[Secure-testing-commits] r30960 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Dec 24 08:10:43 UTC 2014
Author: carnil
Date: 2014-12-24 08:10:43 +0000 (Wed, 24 Dec 2014)
New Revision: 30960
Modified:
data/CVE/list
Log:
Process some TODO items, zenoss (itp'ed)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-12-24 08:10:21 UTC (rev 30959)
+++ data/CVE/list 2014-12-24 08:10:43 UTC (rev 30960)
@@ -432,9 +432,9 @@
CVE-2014-9387 (SAP BussinessObjects Edge 4.1 allows remote attackers to obtain the ...)
TODO: check
CVE-2014-9386 (Zenoss Core before 4.2.5 SP161 sets an infinite lifetime for the ...)
- TODO: check
+ - zenoss <itp> (bug #361253)
CVE-2014-9385 (Cross-site request forgery (CSRF) vulnerability in Zenoss Core through ...)
- TODO: check
+ - zenoss <itp> (bug #361253)
CVE-2014-9384
RESERVED
CVE-2014-9383
@@ -795,21 +795,21 @@
NOTE: https://github.com/splitbrain/dokuwiki/commit/778ddf6f2cd9ed38b9db2d73e823b8c21243a960
NOTE: Advisory: http://security.szurek.pl/dokuwiki-20140929a-xss.html
CVE-2014-9252 (Zenoss Core through 5 Beta 3 stores cleartext passwords in the session ...)
- TODO: check
+ - zenoss <itp> (bug #361253)
CVE-2014-9251 (Zenoss Core through 5 Beta 3 uses a weak algorithm to hash passwords, ...)
- TODO: check
+ - zenoss <itp> (bug #361253)
CVE-2014-9250 (Zenoss Core through 5 Beta 3 does not include the HTTPOnly flag in a ...)
- TODO: check
+ - zenoss <itp> (bug #361253)
CVE-2014-9249 (The default configuration of Zenoss Core before 5 allows remote ...)
- TODO: check
+ - zenoss <itp> (bug #361253)
CVE-2014-9248 (Zenoss Core through 5 Beta 3 does not require complex passwords, which ...)
- TODO: check
+ - zenoss <itp> (bug #361253)
CVE-2014-9247 (Zenoss Core through 5 Beta 3 allows remote authenticated users to ...)
- TODO: check
+ - zenoss <itp> (bug #361253)
CVE-2014-9246
REJECTED
CVE-2014-9245 (Zenoss Core through 5 Beta 3 allows remote attackers to obtain ...)
- TODO: check
+ - zenoss <itp> (bug #361253)
CVE-2014-9244
RESERVED
CVE-2014-9243 (Multiple cross-site scripting (XSS) vulnerabilities in WebsiteBaker ...)
More information about the Secure-testing-commits
mailing list