Author: federico-guest
Date: 2011-10-16 19:04:00 +0000 (Sun, 16 Oct 2011)
New Revision: 17437
Modified:
bin/apt-update-file
data/CVE/list
Log:
NFUs
Modified: bin/apt-update-file
===================================================================
--- bin/apt-update-file 2011-10-16 17:08:49 UTC (rev 17436)
+++ bin/apt-update-file 2011-10-16 19:04:00 UTC (rev 17437)
@@ -1,7 +1,6 @@
#!/usr/bin/python
# This script is mainly used to demo the updateFile function.
-
import os
import os.path
import string
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-10-16 17:08:49 UTC (rev 17436)
+++ data/CVE/list 2011-10-16 19:04:00 UTC (rev 17437)
@@ -420,13 +420,13 @@
CVE-2011-3980 (Unspecified vulnerability in the Drag Drop Mass Upload ...)
TODO: check
CVE-2011-3979 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Zikula Application Framework
CVE-2011-3978 (Multiple cross-site scripting (XSS) vulnerabilities in
LightNEasy.php ...)
- TODO: check
+ NOT-FOR-US: LightNEasy
CVE-2011-3977 (Unspecified vulnerability in nxconfigure.sh in NoMachine NX
Node 3.x ...)
TODO: check
CVE-2011-3976 (Stack-based buffer overflow in AmmSoft ScriptFTP 3.3 allows
remote FTP ...)
- TODO: check
+ NOT-FOR-US: AmmSoft ScriptFTP
CVE-2011-3975 (A certain HTC update for Android 2.3.4 build GRJ22, when the
Sense ...)
NOT-FOR-US: HTC Android
CVE-2011-3974 (Integer signedness error in the decode_residual_inter function
in ...)
@@ -1034,27 +1034,27 @@
CVE-2011-3695 (111WebCalendar 1.2.3 allows remote attackers to obtain
sensitive ...)
NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3694 (The Server Administration Console in NetSaro Enterprise
Messenger ...)
- TODO: check
+ NOT-FOR-US: NetSaro Enterprise Messenger
CVE-2011-3693 (NetSaro Enterprise Messenger Server 2.0 allows local users to
discover ...)
- TODO: check
+ NOT-FOR-US: NetSaro Enterprise Messenger
CVE-2011-3692 (NetSaro Enterprise Messenger Server 2.0 stores cleartext
console ...)
- TODO: check
+ NOT-FOR-US: NetSaro Enterprise Messenger
CVE-2011-3691 (Untrusted search path vulnerability in Foxit Reader before
5.0.2.0718 ...)
- TODO: check
+ NOT-FOR-US: Foxit Reader
CVE-2011-3690 (Untrusted search path vulnerability in PlotSoft PDFill PDF
Editor 8.0 ...)
- TODO: check
+ NOT-FOR-US: PlotSoft PDFill PDF Editor
CVE-2011-3689 (Cross-site scripting (XSS) vulnerability in Licenses.html in
...)
- TODO: check
+ NOT-FOR-US: Wibu-Systems CodeMeter WebAdmin
CVE-2011-3688 (Multiple SQL injection vulnerabilities in Sonexis
ConferenceManager ...)
- TODO: check
+ NOT-FOR-US: Sonexis ConferenceManager
CVE-2011-3687 (Multiple cross-site scripting (XSS) vulnerabilities in Sonexis
...)
- TODO: check
+ NOT-FOR-US: Sonexis ConferenceManager
CVE-2011-3686 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: Sonexis ConferenceManager
CVE-2011-3685 (Tembria Server Monitor before 6.0.5 Build 2252 uses a
substitution ...)
- TODO: check
+ NOT-FOR-US: Tembria Server Monitor
CVE-2011-3684 (Multiple cross-site scripting (XSS) vulnerabilities in Tembria
Server ...)
- TODO: check
+ NOT-FOR-US: Tembria Server Monitor
CVE-2011-3683
RESERVED
CVE-2011-3682
@@ -1132,7 +1132,7 @@
CVE-2011-3646
RESERVED
CVE-2011-3645 (Newgen OmniDocs allows remote attackers to bypass intended
access ...)
