireshark.org/security/wnpa-sec-2013-21.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8364
NOTE: Versions affected: 1.8.0 to 1.8.5
+ NOTE: Not suitable for code injection
CVE-2013-2486 [RELOAD dissector infinite loop]
RESERVED
- - wireshark <unfixed>
+ - wireshark <unfixed> (unimportant)
[squeeze] - wireshark <not-affected> (only 1.8.x series)
NOTE: http://www.wireshark.org/security/wnpa-sec-2013-21.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8364
NOTE: Versions affected: 1.8.0 to 1.8.5
+ NOTE: Not suitable for code injection
CVE-2013-2485 [CSP dissector infinite loop]
RESERVED
- - wireshark <unfixed>
+ - wireshark <unfixed> (unimportant)
NOTE: http://www.wireshark.org/security/wnpa-sec-2013-20.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8359
NOTE: Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13
- TODO: squeeze version 1.2.x affected also?
+ NOTE: Not suitable for code injection
CVE-2013-2484 [CIMD dissector crash]
RESERVED
- wireshark <unfixed>
NOTE: http://www.wireshark.org/security/wnpa-sec-2013-19.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8346
NOTE: Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13
- TODO: squeeze version 1.2.x affected also?
CVE-2013-2483 [ACN dissector divide by zero]
RESERVED
- - wireshark <unfixed>
+ - wireshark <unfixed> (unimportant)
NOTE: http://www.wireshark.org/security/wnpa-sec-2013-18.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8340
NOTE: Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13
- TODO: squeeze version 1.2.x affected also?
+ NOTE: Not suitable for code injection
CVE-2013-2482 [AMPQ dissector infinite loop]
RESERVED
- - wireshark <unfixed>
+ - wireshark <unfixed> (unimportant)
NOTE: http://www.wireshark.org/security/wnpa-sec-2013-17.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8337
NOTE: Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13
- TODO: squeeze version 1.2.x affected also?
+ NOTE: Not suitable for code injection
CVE-2013-2481 [Mount dissector crash]
RESERVED
- - wireshark <unfixed>
+ - wireshark <unfixed> (unimportant)
NOTE: http://www.wireshark.org/security/wnpa-sec-2013-16.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8335
NOTE: Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13
- TODO: squeeze version 1.2.x affected also?
+ NOTE: Not suitable for code injection
CVE-2013-2480 [RTPS and RTPS2 dissector crash]
RESERVED
- wireshark <unfixed>
NOTE: http://www.wireshark.org/security/wnpa-sec-2013-15.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8332
NOTE: Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13
- TODO: squeeze version 1.2.x affected also?
CVE-2013-2479 [MPLS Echo dissector infinite loop]
RESERVED
- - wireshark <unfixed>
+ - wireshark <unfixed> (unimportant)
[squeeze] - wireshark <not-affected> (only affecting 1.8.x)
NOTE: http://www.wireshark.org/security/wnpa-sec-2013-14.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8039
NOTE: Versions affected: 1.8.0 to 1.8.5
+ NOTE: Not suitable for code injection
CVE-2013-2478 [MS-MMS dissector crash]
RESERVED
- wireshark <unfixed>
NOTE: http://www.wireshark.org/security/wnpa-sec-2013-13.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8382
NOTE: announce mentions: Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13
- TODO: squeeze 1.2.x affected?
CVE-2013-2477 [CSN.1 dissector crash]
RESERVED
- wireshark <unfixed>
@@ -92,11 +92,12 @@
NOTE: Versions affected: 1.8.0 to 1.8.5
CVE-2013-2476 [The HART/IP dissectory could go into an infinite loop]
RESERVED
- - wireshark <unfixed>
+ - wireshark <unfixed> (unimportant)
[squeeze] - wireshark <not-affected> (only affecting 1.8.x)
NOTE: http://www.wireshark.org/security/wnpa-sec-2013-11.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8360
NOTE: Versions affected: 1.8.0 to 1.8.5
+ NOTE: Not suitable for code injection
CVE-2013-2475 [TCP dissector crash]
RESERVED
- wireshark <unfixed>
More information about the Secure-testing-commits
mailing list