[Secure-testing-commits] r24173 - data/CVE
Salvatore Bonaccorso
carnil at alioth.debian.org
Fri Oct 25 13:35:00 UTC 2013
Author: carnil
Date: 2013-10-25 13:34:59 +0000 (Fri, 25 Oct 2013)
New Revision: 24173
Modified:
data/CVE/list
Log:
Add further round of NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-10-25 12:57:00 UTC (rev 24172)
+++ data/CVE/list 2013-10-25 13:34:59 UTC (rev 24173)
@@ -146,7 +146,7 @@
CVE-2013-6171
RESERVED
CVE-2013-6170 (Juniper Junos 10.0 before 10.0S28, 10.4 before 10.4R7, 11.1 before ...)
- TODO: check
+ NOT-FOR-US: Juniper Junos
CVE-2013-6169 (The TLS driver in ejabberd before 2.1.12 supports (1) SSLv2 and (2) ...)
{DSA-2775-1}
- ejabberd 2.1.11-1 (bug #722105)
@@ -323,7 +323,7 @@
CVE-2013-6080
RESERVED
CVE-2013-6079 (Buffer overflow in MostGear Soft Easy LAN Folder Share 3.2.0.100 ...)
- TODO: check
+ NOT-FOR-US: MostGear Soft Easy LAN Folder Share
CVE-2013-6078
RESERVED
CVE-2013-6077
@@ -445,11 +445,11 @@
CVE-2013-6028
RESERVED
CVE-2013-6027 (Stack-based buffer overflow in the RuntimeDiagnosticPing function in ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2013-6026 (The web interface on D-Link DIR-100, DIR-120, DI-624S, DI-524UP, ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2013-6025 (The XMLParse procedure in SAP Sybase Adaptive Server Enterprise (ASE) ...)
- TODO: check
+ NOT-FOR-US: SAP Sybase Adaptive Server Enterprise
CVE-2013-6024
RESERVED
CVE-2013-6023
@@ -457,7 +457,7 @@
CVE-2013-6022
RESERVED
CVE-2013-6021 (Buffer overflow in WGagent in WatchGuard WSM and Fireware before 11.8 ...)
- TODO: check
+ NOT-FOR-US: WatchGuard WSM and Fireware
CVE-2013-6020
RESERVED
CVE-2013-6019
@@ -469,11 +469,11 @@
CVE-2013-6016
RESERVED
CVE-2013-6015 (Juniper Junos before 10.4S14, 11.4 before 11.4R5-S2, 12.1R before ...)
- TODO: check
+ NOT-FOR-US: Juniper Junos
CVE-2013-6014
RESERVED
CVE-2013-6013 (Buffer overflow in the flow daemon (flowd) in Juniper Junos 10.4 ...)
- TODO: check
+ NOT-FOR-US: Juniper Junos
CVE-2013-6012
RESERVED
CVE-2013-6011 (Citrix NetScaler Application Delivery Controller (ADC) 10.0 before ...)
@@ -682,7 +682,7 @@
- polarssl 1.2.0-1 (bug #725359)
NOTE: https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2013-04
CVE-2013-5913 (Cross-site scripting (XSS) vulnerability in the getRecommSearch ...)
- TODO: check
+ NOT-FOR-US: OXID eShop
CVE-2013-5912
RESERVED
CVE-2013-5911 (Cross-site scripting (XSS) vulnerability in devform.php in Tenable ...)
@@ -774,7 +774,7 @@
CVE-2013-5868
RESERVED
CVE-2013-5867 (Unspecified vulnerability in the Siebel Core - Server Infrastructure ...)
- TODO: check
+ NOT-FOR-US: Oracle Siebel CRM
CVE-2013-5866 (Unspecified vulnerability in Oracle Solaris 11.1 allows local users to ...)
NOT-FOR-US: Solaris
CVE-2013-5865 (Unspecified vulnerability in Oracle Solaris 11.1 allows local users to ...)
@@ -790,13 +790,13 @@
CVE-2013-5860
RESERVED
CVE-2013-5859 (Unspecified vulnerability in the Instantis EnterpriseTrack component ...)
- TODO: check
+ NOT-FOR-US: Oracle Primavera Products Suite
CVE-2013-5858
RESERVED
CVE-2013-5857 (Unspecified vulnerability in the Oracle Health Sciences InForm ...)
- TODO: check
+ NOT-FOR-US: Oracle Industry Applications
CVE-2013-5856 (Unspecified vulnerability in the Oracle Health Sciences InForm ...)
