[Git][security-tracker-team/security-tracker][master] new snort issue, one from the BTS and on further digging several further were...

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Apr 19 12:20:44 BST 2022



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ca6b38c5 by Moritz Muehlenhoff at 2022-04-19T13:20:32+02:00
new snort issue, one from the BTS and on further digging several further were hiding in Cisco entries

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,7 @@
+CVE-2022-XXXX [snort privilege escalation due to insecure use of logrotate]
+	- snort <unfixed> (bug #1009820)
+	[bullseye] - snort <no-dsa> (Minor issue)
+	[buster] - snort <no-dsa> (Minor issue)
 CVE-2022-29502
 	RESERVED
 CVE-2022-29501
@@ -42174,7 +42178,8 @@ CVE-2021-40116 (Multiple Cisco products are affected by a vulnerability in Snort
 CVE-2021-40115 (A vulnerability in Cisco Webex Video Mesh could allow an unauthenticat ...)
 	NOT-FOR-US: Cisco
 CVE-2021-40114 (Multiple Cisco products are affected by a vulnerability in the way the ...)
-	NOT-FOR-US: Cisco
+	- snort <unfixed>
+	NOTE: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-dos-s2R7W9UU
 CVE-2021-40113 (Multiple vulnerabilities in the web-based management interface of the  ...)
 	NOT-FOR-US: Cisco
 CVE-2021-40112 (Multiple vulnerabilities in the web-based management interface of the  ...)
@@ -55254,7 +55259,8 @@ CVE-2021-34751
 CVE-2021-34750
 	RESERVED
 CVE-2021-34749 (A vulnerability in Server Name Identification (SNI) request filtering  ...)
-	NOT-FOR-US: Cisco
+	- snort <unfixed>
+	NOTE: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sni-data-exfil-mFgzXqLN
 CVE-2021-34748 (A vulnerability in the web-based management interface of Cisco Intersi ...)
 	NOT-FOR-US: Cisco
 CVE-2021-34747
@@ -99554,7 +99560,8 @@ CVE-2021-1497 (Multiple vulnerabilities in the web-based management interface of
 CVE-2021-1496 (Multiple vulnerabilities in the install, uninstall, and upgrade proces ...)
 	NOT-FOR-US: Cisco
 CVE-2021-1495 (Multiple Cisco products are affected by a vulnerability in the Snort d ...)
-	NOT-FOR-US: Cisco
+	- snort <unfixed>
+	NOTE: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-fp-bp-KfDdcQhc
 CVE-2021-1494
 	RESERVED
 CVE-2021-1493 (A vulnerability in the web services interface of Cisco Adaptive Securi ...)
@@ -100081,7 +100088,8 @@ CVE-2021-1238 (Multiple vulnerabilities in the web-based management interface of
 CVE-2021-1237 (A vulnerability in the Network Access Manager and Web Security Agent c ...)
 	NOT-FOR-US: Cisco
 CVE-2021-1236 (Multiple Cisco products are affected by a vulnerability in the Snort a ...)
-	NOT-FOR-US: Cisco
+	- snort 2.9.15.1-1
+	NOTE: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-app-bypass-cSBYCATq
 CVE-2021-1235 (A vulnerability in the CLI of Cisco SD-WAN vManage Software could allo ...)
 	NOT-FOR-US: Cisco
 CVE-2021-1234
@@ -100105,9 +100113,11 @@ CVE-2021-1226 (A vulnerability in the audit logging component of Cisco Unified C
 CVE-2021-1225 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
 	NOT-FOR-US: Cisco
 CVE-2021-1224 (Multiple Cisco products are affected by a vulnerability with TCP Fast  ...)
-	NOT-FOR-US: Cisco
+	- snort <unfixed>
+	NOTE: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-tfo-bypass-MmzZrtes
 CVE-2021-1223 (Multiple Cisco products are affected by a vulnerability in the Snort d ...)
-	NOT-FOR-US: Cisco
+	- snort <unfixed>
+	NOTE: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-filepolbypass-67DEwMe2
 CVE-2021-1222 (A vulnerability in the web-based management interface of Cisco Smart S ...)
 	NOT-FOR-US: Cisco
 CVE-2021-1221 (A vulnerability in the user interface of Cisco Webex Meetings and Cisc ...)
@@ -166740,7 +166750,8 @@ CVE-2020-3317 (A vulnerability in the ssl_inspection component of Cisco Firepowe
 CVE-2020-3316
 	RESERVED
 CVE-2020-3315 (Multiple Cisco products are affected by a vulnerability in the Snort d ...)
-	NOT-FOR-US: Cisco
+	- snort <unfixed>
+	NOTE: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort_filepolbypass-m4X5DgOP
 CVE-2020-3314 (A vulnerability in the file scan process of Cisco AMP for Endpoints Ma ...)
 	NOT-FOR-US: Cisco
 CVE-2020-3313 (A vulnerability in the web UI of Cisco Firepower Management Center (FM ...)
@@ -166772,7 +166783,8 @@ CVE-2020-3301 (Multiple vulnerabilities in Cisco Firepower Management Center (FM
 CVE-2020-3300
 	RESERVED
 CVE-2020-3299 (Multiple Cisco products are affected by a vulnerability in the Snort d ...)
-	NOT-FOR-US: Cisco
+	- snort 2.9.15.1-1
+	NOTE: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-bypass-3eCfd24j
 CVE-2020-3298 (A vulnerability in the Open Shortest Path First (OSPF) implementation  ...)
 	NOT-FOR-US: Cisco
 CVE-2020-3297 (A vulnerability in session management for the web-based interface of C ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ca6b38c50cf804deac2a831e7fba67a01cf9da51

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ca6b38c50cf804deac2a831e7fba67a01cf9da51
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220419/e191c831/attachment.htm>


More information about the debian-security-tracker-commits mailing list