[Secure-testing-commits] r56890 - data/CVE

Raphael Geissert geissert at moszumanska.debian.org
Fri Oct 20 15:12:40 UTC 2017 

Author: geissert
Date: 2017-10-20 15:12:39 +0000 (Fri, 20 Oct 2017)
New Revision: 56890

Modified:
   data/CVE/list
Log:
NFUs, webmin


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-10-20 13:13:16 UTC (rev 56889)
+++ data/CVE/list	2017-10-20 15:12:39 UTC (rev 56890)
@@ -35,23 +35,23 @@
 CVE-2017-15652
 	RESERVED
 CVE-2017-15651 (PRTG Network Monitor 17.3.33.2830 allows remote authenticated ...)
-	TODO: check
+	NOT-FOR-US: PRTG Network Monitor
 CVE-2017-15649 (net/packet/af_packet.c in the Linux kernel before 4.13.6 allows local ...)
 	- linux <unfixed>
 	NOTE: Fixed by: https://git.kernel.org/linus/008ba2a13f2d04c947adc536d19debb8fe66f110
 	NOTE: Fixed by: https://git.kernel.org/linus/4971613c1639d8e5f102c4e797c3bf8f83a5a69e
 CVE-2017-15648 (In PHPSUGAR PHP Melody before 2.7.3, page_manager.php has XSS via the ...)
-	TODO: check
+	NOT-FOR-US: PHPSUGAR PHP Melody
 CVE-2017-15647 (On FiberHome routers, Directory Traversal exists in /cgi-bin/webproc ...)
-	TODO: check
+	NOT-FOR-US: On FiberHome
 CVE-2017-15646 (Webmin before 1.860 has XSS with resultant remote code execution. Under ...)
-	TODO: check
+	- webmin <removed>
 CVE-2017-15645 (CSRF exists in Webmin 1.850. By sending a GET request to ...)
-	TODO: check
+	- webmin <removed>
 CVE-2017-15644 (SSRF exists in Webmin 1.850 via the PATH_INFO to tunnel/link.cgi, as ...)
-	TODO: check
+	- webmin <removed>
 CVE-2017-15643 (An active network attacker (MiTM) can achieve remote code execution on ...)
-	TODO: check
+	NOT-FOR-US: IKARUS Anti Virus
 CVE-2017-15650 (musl libc before 1.1.17 has a buffer overflow via crafted DNS replies ...)
 	- musl 1.1.17-1
 	NOTE: https://git.musl-libc.org/cgit/musl/patch/?id=45ca5d3fcb6f874bf5ba55d0e9651cef68515395
@@ -4512,11 +4512,11 @@
 CVE-2017-14020
 	RESERVED
 CVE-2017-14019 (An Unquoted Search Path or Element issue was discovered in Progea ...)
-	TODO: check
+	NOT-FOR-US: Progea Movicon
 CVE-2017-14018
 	RESERVED
 CVE-2017-14017 (An Uncontrolled Search Path Element issue was discovered in Progea ...)
-	TODO: check
+	NOT-FOR-US: Progea Movicon
 CVE-2017-14016
 	RESERVED
 CVE-2017-14015
@@ -13486,7 +13486,7 @@
 CVE-2017-10934
 	RESERVED
 CVE-2017-10933 (All versions prior to V2.06.00.00 of ZTE ZXDT22 SF01, an monitoring ...)
-	TODO: check
+	NOT-FOR-US: ZTE ZXDT22 SF01
 CVE-2017-10932 (All versions prior to V12.17.20 of the ZTE Microwave NR8000 series ...)
 	NOT-FOR-US: ZTE Microwave
 CVE-2017-10931 (The ZXR10 1800-2S before v3.00.40 incorrectly restricts the download ...)

More information about the Secure-testing-commits mailing list