- TODO: check
+ NOT-FOR-US: Oracle Industry Applications
CVE-2013-5855
RESERVED
CVE-2013-5854 (Unspecified vulnerability in Oracle Java SE Java SE 7u40 and earlier ...)
@@ -1192,7 +1192,7 @@
CVE-2013-5704
RESERVED
CVE-2013-5703 (The DrayTek Vigor 2700 router 2.8.3 allows remote attackers to execute ...)
- TODO: check
+ NOT-FOR-US: DrayTek Vigor 2700 router
CVE-2013-5702 (Multiple cross-site scripting (XSS) vulnerabilities in WebCenter in ...)
NOT-FOR-US: Watchguard Server Center
CVE-2013-5701 (Multiple untrusted search path vulnerabilities in (1) Watchguard Log ...)
@@ -1600,7 +1600,7 @@
CVE-2013-5551
RESERVED
CVE-2013-5550 (The fabric-interconnect component in Cisco Unified Computing System ...)
- TODO: check
+ NOT-FOR-US: Cisco Unified Computing System
CVE-2013-5549
RESERVED
NOT-FOR-US: Cisco IOS XR
@@ -1617,7 +1617,7 @@
CVE-2013-5543
RESERVED
CVE-2013-5542 (Cisco Adaptive Security Appliance (ASA) Software 8.4 before 8.4(7.2), ...)
- TODO: check
+ NOT-FOR-US: Cisco Adaptive Security Appliance
CVE-2013-5541 (Cross-site scripting (XSS) vulnerability in the file-upload interface ...)
NOT-FOR-US: Cisco Identity Services Engine
CVE-2013-5540 (The file-upload feature in Cisco Identity Services Engine (ISE) allows ...)
@@ -1631,13 +1631,13 @@
CVE-2013-5536
RESERVED
CVE-2013-5535 (The analytics page on Cisco Video Surveillance 4000 IP cameras has ...)
- TODO: check
+ NOT-FOR-US: Cisco Video Surveillance 4000 IP cameras
CVE-2013-5534 (Directory traversal vulnerability in the attachment service in the ...)
- TODO: check
+ NOT-FOR-US: Cisco Unity Connection
CVE-2013-5533 (The image-upgrade functionality on Cisco 9900 Unified IP phones allows ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2013-5532 (Buffer overflow in the web-application interface on Cisco 9900 IP ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2013-5531
RESERVED
CVE-2013-5530
@@ -1672,25 +1672,25 @@
CVE-2013-5516 (The Media Snapshot implementation on Cisco TelePresence Multipoint ...)
NOT-FOR-US: Cisco
CVE-2013-5515 (The Clientless SSL VPN feature in Cisco Adaptive Security Appliance ...)
- TODO: check
+ NOT-FOR-US: Cisco Adaptive Security Appliance
CVE-2013-5514
RESERVED
CVE-2013-5513 (Cisco Adaptive Security Appliance (ASA) Software 8.2.x before ...)
- TODO: check
+ NOT-FOR-US: Cisco Adaptive Security Appliance
CVE-2013-5512 (Race condition in the HTTP Deep Packet Inspection (DPI) feature in ...)
- TODO: check
+ NOT-FOR-US: Cisco Adaptive Security Appliance
CVE-2013-5511 (The Adaptive Security Device Management (ASDM) remote-management ...)
- TODO: check
+ NOT-FOR-US: Cisco Adaptive Security Appliance
CVE-2013-5510 (The remote-access VPN implementation in Cisco Adaptive Security ...)
- TODO: check
+ NOT-FOR-US: Cisco Adaptive Security Appliance
CVE-2013-5509 (The SSL implementation in Cisco Adaptive Security Appliance (ASA) ...)
- TODO: check
+ NOT-FOR-US: Cisco Adaptive Security Appliance
CVE-2013-5508 (The SQL*Net inspection engine in Cisco Adaptive Security Appliance ...)
- TODO: check
+ NOT-FOR-US: Cisco Adaptive Security Appliance
CVE-2013-5507 (The IPsec implementation in Cisco Adaptive Security Appliance (ASA) ...)
- TODO: check
+ NOT-FOR-US: Cisco Adaptive Security Appliance
CVE-2013-5506 (The authorization functionality in Cisco Firewall Services Module ...)
- TODO: check
+ NOT-FOR-US: Cisco Firewall Services Module
CVE-2013-5505 (Cross-site scripting (XSS) vulnerability in an administration page in ...)
NOT-FOR-US: Cisco
CVE-2013-5504 (Cross-site scripting (XSS) vulnerability in the Mobile Device ...)
