[Secure-testing-commits] r27132 - data/CVE

Helmut Grohne helmutg at moszumanska.debian.org
Wed Jun 4 06:00:16 UTC 2014 

Author: helmutg
Date: 2014-06-04 06:00:16 +0000 (Wed, 04 Jun 2014)
New Revision: 27132

Modified:
   data/CVE/list
Log:
NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-06-04 05:58:33 UTC (rev 27131)
+++ data/CVE/list	2014-06-04 06:00:16 UTC (rev 27132)
@@ -112,15 +112,15 @@
 	[wheezy] - kfreebsd-9 <not-affected> (introduced by the merge of r237663)
 	TODO: for wheezy maintainers are double-checking
 CVE-2014-3872 (Multiple SQL injection vulnerabilities in the administration login ...)
-	TODO: check
+	NOT-FOR-US: D-Link firmware
 CVE-2014-3871 (Multiple SQL injection vulnerabilities in register.php in Geodesic ...)
-	TODO: check
+	NOT-FOR-US: GeodesicSolutions
 CVE-2014-3869
 	RESERVED
 CVE-2014-3868
 	RESERVED
 CVE-2014-3867 (The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through ...)
-	TODO: check
+	NOT-FOR-US: IBM Sametime
 CVE-2014-3863
 	RESERVED
 CVE-2014-3862
@@ -1404,7 +1404,7 @@
 CVE-2014-3285 (Cisco Wide Area Application Services (WAAS) 5.3(.5a) and earlier, when ...)
 	TODO: check
 CVE-2014-3284 (Cisco IOS XE on ASR1000 devices, when PPPoE termination is enabled, ...)
-	TODO: check
+	NOT-FOR-US: Cisco IOS
 CVE-2014-3283 (Open redirect vulnerability in Self-Care Client Portal applications in ...)
 	TODO: check
 CVE-2014-3282 (The Administration GUI in the web framework in VOSS in Cisco Unified ...)
@@ -1420,15 +1420,15 @@
 CVE-2014-3277 (The Administration GUI in the web framework in VOSS in Cisco Unified ...)
 	TODO: check
 CVE-2014-3276 (Cisco Identity Services Engine (ISE) 1.2(.1 patch 2) and earlier does ...)
-	TODO: check
+	NOT-FOR-US: Cisco Identity Services Engine
 CVE-2014-3275 (SQL injection vulnerability in the web framework in Cisco Identity ...)
-	TODO: check
+	NOT-FOR-US: Cisco Identity Services Engine
 CVE-2014-3274 (Cisco TelePresence System (CTS) 6.0(.5)(5) and earlier falls back to ...)
-	TODO: check
+	NOT-FOR-US: Cisco TelePresence
 CVE-2014-3273 (The LLDP implementation in Cisco IOS allows remote attackers to cause ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2014-3272 (The Agent in Cisco Tidal Enterprise Scheduler (TES) 6.1 and earlier ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2014-3271 (The DHCPv6 implementation in Cisco IOS XR allows remote attackers to ...)
 	NOT-FOR-US: Cisco IOS XR
 CVE-2014-3270 (The DHCPv6 implementation in Cisco IOS XR allows remote attackers to ...)
@@ -1438,9 +1438,9 @@
 CVE-2014-3268 (Cisco IOS 15.2(4)M4 on Cisco Unified Border Element (CUBE) devices ...)
 	NOT-FOR-US: Cisco Unified Border Element
 CVE-2014-3267 (Cross-site request forgery (CSRF) vulnerability in the web framework ...)
-	TODO: check
+	NOT-FOR-US: Cisco Security Manager
 CVE-2014-3266 (Cross-site scripting (XSS) vulnerability in the web framework in Cisco ...)
-	TODO: check
+	NOT-FOR-US: Cisco Security Manager
 CVE-2014-3265 (Cross-site scripting (XSS) vulnerability in the Auto Update Server ...)
 	NOT-FOR-US: Cisco Security Manager
 CVE-2014-3264 (Cisco Adaptive Security Appliance (ASA) Software 9.1(.5) and earlier ...)
@@ -1450,7 +1450,7 @@
 CVE-2014-3262 (The Locator/ID Separation Protocol (LISP) implementation in Cisco IOS ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2014-3261 (Buffer overflow in the Smart Call Home implementation in Cisco NX-OS ...)
-	TODO: check
+	NOT-FOR-US: Cisco NX-OS
 CVE-2014-3260
 	RESERVED
 CVE-2014-3259
@@ -2023,9 +2023,9 @@
 CVE-2014-3016
 	RESERVED
 CVE-2014-3015 (Cross-site request forgery (CSRF) vulnerability in the Web player in ...)
-	TODO: check
+	NOT-FOR-US: IBM Sametime
 CVE-2014-3014 (Cross-site scripting (XSS) vulnerability in the Meeting Server in IBM ...)
-	TODO: check
+	NOT-FOR-US: IBM Sametime
 CVE-2014-3013
 	RESERVED
 CVE-2014-3012
@@ -2810,7 +2810,7 @@
 CVE-2014-2721
 	RESERVED
