[Secure-testing-commits] r23795 - data/CVE

Joey Hess joeyh at alioth.debian.org
Thu Sep 26 21:14:26 UTC 2013 

Author: joeyh
Date: 2013-09-26 21:14:26 +0000 (Thu, 26 Sep 2013)
New Revision: 23795

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-09-26 21:05:28 UTC (rev 23794)
+++ data/CVE/list	2013-09-26 21:14:26 UTC (rev 23795)
@@ -1,3 +1,13 @@
+CVE-2013-5941
+	RESERVED
+CVE-2013-5940
+	RESERVED
+CVE-2013-5939
+	RESERVED
+CVE-2013-5938 (Cross-site scripting (XSS) vulnerability in the Click2Sell Suite ...)
+	TODO: check
+CVE-2013-5937 (Cross-site request forgery (CSRF) vulnerability in the Click2Sell ...)
+	TODO: check
 CVE-2013-5936 (The Hazelcast cluster API in Open-Xchange AppSuite 7.0.x before ...)
 	TODO: check
 CVE-2013-5935 (The Hazelcast cluster API in Open-Xchange AppSuite 7.0.x before ...)
@@ -783,8 +793,7 @@
 	- linux <unfixed>
 	[wheezy] - linux <not-affected> (KVM for arm introduced in 3.9)
 	- linux-2.6 <not-affected> (KVM for arm introduced in 3.9)
-CVE-2013-5586 [XSS]
-	RESERVED
+CVE-2013-5586 (Cross-site scripting (XSS) vulnerability in wikka.php in WikkaWiki ...)
 	NOT-FOR-US: WikkaWiki
 CVE-2013-5585
 	RESERVED
@@ -857,7 +866,7 @@
 	RESERVED
 	- joomla <itp> (bug #571794)
 CVE-2013-5575 [integer overflow]
-	RESERVED
+	REJECTED
 	NOTE: Non-issue, to be rejected
 CVE-2013-5568
 	RESERVED
@@ -2529,9 +2538,9 @@
 	RESERVED
 CVE-2013-4775
 	RESERVED
-CVE-2013-4785 (The web interface for Dell iDRAC 6 firmware 1.7, and possibly other ...)
+CVE-2013-4785 (The web interface on the Dell iDRAC6 with firmware before 1.95 allows ...)
 	NOT-FOR-US: Dell
-CVE-2013-4783 (The Dell iDRAC 6 BMC implementation allows remote attackers to bypass ...)
+CVE-2013-4783 (The Dell iDRAC6 with firmware 1.x before 1.92 and 2.x and 3.x before ...)
 	NOT-FOR-US: Dell
 CVE-2013-4782 (The Supermicro BMC implementation allows remote attackers to bypass ...)
 	NOT-FOR-US: Supermicro
@@ -3450,6 +3459,7 @@
 	NOTE: CVE for incomplete fix for CVE-2013-4287
 CVE-2013-4362 [Insecure use of system]
 	RESERVED
+	{DSA-2765-1}
 	- davfs2 1.4.7-3 (bug #723034)
 	NOTE: http://savannah.nongnu.org/bugs/?40034
 CVE-2013-4361
@@ -6181,6 +6191,7 @@
 CVE-2013-3279
 	RESERVED
 CVE-2013-3278
+	RESERVED
 	NOT-FOR-US: EMC
 CVE-2013-3277 (Open redirect vulnerability in EMC RSA Archer GRC 5.x before 5.4 ...)
 	NOT-FOR-US: EMC
@@ -8847,7 +8858,7 @@
 	[wheezy] - libvirt <not-affected> (Vulnerable code introduced in with commit abf75aea)
 	[jessie] - libvirt <not-affected> (Vulnerable code introduced in with commit abf75aea)
 CVE-2013-2229
-	RESERVED
+	REJECTED
 CVE-2013-2228 [RSA exponent of 1]
 	RESERVED
 	- salt 0.15.1-1
@@ -9568,7 +9579,7 @@
 CVE-2013-2027
 	RESERVED
 CVE-2013-2026
-	RESERVED
+	REJECTED
 CVE-2013-2025
 	RESERVED
 	NOT-FOR-US: Ushahidi
@@ -14737,7 +14748,7 @@
 	[squeeze] - pyrad <no-dsa> (Minor issue)
 	NOTE: this is initially related to #700669
 CVE-2013-0341 [external entity expansion]
-	RESERVED
+	REJECTED
 	- expat <unfixed> (unimportant)
 	NOTE: Expat provides API to mitigate expansion attacks, ultimately under control of the app using Expat
 CVE-2013-0340 [internal entity expansion]
@@ -21877,16 +21888,16 @@
 	TODO: check
 CVE-2012-4093 (The Manager component in Cisco Unified Computing System (UCS) allows ...)
 	NOT-FOR-US: Cisco Unified Computing System
-CVE-2012-4092
-	RESERVED
+CVE-2012-4092 (The management interface in the Central Software component in Cisco ...)
+	TODO: check
 CVE-2012-4091
 	RESERVED
 CVE-2012-4090
 	RESERVED
 CVE-2012-4089 (MCTOOLS in the fabric interconnect in Cisco Unified Computing System ...)
 	TODO: check
-CVE-2012-4088
-	RESERVED
+CVE-2012-4088 (The FTP server in Cisco Unified Computing System (UCS) has a hardcoded ...)
+	TODO: check
 CVE-2012-4087 (A cluster setup script for fabric interconnect devices in Cisco ...)
 	TODO: check
 CVE-2012-4086 (A setup script for fabric interconnect devices in Cisco Unified ...)
@@ -21903,8 +21914,8 @@
 	NOT-FOR-US: Cisco
 CVE-2012-4080
 	RESERVED
-CVE-2012-4079
-	RESERVED
+CVE-2012-4079 (The XML API service in the Fabric Interconnect component in Cisco ...)
+	TODO: check
 CVE-2012-4078 (The Baseboard Management Controller (BMC) in Cisco Unified Computing ...)
 	TODO: check
 CVE-2012-4077

More information about the Secure-testing-commits mailing list