- TODO: check
+ NOT-FOR-US: Newgen OmniDocs
CVE-2010-4841 (Multiple cross-site scripting (XSS) vulnerabilities in
ManageEngine ...)
TODO: check
CVE-2010-4840 (Multiple buffer overflows in the Syslog server in ManageEngine
...)
@@ -1623,29 +1623,29 @@
CVE-2011-3438
RESERVED
CVE-2011-3437 (Integer signedness error in Apple Type Services (ATS) in Apple
Mac OS ...)
- TODO: check
+ NOT-FOR-US: Apple Type Services (ATS) in Apple Mac OS
CVE-2011-3436 (Open Directory in Apple Mac OS X 10.7 before 10.7.2 does not
require a ...)
- TODO: check
+ NOT-FOR-US: Open Directory in Apple Mac OS
CVE-2011-3435 (Open Directory in Apple Mac OS X 10.7 before 10.7.2 allows
local users ...)
- TODO: check
+ NOT-FOR-US: Open Directory in Apple Mac OS
CVE-2011-3434 (The WiFi component in Apple iOS before 5 stores WiFi
credentials in an ...)
- TODO: check
+ NOT-FOR-US: WiFi component in Apple iOS
CVE-2011-3433
RESERVED
CVE-2011-3432 (The UIKit Alerts component in Apple iOS before 5 allows remote
...)
- TODO: check
+ NOT-FOR-US: UIKit Alerts component in Apple iOS
CVE-2011-3431 (The Home screen component in Apple iOS before 5 does not
properly ...)
- TODO: check
+ NOT-FOR-US: Home screen component in Apple iOS
CVE-2011-3430 (The Settings component in Apple iOS before 5, when a
configuration ...)
- TODO: check
+ NOT-FOR-US: Apple iOS
CVE-2011-3429 (The Settings component in Apple iOS before 5 stores a cleartext
...)
- TODO: check
+ NOT-FOR-US: Apple iOS
CVE-2011-3428
RESERVED
CVE-2011-3427 (The Data Security component in Apple iOS before 5 and Apple TV
before ...)
- TODO: check
+ NOT-FOR-US: Apple iOS
CVE-2011-3426 (Cross-site scripting (XSS) vulnerability in Safari in Apple iOS
before ...)
- TODO: check
+ NOT-FOR-US: Apple iOS
CVE-2011-3425
RESERVED
CVE-2011-3424 (Session fixation vulnerability in the Managed File Transfer
server in ...)
@@ -2030,25 +2030,25 @@
CVE-2011-3306
RESERVED
CVE-2011-3305 (Directory traversal vulnerability in Cisco Network Admission
Control ...)
- TODO: check
+ NOT-FOR-US: Cisco Network Admission Control
CVE-2011-3304 (Cisco Adaptive Security Appliances (ASA) 5500 series devices,
and the ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-3303 (Cisco Adaptive Security Appliances (ASA) 5500 series devices,
and the ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-3302 (Cisco Adaptive Security Appliances (ASA) 5500 series devices,
and the ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-3301 (Cisco Adaptive Security Appliances (ASA) 5500 series devices,
and the ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-3300 (Cisco Adaptive Security Appliances (ASA) 5500 series devices,
and the ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-3299 (Cisco Adaptive Security Appliances (ASA) 5500 series devices,
and the ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-3298 (Cisco Adaptive Security Appliances (ASA) 5500 series devices,
and the ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-3297 (Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21),
3.2 ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-3296 (Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21),
3.2 ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-3295
RESERVED
CVE-2011-3294
@@ -2060,13 +2060,13 @@
CVE-2011-3291
RESERVED
CVE-2011-3290 (Cisco Identity Services Engine (ISE) before 1.0.4.MR2 has
default ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-3289
RESERVED
CVE-2011-3288 (Cisco Unified Presence before 8.5(4) does not properly detect
...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-3287 (Cisco Jabber Extensible Communications Platform (aka Jabber