 CVE-2014-2720 (IZArc 4.1.8 displays a file's name on the basis of a ZIP archive's ...)
-	TODO: check
+	NOT-FOR-US: IZArc Archiver
 CVE-2014-2719 (Advanced_System_Content.asp in the ASUS RT series routers with ...)
 	NOT-FOR-US: ASUS RT series routers
 CVE-2014-2718
@@ -4140,7 +4140,7 @@
 CVE-2014-2202
 	RESERVED
 CVE-2014-2201 (The Message Transfer Service (MTS) in Cisco NX-OS before 6.2(7) on MDS ...)
-	TODO: check
+	NOT-FOR-US: Cisco NX-OS
 CVE-2014-2200 (Cisco NX-OS 5.0 before 5.0(5) on Nexus 7000 devices, when local ...)
 	NOT-FOR-US: Cisco
 CVE-2014-2199 (meetinginfo.do in Cisco WebEx Event Center, WebEx Meeting Center, ...)
@@ -7141,7 +7141,7 @@
 CVE-2014-0944 (Cross-site request forgery (CSRF) vulnerability in the RES Console in ...)
 	NOT-FOR-US: IBM
 CVE-2014-0943 (IBM WebSphere Commerce 6.0 Feature Pack 2 through Feature Pack 5, ...)
-	TODO: check
+	NOT-FOR-US: IBM WebSphere Commerce
 CVE-2014-0942 (Cross-site scripting (XSS) vulnerability in ...)
 	NOT-FOR-US: IBM Netcool
 CVE-2014-0941 (Cross-site scripting (XSS) vulnerability in ...)
@@ -7215,7 +7215,7 @@
 CVE-2014-0907
 	RESERVED
 CVE-2014-0906 (The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through ...)
-	TODO: check
+	NOT-FOR-US: IBM Sametime
 CVE-2014-0905
 	RESERVED
 CVE-2014-0904 (The update process in IBM Security AppScan Standard 7.9 through 8.8 ...)
@@ -7241,7 +7241,7 @@
 CVE-2014-0894
 	RESERVED
 CVE-2014-0893 (Cross-site scripting (XSS) vulnerability in customreport.jsp in IBM ...)
-	TODO: check
+	NOT-FOR-US: IBM Maximo Asset Management
 CVE-2014-0892 (IBM Notes and Domino 8.5.x before 8.5.3 FP6 IF3 and 9.x before 9.0.1 ...)
 	NOT-FOR-US: IBM
 CVE-2014-0891
@@ -7329,7 +7329,7 @@
 CVE-2014-0850 (Cross-site scripting (XSS) vulnerability in IBM InfoSphere Master Data ...)
 	NOT-FOR-US: IBM InfoSphere
 CVE-2014-0849 (IBM Maximo Asset Management 7.x before 7.5.0.3 IFIX027 and SmartCloud ...)
-	TODO: check
+	NOT-FOR-US: IBM Maximo Asset Management
 CVE-2014-0848 (The (1) ssl.conf and (2) httpd.conf files in the Apache HTTP Server ...)
 	NOT-FOR-US: IBM Netezza Performance Portal
 CVE-2014-0847
@@ -7377,9 +7377,9 @@
 CVE-2014-0826
 	RESERVED
 CVE-2014-0825 (Cross-site scripting (XSS) vulnerability in openreport.jsp in IBM ...)
-	TODO: check
+	NOT-FOR-US: IBM Maximo Asset Management and others
 CVE-2014-0824 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset ...)
-	TODO: check
+	NOT-FOR-US: IBM Maximo Asset Management and others
 CVE-2014-0823 (IBM WebSphere Application Server (WAS) 8.x before 8.0.0.9 and 8.5.x ...)
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2014-0822 (The IMAP server in IBM Domino 8.5.x before 8.5.3 FP6 IF1 and 9.0.x ...)
@@ -10959,7 +10959,7 @@
 CVE-2013-6742 (The Meeting Server in IBM Sametime 8.5.2 through 8.5.2.1 and 9.x ...)
 	NOT-FOR-US: IBM Sametime
 CVE-2013-6741 (IBM Maximo Asset Management 7.x before 7.1.1.7 LAFIX.20140319-0837 and ...)
-	TODO: check
+	NOT-FOR-US: IBM Maximo Asset Management and others
 CVE-2013-6740
 	RESERVED
 CVE-2013-6739
@@ -11013,9 +11013,9 @@
 CVE-2013-6715
 	RESERVED
 CVE-2013-6714 (The FlashCopy Manager for VMware component in IBM Tivoli Storage ...)
-	TODO: check
+	NOT-FOR-US: IBM Tivoli Storage FlashCopy Manager
 CVE-2013-6713 (The Data Protection for VMware component in IBM Tivoli Storage Manager ...)
-	TODO: check
+	NOT-FOR-US: IBM Tivoli Storage Manager for Virtual Environments
 CVE-2013-6712 (The scan function in ext/date/lib/parse_iso_intervals.c in PHP through ...)
 	{DSA-2816-1}
 	- php5 5.5.6+dfsg-2 (bug #731112)
@@ -37731,7 +37731,7 @@
 CVE-2012-3334 (Stack-based buffer overflow in IBM Informix Dynamic Server (IDS) 11.50 ...)
 	NOT-FOR-US: IBM Informix Dynamic Server
 CVE-2012-3333 (CRLF injection vulnerability in IBM Maximo Asset Management 7.x before ...)
-	TODO: check
+	NOT-FOR-US: IBM Maximo Asset Management and others
 CVE-2012-3332
 	RESERVED
 CVE-2012-3331

More information about the Secure-testing-commits mailing list