[Secure-testing-commits] r52918 - data/CVE

Mon Jun 26 09:10:13 UTC 2017

Author: sectracker
Date: 2017-06-26 09:10:13 +0000 (Mon, 26 Jun 2017)
New Revision: 52918

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2017-06-26 08:40:31 UTC (rev 52917)
+++ data/CVE/list	2017-06-26 09:10:13 UTC (rev 52918)
@@ -1,3 +1,123 @@
+CVE-2017-9932
+	RESERVED
+CVE-2017-9931
+	RESERVED
+CVE-2017-9930
+	RESERVED
+CVE-2017-9929 (In lrzip 0.631, a stack buffer overflow was found in the function ...)
+	TODO: check
+CVE-2017-9928 (In lrzip 0.631, a stack buffer overflow was found in the function ...)
+	TODO: check
+CVE-2017-9927
+	RESERVED
+CVE-2017-9926
+	RESERVED
+CVE-2017-9925
+	RESERVED
+CVE-2017-9924
+	RESERVED
+CVE-2017-9923
+	RESERVED
+CVE-2017-9922
+	RESERVED
+CVE-2017-9921
+	RESERVED
+CVE-2017-9920
+	RESERVED
+CVE-2017-9919
+	RESERVED
+CVE-2017-9918
+	RESERVED
+CVE-2017-9917
+	RESERVED
+CVE-2017-9916
+	RESERVED
+CVE-2017-9915
+	RESERVED
+CVE-2017-9914
+	RESERVED
+CVE-2017-9913
+	RESERVED
+CVE-2017-9912
+	RESERVED
+CVE-2017-9911
+	RESERVED
+CVE-2017-9910
+	RESERVED
+CVE-2017-9909
+	RESERVED
+CVE-2017-9908
+	RESERVED
+CVE-2017-9907
+	RESERVED
+CVE-2017-9906
+	RESERVED
+CVE-2017-9905
+	RESERVED
+CVE-2017-9904
+	RESERVED
+CVE-2017-9903
+	RESERVED
+CVE-2017-9902
+	RESERVED
+CVE-2017-9901
+	RESERVED
+CVE-2017-9900
+	RESERVED
+CVE-2017-9899
+	RESERVED
+CVE-2017-9898
+	RESERVED
+CVE-2017-9897
+	RESERVED
+CVE-2017-9896
+	RESERVED
+CVE-2017-9895
+	RESERVED
+CVE-2017-9894
+	RESERVED
+CVE-2017-9893
+	RESERVED
+CVE-2017-9892
+	RESERVED
+CVE-2017-9891
+	RESERVED
+CVE-2017-9890
+	RESERVED
+CVE-2017-9889
+	RESERVED
+CVE-2017-9888
+	RESERVED
+CVE-2017-9887
+	RESERVED
+CVE-2017-9886
+	RESERVED
+CVE-2017-9885
+	RESERVED
+CVE-2017-9884
+	RESERVED
+CVE-2017-9883
+	RESERVED
+CVE-2017-9882
+	RESERVED
+CVE-2017-9881
+	RESERVED
+CVE-2017-9880
+	RESERVED
+CVE-2017-9879
+	RESERVED
+CVE-2017-9878
+	RESERVED
+CVE-2017-9877
+	RESERVED
+CVE-2017-9876
+	RESERVED
+CVE-2017-9875
+	RESERVED
+CVE-2017-9874
+	RESERVED
+CVE-2017-9873
+	RESERVED
 CVE-2017-9872 (The III_dequantize_sample function in layer3.c in mpglib, as used in ...)
 	TODO: check
 CVE-2017-9871 (The III_i_stereo function in layer3.c in mpglib, as used in ...)
@@ -1958,8 +2078,8 @@
 CVE-2017-9616 (In Wireshark 2.2.7, overly deep mp4 chunks may cause stack exhaustion ...)
 	- wireshark <unfixed> (low)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13777
-CVE-2017-9615
-	RESERVED
+CVE-2017-9615 (Password exposure in Cognito Software Moneyworks 8.0.3 and earlier ...)
+	TODO: check
 CVE-2017-9614
 	RESERVED
 CVE-2017-9613 (Stored Cross-site scripting (XSS) vulnerability in SAP SuccessFactors ...)
@@ -2343,8 +2463,8 @@
 	NOTE: https://irssi.org/security/irssi_sa_2017_06.txt
 CVE-2017-9467
 	RESERVED
-CVE-2017-9466
-	RESERVED
+CVE-2017-9466 (The executable httpd on the TP-Link WR841N V8 router before ...)
+	TODO: check
 CVE-2017-9465 (The yr_arena_write_data function in YARA 3.6.1 allows remote attackers ...)
 	- yara <unfixed> (low; bug #864517)
 	[stretch] - yara <no-dsa> (Minor issue)
@@ -4288,6 +4408,7 @@
