[Secure-testing-commits] r30847 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Dec 20 04:32:34 UTC 2014
Author: carnil
Date: 2014-12-20 04:32:34 +0000 (Sat, 20 Dec 2014)
New Revision: 30847
Modified:
data/CVE/list
Log:
Add new ntp issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-12-20 04:32:26 UTC (rev 30846)
+++ data/CVE/list 2014-12-20 04:32:34 UTC (rev 30847)
@@ -230,14 +230,24 @@
RESERVED
CVE-2014-9297
RESERVED
-CVE-2014-9296
+CVE-2014-9296 [eceive() missing return on error]
RESERVED
-CVE-2014-9295
+ - ntp <unfixed>
+ NOTE: http://bugs.ntp.org/show_bug.cgi?id=2670
+CVE-2014-9295 [Multiple buffer overflows via specially-crafted packets]
RESERVED
-CVE-2014-9294
+ - ntp <unfixed>
+ NOTE: http://bugs.ntp.org/show_bug.cgi?id=2667
+ NOTE: http://bugs.ntp.org/show_bug.cgi?id=2668
+ NOTE: http://bugs.ntp.org/show_bug.cgi?id=2669
+CVE-2014-9294 [ntp-keygen uses weak random number generator and seed when generating MD5 keys]
RESERVED
-CVE-2014-9293
+ - ntp <unfixed>
+ NOTE: http://bugs.ntp.org/show_bug.cgi?id=2666
+CVE-2014-9293 [automatic generation of weak default key in config_auth()]
RESERVED
+ - ntp <unfixed>
+ NOTE: http://bugs.ntp.org/show_bug.cgi?id=2665
CVE-2014-9292 (Server-side request forgery (SSRF) vulnerability in proxy.php in the ...)
NOT-FOR-US: jRSS WordPress Plugin
CVE-2014-9291
More information about the Secure-testing-commits
mailing list