@@ -1810,7 +1810,7 @@
CVE-2013-5447
RESERVED
CVE-2013-5446 (The console on IBM WebSphere DataPower XC10 appliances 2.1.0 and 2.5.0 ...)
- TODO: check
+ NOT-FOR-US: IBM WebSphere DataPower XC10 appliances
CVE-2013-5445
RESERVED
CVE-2013-5444
@@ -1846,7 +1846,7 @@
CVE-2013-5429
RESERVED
CVE-2013-5428 (IBM WebSphere DataPower XC10 appliances 2.5.0 do not require ...)
- TODO: check
+ NOT-FOR-US: IBM WebSphere DataPower XC10 appliances
CVE-2013-5427
RESERVED
CVE-2013-5426
@@ -1924,9 +1924,9 @@
CVE-2013-5390 (Cross-site scripting (XSS) vulnerability in the monitoring console in ...)
NOT-FOR-US: IBM WebSphere eXtreme Scale
CVE-2013-5389 (Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.3 ...)
- TODO: check
+ NOT-FOR-US: IBM Domino
CVE-2013-5388 (Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.3 ...)
- TODO: check
+ NOT-FOR-US: IBM Domino
CVE-2013-5387
RESERVED
CVE-2013-5386
@@ -1950,7 +1950,7 @@
CVE-2013-5377
RESERVED
CVE-2013-5376 (Cross-site scripting (XSS) vulnerability in IBM Storwize V7000 Unified ...)
- TODO: check
+ NOT-FOR-US: IBM Storwize V7000 Unified
CVE-2013-5375
RESERVED
CVE-2013-5374
@@ -1958,7 +1958,7 @@
CVE-2013-5373 (The RemoteClient component in IBM Rational ClearCase 8.0.0.03 through ...)
NOT-FOR-US: IBM Rational ClearCase
CVE-2013-5372 (The XML4J parser in IBM WebSphere Message Broker 6.1 before 6.1.0.12, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2013-5371
RESERVED
CVE-2013-5370 (Unspecified vulnerability in IBM SPSS Collaboration and Deployment ...)
@@ -3458,7 +3458,7 @@
CVE-2013-4690 (Juniper Junos 10.4 before 10.4S13, 11.4 before 11.4R7-S1, 12.1 before ...)
NOT-FOR-US: Juniper Junos
CVE-2013-4689 (J-Web in Juniper Junos before 10.4R13, 11.4 before 11.4R7, 12.1R ...)
- TODO: check
+ NOT-FOR-US: Juniper Junos
CVE-2013-4688 (flowd in Juniper Junos 10.4 before 10.4R11 on SRX devices, when the ...)
NOT-FOR-US: Juniper Junos
CVE-2013-4687 (flowd in Juniper Junos 10.4 before 10.4S14, 11.2 and 11.4 before ...)
@@ -5327,7 +5327,7 @@
CVE-2013-4057
RESERVED
CVE-2013-4056 (Cross-site request forgery (CSRF) vulnerability in the Data Quality ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2013-4055
RESERVED
CVE-2013-4054
@@ -6122,7 +6122,7 @@
CVE-2013-3694
RESERVED
CVE-2013-3693 (The BlackBerry Universal Device Service in BlackBerry Enterprise ...)
- TODO: check
+ NOT-FOR-US: BlackBerry
CVE-2013-3692 (BlackBerry 10 OS before 10.0.10.648 on BlackBerry Z10 smartphones uses ...)
NOT-FOR-US: Blackberry OS
CVE-2013-3691
@@ -6134,9 +6134,9 @@
CVE-2013-3688 (The TP-Link IP Cameras TL-SC3171, TL-SC3130, TL-SC3130G, TL-SC3171G, ...)
NOT-FOR-US: TP-Link
CVE-2013-3687 (AirLive POE2600HD, POE250HD, POE200HD, OD-325HD, OD-2025HD, OD-2060HD, ...)
- TODO: check
+ NOT-FOR-US: AirLive cameras
CVE-2013-3686 (cgi-bin/operator/param in AirLive WL2600CAM and possibly other camera ...)
- TODO: check
+ NOT-FOR-US: AirLive
CVE-2013-3685
RESERVED
NOT-FOR-US: Sprite Software's backup softare for Android
@@ -6745,7 +6745,7 @@
CVE-2013-3416 (Cross-site scripting (XSS) vulnerability in the web framework in the ...)
NOT-FOR-US: Cisco
CVE-2013-3415 (Cisco Adaptive Security Appliance (ASA) Software 8.4.x before 8.4(3) ...)
