[Secure-testing-commits] r49756 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Sat Mar 18 09:10:12 UTC 2017 

Author: sectracker
Date: 2017-03-18 09:10:12 +0000 (Sat, 18 Mar 2017)
New Revision: 49756

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-03-18 07:32:15 UTC (rev 49755)
+++ data/CVE/list	2017-03-18 09:10:12 UTC (rev 49756)
@@ -1,3 +1,9 @@
+CVE-2017-7176
+	RESERVED
+CVE-2017-7175
+	RESERVED
+CVE-2017-7174 (The user-account creation feature in Chef Manage 2.1.0 through 2.4.4 ...)
+	TODO: check
 CVE-2017-7173
 	RESERVED
 CVE-2017-7172
@@ -8728,38 +8734,38 @@
 	RESERVED
 CVE-2017-3882
 	RESERVED
-CVE-2017-3881
-	RESERVED
-CVE-2017-3880
-	RESERVED
-CVE-2017-3879
-	RESERVED
-CVE-2017-3878
-	RESERVED
-CVE-2017-3877
-	RESERVED
+CVE-2017-3881 (A vulnerability in the Cisco Cluster Management Protocol (CMP) ...)
+	TODO: check
+CVE-2017-3880 (An Authentication Bypass vulnerability in Cisco WebEx Meetings Server ...)
+	TODO: check
+CVE-2017-3879 (A Denial of Service vulnerability in the remote login functionality for ...)
+	TODO: check
+CVE-2017-3878 (A Denial of Service vulnerability in the Telnet remote login ...)
+	TODO: check
+CVE-2017-3877 (A vulnerability in the web framework of Cisco Unified Communications ...)
+	TODO: check
 CVE-2017-3876
 	RESERVED
-CVE-2017-3875
-	RESERVED
-CVE-2017-3874
-	RESERVED
+CVE-2017-3875 (An Access-Control Filtering Mechanisms Bypass vulnerability in certain ...)
+	TODO: check
+CVE-2017-3874 (A vulnerability in the web framework of Cisco Unified Communications ...)
+	TODO: check
 CVE-2017-3873
 	RESERVED
-CVE-2017-3872
-	RESERVED
-CVE-2017-3871
-	RESERVED
-CVE-2017-3870
-	RESERVED
-CVE-2017-3869
-	RESERVED
-CVE-2017-3868
-	RESERVED
-CVE-2017-3867
-	RESERVED
-CVE-2017-3866
-	RESERVED
+CVE-2017-3872 (A cross-site scripting (XSS) filter bypass vulnerability in the ...)
+	TODO: check
+CVE-2017-3871 (A RADIUS Secret Disclosure vulnerability in the web network management ...)
+	TODO: check
+CVE-2017-3870 (A vulnerability in the URL filtering feature of Cisco AsyncOS Software ...)
+	TODO: check
+CVE-2017-3869 (An API Credentials Management vulnerability in the APIs for Cisco Prime ...)
+	TODO: check
+CVE-2017-3868 (A vulnerability in the web-based management interface of Cisco UCS ...)
+	TODO: check
+CVE-2017-3867 (A vulnerability in the Border Gateway Protocol (BGP) Bidirectional ...)
+	TODO: check
+CVE-2017-3866 (A vulnerability in the web framework code of Cisco Prime Service ...)
+	TODO: check
 CVE-2017-3865
 	RESERVED
 CVE-2017-3864
@@ -8860,16 +8866,16 @@
 	RESERVED
 CVE-2017-3816
 	RESERVED
-CVE-2017-3815
-	RESERVED
+CVE-2017-3815 (An API Privilege vulnerability in Cisco TelePresence Server Software ...)
+	TODO: check
 CVE-2017-3814 (A vulnerability in Cisco Firepower System Software could allow an ...)
 	NOT-FOR-US: Cisco Firepower System Software
 CVE-2017-3813 (A vulnerability in the Start Before Logon (SBL) module of Cisco ...)
 	NOT-FOR-US: Cisco
 CVE-2017-3812 (A vulnerability in the implementation of Common Industrial Protocol ...)
 	NOT-FOR-US:  Cisco Industrial Ethernet 2000 Series Switches
-CVE-2017-3811
-	RESERVED
+CVE-2017-3811 (An XML External Entity vulnerability in Cisco WebEx Meetings Server ...)
+	TODO: check
 CVE-2017-3810 (A vulnerability in the web framework of Cisco Prime Service Catalog ...)
 	NOT-FOR-US: Cisco Prime Service Catalog
 CVE-2017-3809 (A vulnerability in the Policy deployment module of the Cisco Firepower ...)
@@ -12309,7 +12315,7 @@
 CVE-2017-2657
 	RESERVED
 CVE-2017-2656
-	RESERVED
+	REJECTED
 CVE-2017-2655
 	RESERVED
 CVE-2017-2654
@@ -20593,6 +20599,7 @@
 CVE-2016-8715 (An exploitable heap corruption vulnerability exists in the loadTrailer ...)
 	NOT-FOR-US: Iceni Argus
 CVE-2016-8714 (An exploitable buffer overflow vulnerability exists in the ...)
+	{DLA-861-1}
 	- r-base 3.3.3-1 (bug #857466)
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0227/
 CVE-2016-8713 (A remote out of bound write / memory corruption vulnerability exists ...)
@@ -22925,7 +22932,7 @@
 	NOT-FOR-US: Microsoft
 CVE-2017-0039 (Microsoft Windows Vista SP2 and Server 2008 SP2 mishandle dynamic link ...)
 	NOT-FOR-US: Microsoft
-CVE-2017-0038 (gdi32.dll in Graphics Device Interface (GDI) in Microsoft Windows Vista ...)
+CVE-2017-0038 (gdi32.dll in Graphics Device Interface (GDI) in Microsoft Windows ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-0037 (Microsoft Internet Explorer 10 and 11 and Microsoft Edge have a type ...)
 	NOT-FOR-US: Microsoft

More information about the Secure-testing-commits mailing list