XCP) 2.x ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-3286
RESERVED
CVE-2011-3285
@@ -2076,31 +2076,31 @@
CVE-2011-3283
RESERVED
CVE-2011-3282 (Unspecified vulnerability in Cisco IOS 12.2SRE before
12.2(33)SRE4, ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-3281 (Unspecified vulnerability in Cisco IOS 15.0 through 15.1, in
certain ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-3280 (Memory leak in the NAT implementation in Cisco IOS 12.1 through
12.4 ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-3279 (The provider-edge MPLS NAT implementation in Cisco IOS 12.1
through ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-3278 (Unspecified vulnerability in the NAT implementation in Cisco
IOS 12.1 ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-3277 (Unspecified vulnerability in the NAT implementation in Cisco
IOS 12.1 ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-3276 (Unspecified vulnerability in the NAT implementation in Cisco
IOS 12.1 ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-3275 (Memory leak in Cisco IOS 12.4, 15.0, and 15.1, and IOS XE 2.5.x
...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-3274 (Unspecified vulnerability in Cisco IOS 12.2SRE before
12.2(33)SRE4, ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-3273 (Memory leak in Cisco IOS 15.0 through 15.1, when IPS or
Zone-Based ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-3272 (The IP Service Level Agreement (IP SLA) functionality in Cisco
IOS ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-3271 (Unspecified vulnerability in the Smart Install functionality in
Cisco ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-3270 (Unspecified vulnerability in Cisco IOS 12.2SB before
12.2(33)SB10 and ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2011-3269
RESERVED
CVE-2011-3268 (Buffer overflow in the crypt function in PHP before 5.3.7
allows ...)
@@ -2133,25 +2133,25 @@
- xen 4.1.1-1
- xen-3 <removed>
CVE-2011-3261 (Double free vulnerability in OfficeImport in Apple iOS before 5
allows ...)
- TODO: check
+ NOT-FOR-US: Apple iOS
CVE-2011-3260 (Buffer overflow in OfficeImport in Apple iOS before 5 allows
remote ...)
- TODO: check
+ NOT-FOR-US: Apple iOS
CVE-2011-3259 (The kernel in Apple iOS before 5 and Apple TV before 4.4 does
not ...)
- TODO: check
+ NOT-FOR-US: Apple iOS
CVE-2011-3258
RESERVED
CVE-2011-3257 (The Data Access component in Apple iOS before 5 does not
properly ...)
- TODO: check
+ NOT-FOR-US: Apple iOS
CVE-2011-3256 (FreeType in CoreGraphics in Apple iOS before 5 allows remote
attackers ...)
- TODO: check
+ NOT-FOR-US: Apple iOS
CVE-2011-3255 (CFNetwork in Apple iOS before 5 stores AppleID credentials in
an ...)
- TODO: check
+ NOT-FOR-US: Apple iOS
CVE-2011-3254 (Cross-site scripting (XSS) vulnerability in Calendar in Apple
iOS ...)
- TODO: check
+ NOT-FOR-US: Apple iOS
CVE-2011-3253 (CalDAV in Apple iOS before 5 does not validate X.509
certificates for ...)
- TODO: check
+ NOT-FOR-US: Apple iOS
CVE-2011-3252 (Buffer overflow in CoreAudio, as used in Apple iTunes before
10.5, ...)
- TODO: check
+ NOT-FOR-US: Apple iTunes
CVE-2011-3251
RESERVED
CVE-2011-3250
@@ -2163,9 +2163,9 @@
CVE-2011-3247
RESERVED
CVE-2011-3246 (CFNetwork in Apple iOS before 5 and Mac OS X 10.7 before 10.7.2
does ...)
- TODO: check
+ NOT-FOR-US: Apple iOS
CVE-2011-3245 (The Keyboards component in Apple iOS before 5 displays the
final ...)
- TODO: check
+ NOT-FOR-US: Apple iOS
CVE-2011-3244 (WebKit, as used in Apple iTunes before 10.5, allows
man-in-the-middle ...)
- chromium-browser <undetermined>
- webkit <undetermined>
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