- TODO: check
+ NOT-FOR-US: Cisco Adaptive Security Appliance
CVE-2013-3414 (Cross-site scripting (XSS) vulnerability in the WebVPN portal login ...)
NOT-FOR-US: Cisco
CVE-2013-3413 (Cross-site scripting (XSS) vulnerability in the search form in the ...)
@@ -7611,7 +7611,7 @@
CVE-2013-3026 (Buffer overflow in the Lotus Quickr for Domino ActiveX control in ...)
NOT-FOR-US: Lotus Quickr for Domino ActiveX
CVE-2013-3025 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Rational ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2013-3024
RESERVED
CVE-2013-3023
@@ -8247,7 +8247,7 @@
CVE-2013-2788 (The DNP3 Slave service in SUBNET Solutions SubSTATION Server 2.7.0033 ...)
NOT-FOR-US: SUBNET Solutions SubSTATION Server
CVE-2013-2787 (Alstom e-terracontrol 3.5, 3.6, and 3.7 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Alstom e-terracontrol
CVE-2013-2786 (Alstom Grid MiCOM S1 Agile before 1.0.3 and Alstom Grid MiCOM S1 ...)
NOT-FOR-US: Alstom Grid MiCOM S1
CVE-2013-2785 (Multiple buffer overflows in CimWebServer.exe in the WebView component ...)
@@ -8708,13 +8708,13 @@
CVE-2013-2582 (CRLF injection vulnerability in the redirect servlet in Open-Xchange ...)
- open-xchange <itp> (bug #269329)
CVE-2013-2581 (cgi-bin/firmwareupgrade in TP-Link IP Cameras TL-SC3130, TL-SC3130G, ...)
- TODO: check
+ NOT-FOR-US: TP-Link IP Cameras
CVE-2013-2580 (Unrestricted file upload vulnerability in cgi-bin/uploadfile in ...)
- TODO: check
+ NOT-FOR-US: TP-Link IP Cameras
CVE-2013-2579 (TP-Link IP Cameras TL-SC3130, TL-SC3130G, TL-SC3171, TL-SC3171G, and ...)
- TODO: check
+ NOT-FOR-US: TP-Link IP Cameras
CVE-2013-2578 (cgi-bin/admin/servetest in TP-Link IP Cameras TL-SC3130, TL-SC3130G, ...)
- TODO: check
+ NOT-FOR-US: TP-Link IP Cameras
CVE-2013-2577 (Buffer overflow in XnView before 2.04 allows remote attackers to ...)
NOT-FOR-US: XnView
CVE-2013-2576 (Buffer overflow in Artweaver before 3.1.6 allows remote attackers to ...)
@@ -15046,7 +15046,7 @@
CVE-2013-0501 (The EdrawSoft EDOFFICE.EDOfficeCtrl.1 ActiveX control, as used in ...)
NOT-FOR-US: IBM Cognos Disclosure Management
CVE-2013-0500 (IBM Storwize V7000 Unified 1.3.x and 1.4.x before 1.4.2.0 does not ...)
- TODO: check
+ NOT-FOR-US: IBM Storwize V7000 Unified
CVE-2013-0499 (Cross-site scripting (XSS) vulnerability in the echo functionality on ...)
NOT-FOR-US: IBM
CVE-2013-0498
@@ -20953,7 +20953,7 @@
CVE-2012-4710 (Invensys Wonderware Win-XML Exporter 1522.148.0.0 allows remote ...)
NOT-FOR-US: Invensys Wonderware Win-XML Exporter
CVE-2012-4709 (Invensys Wonderware InTouch HMI 2012 R2 and earlier allows remote ...)
- TODO: check
+ NOT-FOR-US: Invensys
CVE-2012-4708 (Stack-based buffer overflow in 3S CODESYS Gateway-Server before ...)
NOT-FOR-US: 3S CODESYS Gateway-Server
CVE-2012-4707 (3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to ...)
@@ -22833,7 +22833,7 @@
CVE-2012-4077 (Cisco NX-OS allows local users to gain privileges and execute ...)
NOT-FOR-US: Cisco
CVE-2012-4076 (Cisco NX-OS allows local users to gain privileges and execute ...)
- TODO: check
+ NOT-FOR-US: Cisco NX-OS
CVE-2012-4075 (Cisco NX-OS allows local users to gain privileges and execute ...)
NOT-FOR-US: Cisco
CVE-2012-4074 (The Board Management Controller (BMC) in the Serial over LAN (SoL) ...)
More information about the Secure-testing-commits
mailing list