 CVE-2017-8850 (An issue was discovered on OnePlus One, X, 2, 3, and 3T devices. Due to ...)
 	NOT-FOR-US: OnePlus One
 CVE-2017-8849 (smb4k before 2.0.1 allows local users to gain root privileges by ...)
+	{DLA-1002-1}
 	- smb4k 1.2.1-2 (bug #862505)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/10/3
 	NOTE: https://www.kde.org/info/security/advisory-20170510-2.txt
@@ -8342,8 +8463,8 @@
 	NOT-FOR-US: Intellinet NFC-30ir IP Camera
 CVE-2017-7460
 	RESERVED
-CVE-2017-7459
-	RESERVED
+CVE-2017-7459 (ntopng before 3.0 allows HTTP Response Splitting. ...)
+	TODO: check
 CVE-2017-7458
 	RESERVED
 CVE-2017-7457 (XML External Entity via ".AOP" files used by Moxa MX-AOPC Server 1.5 ...)
@@ -8444,8 +8565,8 @@
 	NOTE: https://github.com/proftpd/proftpd/commit/f59593e6ff730b832dbe8754916cb5c821db579f
 CVE-2017-7417
 	RESERVED
-CVE-2017-7416
-	RESERVED
+CVE-2017-7416 (ntopng before 3.0 allows XSS because GET and POST parameters are ...)
+	TODO: check
 CVE-2017-7415 (Atlassian Confluence 6.x before 6.0.7 allows remote attackers to bypass ...)
 	NOT-FOR-US: Atlassian Confluence
 CVE-2016-10318 (A missing authorization check in the fscrypt_process_policy function in ...)
@@ -10601,8 +10722,8 @@
 	NOT-FOR-US: Cisco
 CVE-2017-6679
 	RESERVED
-CVE-2017-6678
-	RESERVED
+CVE-2017-6678 (A vulnerability in the ingress UDP packet processing functionality of ...)
+	TODO: check
 CVE-2017-6677
 	RESERVED
 CVE-2017-6676
@@ -10619,8 +10740,8 @@
 	NOT-FOR-US: Cisco
 CVE-2017-6670 (A vulnerability in the web-based GUI of Cisco Unified Communications ...)
 	NOT-FOR-US: Cisco
-CVE-2017-6669
-	RESERVED
+CVE-2017-6669 (Multiple buffer overflow vulnerabilities exist in the Cisco WebEx ...)
+	TODO: check
 CVE-2017-6668 (Vulnerabilities in the web-based GUI of Cisco Unified Communications ...)
 	NOT-FOR-US: Cisco
 CVE-2017-6667 (A vulnerability in the update process for the dynamic JAR file of the ...)
@@ -10633,8 +10754,8 @@
 	RESERVED
 CVE-2017-6663
 	RESERVED
-CVE-2017-6662
-	RESERVED
+CVE-2017-6662 (A vulnerability in the web-based user interface of Cisco Prime ...)
+	TODO: check
 CVE-2017-6661 (A vulnerability in the web-based management interface of Cisco Email ...)
 	NOT-FOR-US: Cisco
 CVE-2017-6660
@@ -80603,17 +80724,17 @@
 	- macchanger 1.7.0-5.3 (bug #774898)
 	[wheezy] - macchanger <no-dsa> (Minor issue)
 	[squeeze] - macchanger <no-dsa> (Minor issue)
-CVE-2015-9101
+CVE-2015-9101 (The fill_buffer_resample function in util.c in libmp3lame.a in LAME ...)
 	- lame 3.99.5+repack1-6 (bug #777161)
 	[wheezy] - lame 3.99.5+repack1-3+deb7u1
 	[squeeze] - lame <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/12/8
-CVE-2015-9100
+CVE-2015-9100 (The fill_buffer_resample function in util.c in libmp3lame.a in LAME ...)
 	- lame 3.99.5+repack1-6 (bug #777160)
 	[wheezy] - lame 3.99.5+repack1-3+deb7u1
 	[squeeze] - lame <no-dsa> (minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/12/8
-CVE-2015-9099
+CVE-2015-9099 (The lame_init_params function in lame.c in libmp3lame.a in LAME 3.99.5 ...)
 	- lame 3.99.5+repack1-6 (bug #775959)
 	[wheezy] - lame 3.99.5+repack1-3+deb7u1
 	[squeeze] - lame <no-dsa> (Minor issue)


