[Git][security-tracker-team/security-tracker][master] Add CVE-2023-38336/netkit-rsh

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b5c2a6de by Salvatore Bonaccorso at 2023-07-15T10:21:38+02:00
Add CVE-2023-38336/netkit-rsh

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9,7 +9,7 @@ CVE-2023-38349 (PNP4Nagios through 81ebfc5 lacks CSRF protection in the AJAX con
 CVE-2023-38337 (rswag before 2.10.1 allows remote attackers to read arbitrary JSON and ...)
 	TODO: check
 CVE-2023-38336 (netkit-rcp in rsh-client 0.17-24 allows command injection via filename ...)
-	TODO: check
+	- netkit-rsh <unfixed> (bug #1039689)
 CVE-2023-37794 (WAYOS FBM-291W 19.09.11V was discovered to contain a command injection ...)
 	NOT-FOR-US: WAYOS
 CVE-2023-37793 (WAYOS FBM-291W 19.09.11V was discovered to contain a buffer overflow v ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b5c2a6de6310e8af69d8c9de3e8bf4e0308f2bff

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b5c2a6de6310e8af69d8c9de3e8bf4e0308f2bff
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230715/93d33c43/attachment-0001.htm>