[Secure-testing-commits] r32788 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Wed Mar 11 12:52:12 UTC 2015 

Author: carnil
Date: 2015-03-11 12:52:12 +0000 (Wed, 11 Mar 2015)
New Revision: 32788

Modified:
   data/CVE/list
Log:
Process NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-03-11 12:44:04 UTC (rev 32787)
+++ data/CVE/list	2015-03-11 12:52:12 UTC (rev 32788)
@@ -57,11 +57,11 @@
 CVE-2015-2245
 	RESERVED
 CVE-2015-2244 (Multiple cross-site scripting (XSS) vulnerabilities in Webshop hun ...)
-	TODO: check
+	NOT-FOR-US: Webshop hun
 CVE-2015-2243 (Directory traversal vulnerability in Webshop hun 1.062S allows remote ...)
-	TODO: check
+	NOT-FOR-US: Webshop hun
 CVE-2015-2242 (Multiple SQL injection vulnerabilities in Webshop hun 1.062S allow ...)
-	TODO: check
+	NOT-FOR-US: Webshop hun
 CVE-2015-XXXX [several security vulnerabilities and network packets can terminate the connection]
 	- armagetronad <unfixed> (bug #780178)
 CVE-2015-XXXX [use after free in phar_object.c]
@@ -108,7 +108,7 @@
 CVE-2015-2236
 	RESERVED
 CVE-2015-2235 (Secure Transport in Apple iOS through 8.1.3, Apple OS X through ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2015-2234
 	RESERVED
 CVE-2015-2233
@@ -150,7 +150,7 @@
 CVE-2015-2215 (Open redirect vulnerability in the Services single sign-on server ...)
 	TODO: check
 CVE-2015-2214 (NetCat 5.01 and earlier allows remote attackers to obtain the ...)
-	TODO: check
+	NOT-FOR-US: NetCat CMS
 CVE-2015-2213
 	RESERVED
 CVE-2015-2212
@@ -264,7 +264,7 @@
 CVE-2015-2178
 	RESERVED
 CVE-2015-2177 (Siemens SIMATIC S7-300 CPU devices allow remote attackers to cause a ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2015-2176
 	RESERVED
 CVE-2015-2175
@@ -468,17 +468,17 @@
 CVE-2015-2098
 	RESERVED
 CVE-2015-2097 (Multiple buffer overflows in WebGate Embedded Standard Protocol (WESP) ...)
-	TODO: check
+	NOT-FOR-US: WESP SDK
 CVE-2015-2096 (Use-after-free vulnerability in the Connect function in the ...)
-	TODO: check
+	NOT-FOR-US: WebGate eDVR Manager
 CVE-2015-2095 (Heap-based buffer overflow in the SetConnectInfo function in the ...)
-	TODO: check
+	NOT-FOR-US: WebGate eDVR Manager
 CVE-2015-2094 (Stack-based buffer overflow in the WESPPlayback.WESPPlaybackCtrl.1 ...)
-	TODO: check
+	NOT-FOR-US: WebGate WinRDS
 CVE-2015-2093 (Stack-based buffer overflow in the Connect function in the WebGate ...)
-	TODO: check
+	NOT-FOR-US: WebGate WEbEyeAudio ActiveX control
 CVE-2015-2092 (The AnnotationX.AnnList.1 ActiveX control in Agilent Technologies ...)
-	TODO: check
+	NOT-FOR-US: Agilent Technologies Feature Extraction
 CVE-2015-2090 (SQL injection vulnerability in the ajax_survey function in ...)
 	NOT-FOR-US: ajax_survey function in settings.php in the WordPress Survey and Poll plugin for WordPress
 CVE-2015-2089 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
@@ -576,7 +576,7 @@
 CVE-2015-2062
 	RESERVED
 CVE-2015-2061 (Heap-based buffer overflow in the browser plugin for PTC Creo View ...)
-	TODO: check
+	NOT-FOR-US: PTC Creo View
 CVE-2015-2057
 	RESERVED
 CVE-2015-2056
@@ -1463,7 +1463,7 @@
 CVE-2015-1638
 	RESERVED
 CVE-2015-1637 (Schannel (aka Secure Channel) in Microsoft Windows Server 2003 SP2, ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2015-1636
 	RESERVED
 CVE-2015-1635
@@ -1529,7 +1529,7 @@
 CVE-2015-1601
 	RESERVED
 CVE-2015-1599 (The Siemens SPCanywhere application for iOS allows physically ...)
-	TODO: check
+	NOT-FOR-US: Siemens SPCanywhere application for iOS
 CVE-2015-1598 (The Siemens SPCanywhere application for Android does not properly ...)
 	NOT-FOR-US: Siemens SPCanywhere application for Android
 CVE-2015-1597 (The Siemens SPCanywhere application for Android does not use ...)
@@ -1539,7 +1539,7 @@
