[Secure-testing-commits] r33520 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sat Apr 11 19:35:28 UTC 2015 

Author: carnil
Date: 2015-04-11 19:35:28 +0000 (Sat, 11 Apr 2015)
New Revision: 33520

Modified:
   data/CVE/list
Log:
Process couple of NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-04-11 18:03:00 UTC (rev 33519)
+++ data/CVE/list	2015-04-11 19:35:28 UTC (rev 33520)
@@ -445,9 +445,9 @@
 CVE-2015-2829
 	RESERVED
 CVE-2015-2828 (CA Spectrum 9.2.x and 9.3.x before 9.3 H02 does not properly validate ...)
-	TODO: check
+	NOT-FOR-US: CA Spectrum
 CVE-2015-2827 (Cross-site scripting (XSS) vulnerability in CA Spectrum 9.2.x and ...)
-	TODO: check
+	NOT-FOR-US: CA Spectrum
 CVE-2015-2826
 	RESERVED
 	NOT-FOR-US: WordPress plugin simple-ads-manager
@@ -1809,7 +1809,7 @@
 CVE-2015-2295
 	RESERVED
 CVE-2015-2294 (Multiple cross-site scripting (XSS) vulnerabilities in the WebGUI in ...)
-	TODO: check
+	NOT-FOR-US: pfSense
 CVE-2015-2293 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
 	NOT-FOR-US: WordPress plugin wordpress-seo
 CVE-2015-2292 (Multiple SQL injection vulnerabilities in ...)
@@ -1953,7 +1953,7 @@
 CVE-2015-2282
 	RESERVED
 CVE-2015-2281 (Stack-based buffer overflow in collectoragent.exe in Fortinet Single ...)
-	TODO: check
+	NOT-FOR-US: Fortinet Single Sign On
 CVE-2015-2280
 	RESERVED
 CVE-2015-2279
@@ -1965,7 +1965,7 @@
 CVE-2015-2276
 	RESERVED
 CVE-2015-2275 (Cross-site scripting (XSS) vulnerability in WoltLab Community Gallery ...)
-	TODO: check
+	NOT-FOR-US: WoltLab Community Gallery
 CVE-2015-2274
 	RESERVED
 CVE-2015-2273
@@ -2009,7 +2009,7 @@
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49204
 CVE-2015-2264 (Multiple untrusted search path vulnerabilities in (1) ...)
-	TODO: check
+	NOT-FOR-US: Telerik Analytics Monitor Library
 CVE-2015-2263
 	RESERVED
 CVE-2015-2262
@@ -3623,9 +3623,9 @@
 CVE-2015-1605 (Multiple SQL injection vulnerabilities in Dell ScriptLogic Asset ...)
 	NOT-FOR-US: Dell ScriptLogic Asset Manager
 CVE-2015-1602 (Siemens SIMATIC STEP 7 (TIA Portal) 12 and 13 before 13 SP1 Upd1 ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2015-1601 (Siemens SIMATIC STEP 7 (TIA Portal) 12 and 13 before 13 SP1 Upd1 ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2015-1599 (The Siemens SPCanywhere application for iOS allows physically ...)
 	NOT-FOR-US: Siemens SPCanywhere application for iOS
 CVE-2015-1598 (The Siemens SPCanywhere application for Android does not properly ...)
@@ -4552,7 +4552,7 @@
 CVE-2015-1389
 	RESERVED
 CVE-2015-1388 (The "RAP console" feature in ArubaOS 5.x through 6.2.x, 6.3.x before ...)
-	TODO: check
+	NOT-FOR-US: ArubaOS
 CVE-2015-1387
 	RESERVED
 CVE-2015-1385 (Cross-site scripting (XSS) vulnerability in the Blubrry PowerPress ...)
@@ -5845,15 +5845,15 @@
 CVE-2015-0996 (Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and ...)
 	NOT-FOR-US: Schneider Electric InduSoft Web Studio
 CVE-2015-0995 (Inductive Automation Ignition 7.7.2 uses MD5 password hashes, which ...)
-	TODO: check
+	NOT-FOR-US: Inductive Automation Ignition
 CVE-2015-0994 (Inductive Automation Ignition 7.7.2 allows remote authenticated users ...)
-	TODO: check
+	NOT-FOR-US: Inductive Automation Ignition
 CVE-2015-0993 (Inductive Automation Ignition 7.7.2 does not terminate a session upon ...)
-	TODO: check
+	NOT-FOR-US: Inductive Automation Ignition
 CVE-2015-0992 (Inductive Automation Ignition 7.7.2 stores cleartext OPC Server ...)
-	TODO: check
+	NOT-FOR-US: Inductive Automation Ignition
 CVE-2015-0991 (Inductive Automation Ignition 7.7.2 allows remote attackers to obtain ...)
-	TODO: check
+	NOT-FOR-US: Inductive Automation Ignition
 CVE-2015-0990 (Untrusted search path vulnerability in Ecava IntegraXor SCADA Server ...)
 	TODO: check
 CVE-2015-0989
@@ -5871,7 +5871,7 @@
 CVE-2015-0983
 	RESERVED
 CVE-2015-0982 (Buffer overflow in an unspecified DLL in Schneider Electric Pelco ...)
-	TODO: check
+	NOT-FOR-US: Schneider Electric
 CVE-2015-0981 (The SOAP web interface in SCADA Engine BACnet OPC Server before ...)
 	TODO: check
 CVE-2015-0980 (Format string vulnerability in BACnOPCServer.exe in the SOAP web ...)

More information about the Secure-testing-commits mailing list