 CVE-2015-1595 (The Siemens SPCanywhere application for Android and iOS does not use ...)
 	NOT-FOR-US: Siemens SPCanywhere application for Android
 CVE-2015-1594 (Untrusted search path vulnerability in Siemens SIMATIC ProSave before ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2013-7427
 	RESERVED
 CVE-2012-6688
@@ -1907,7 +1907,7 @@
 CVE-2015-1484
 	RESERVED
 CVE-2015-1483 (Symantec NetBackup OpsCenter 7.6.0.2 through 7.6.1 on Linux and UNIX ...)
-	TODO: check
+	NOT-FOR-US: Symantec NetBackup OpsCenter
 CVE-2014-9676 (The seg_write_packet function in libavformat/segment.c in ffmpeg 2.1.4 ...)
 	- ffmpeg <not-affected> (Vulnerable code not present in a ffmpeg version in the archive)
 	- libav 6:11.2-1
@@ -4179,7 +4179,7 @@
 CVE-2015-0888 (KENT-WEB Clip Board before 4.1 allows remote attackers to delete ...)
 	NOT-FOR-US: KENT-WEB Clip Board
 CVE-2015-0887 (npppd in the PPP Access Concentrator (PPPAC) on SEIL SEIL/x86 Fuji ...)
-	TODO: check
+	NOT-FOR-US: SEIL routers
 CVE-2015-0886 (Integer overflow in the crypt_raw method in the key-stretching ...)
 	- libjbcrypt-java <unfixed> (bug #780102)
 	[squeeze] - libjbcrypt-java <no-dsa> (Minor issue)
@@ -4679,15 +4679,15 @@
 CVE-2015-0662
 	RESERVED
 CVE-2015-0661 (The SNMPv2 implementation in Cisco IOS XR allows remote authenticated ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2015-0660
 	RESERVED
 CVE-2015-0659 (The Autonomic Networking Infrastructure (ANI) implementation in Cisco ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2015-0658
 	RESERVED
 CVE-2015-0657 (Cisco IOS XR allows remote attackers to cause a denial of service ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2015-0656 (Cross-site scripting (XSS) vulnerability in the login page in Cisco ...)
 	NOT-FOR-US: Cisco NAM
 CVE-2015-0655 (Cross-site scripting (XSS) vulnerability in Unified Web Interaction ...)
@@ -4787,7 +4787,7 @@
 CVE-2015-0608 (Race condition in the Measurement, Aggregation, and Correlation Engine ...)
 	NOT-FOR-US: Cisco
 CVE-2015-0607 (The Authentication Proxy feature in Cisco IOS does not properly handle ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2015-0606 (The IOS Shell in Cisco IOS allows local users to cause a denial of ...)
 	NOT-FOR-US: Cisco
 CVE-2015-0605 (The uuencode inspection engine in Cisco AsyncOS on Cisco Email ...)
@@ -4805,7 +4805,7 @@
 CVE-2015-0599 (The web interface in Cisco Integrated Management Controller in Cisco ...)
 	NOT-FOR-US: Cisco
 CVE-2015-0598 (The RADIUS implementation in Cisco IOS and IOS XE allows remote ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2015-0597 (The Forgot Password feature in Cisco WebEx Meetings Server 1.5(.1.131) ...)
 	NOT-FOR-US: Cisco
 CVE-2015-0596 (Cross-site request forgery (CSRF) vulnerability in Cisco WebEx ...)
@@ -6091,7 +6091,7 @@
 CVE-2014-9370
 	RESERVED
 CVE-2014-9369 (Siemens SPC controllers SPC4000, SPC5000, and SPC6000 before 3.6.0 ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2014-9368 (Cross-site request forgery (CSRF) vulnerability in the twitterDash ...)
 	NOT-FOR-US: WordPress plugin twitterDash
 CVE-2014-9367 (Incomplete blacklist vulnerability in the urlEncode function in ...)
@@ -25565,7 +25565,7 @@
 CVE-2014-2131 (The packet driver in Cisco IOS allows remote attackers to cause a ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2014-2130 (Cisco Secure Access Control Server (ACS) provides an unintentional ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2014-2129 (The SIP inspection engine in Cisco Adaptive Security Appliance (ASA) ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance
 CVE-2014-2128 (The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) ...)

More information about the Secure-testing-commits mailing list