Author: sectracker
Date: 2017-03-03 21:10:12 +0000 (Fri, 03 Mar 2017)
New Revision: 49397
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-03-03 20:52:56 UTC (rev 49396)
+++ data/CVE/list 2017-03-03 21:10:12 UTC (rev 49397)
@@ -1,3 +1,11 @@
+CVE-2017-6450
+ RESERVED
+CVE-2017-6449
+ RESERVED
+CVE-2017-6448
+ RESERVED
+CVE-2017-6447
+ RESERVED
CVE-2017-6446
RESERVED
CVE-2017-6445
@@ -1630,28 +1638,22 @@
- irssi 1.0.1-1 (unimportant)
NOTE: Patch:
https://github.com/irssi/irssi/pull/619/commits/677fb1f55ca52d0e43c93f7d8361d333ff5bffd6
NOTE: CVE Request:
http://www.openwall.com/lists/oss-security/2017/02/05/8
-CVE-2016-10206
- RESERVED
+CVE-2016-10206 (Cross-site request forgery (CSRF) vulnerability in Zoneminder
1.30 and ...)
- zoneminder <unfixed> (bug #854272)
[jessie] - zoneminder <no-dsa> (Minor issue)
-CVE-2016-10205
- RESERVED
+CVE-2016-10205 (Session fixation vulnerability in Zoneminder 1.30 and earlier
allows ...)
- zoneminder <unfixed> (bug #854272)
[jessie] - zoneminder <no-dsa> (Minor issue)
-CVE-2016-10204
- RESERVED
+CVE-2016-10204 (SQL injection vulnerability in Zoneminder 1.30 and earlier
allows ...)
- zoneminder <unfixed> (bug #854272)
[jessie] - zoneminder <no-dsa> (Minor issue)
-CVE-2016-10203
- RESERVED
+CVE-2016-10203 (Cross-site scripting (XSS) vulnerability in Zoneminder 1.30
and ...)
- zoneminder <unfixed> (bug #854272)
[jessie] - zoneminder <no-dsa> (Minor issue)
-CVE-2016-10202
- RESERVED
+CVE-2016-10202 (Cross-site scripting (XSS) vulnerability in Zoneminder 1.30
and ...)
- zoneminder <unfixed> (bug #854272)
[jessie] - zoneminder <no-dsa> (Minor issue)
-CVE-2016-10201
- RESERVED
+CVE-2016-10201 (Cross-site scripting (XSS) vulnerability in Zoneminder 1.30
and ...)
- zoneminder <unfixed> (bug #854272)
[jessie] - zoneminder <no-dsa> (Minor issue)
CVE-2016-10208 (The ext4_fill_super function in fs/ext4/super.c in the Linux
kernel ...)
@@ -1684,12 +1686,12 @@
RESERVED
CVE-2017-5868
RESERVED
-CVE-2017-5867
- RESERVED
-CVE-2017-5866
- RESERVED
-CVE-2017-5865
- RESERVED
+CVE-2017-5867 (ownCloud Server before 8.1.11, 8.2.x before 8.2.9, 9.0.x before
9.0.7, ...)
+ TODO: check
+CVE-2017-5866 (The autocomplete feature in the E-Mail share dialog in ownCloud
Server ...)
+ TODO: check
+CVE-2017-5865 (The password reset functionality in ownCloud Server before
8.1.11, ...)
+ TODO: check
CVE-2017-5864
RESERVED
CVE-2017-5863
@@ -1704,20 +1706,17 @@
RESERVED
CVE-2017-5858 (An incorrect implementation of "XEP-0280: Message
Carbons" in multiple ...)
NOT-FOR-US: converse.js
-CVE-2017-5836 [issue in plist_free_data plist.c:185]
- RESERVED
+CVE-2017-5836 (The plist_free_data function in plist.c in libplist allows
attackers ...)
- libplist <unfixed> (bug #854000)
[wheezy] - libplist <no-dsa> (pointers are not incorrectly freed and
non-string key nodes are officially allowed)
NOTE: https://github.com/libimobiledevice/libplist/issues/86
NOTE: http://www.openwall.com/lists/oss-security/2017/01/31/6
-CVE-2017-5835 [memory allocation error in plist_from_bin]
- RESERVED
+CVE-2017-5835 (libplist allows attackers to cause a denial of service (large
memory ...)
{DLA-840-1}
- libplist <unfixed> (bug #854000)
NOTE: https://github.com/libimobiledevice/libplist/issues/88
NOTE: http://www.openwall.com/lists/oss-security/2017/01/31/6
-CVE-2017-5834 [heap-buffer-overflow in parse_dict_node]
- RESERVED
+CVE-2017-5834 (The parse_dict_node function in bplist.c in libplist allows
attackers ...)
{DLA-840-1}
- libplist <unfixed> (bug #854000)
NOTE: https://github.com/libimobiledevice/libplist/issues/89
@@ -2169,11 +2168,9 @@
NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/19
NOTE:
http://git.qemu.org/?p=qemu.git;a=commit;h=765a707000e838c30b18d712fe6cb3dd8e0435f3
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1418342
-CVE-2016-10193
- RESERVED
+CVE-2016-10193 (The espeak-ruby gem before 1.0.3 for Ruby allows remote
attackers to ...)
NOT-FOR-US: espeak-ruby Ruby gem
-CVE-2016-10194
- RESERVED
+CVE-2016-10194 (The festivaltts4r gem for Ruby allows remote attackers to
execute ...)
NOT-FOR-US: festivaltts4r
CVE-2017-XXXX [podofo: NULL pointer dereference in PdfInfo::GuessFormat
(pdfinfo.cpp)]
- libpodofo <unfixed> (bug #854605)
@@ -2222,17 +2219,13 @@
CVE-2017-5850
RESERVED
NOT-FOR-US: OpenBSD httpd
-CVE-2017-5833
- RESERVED
+CVE-2017-5833 (Cross-site scripting (XSS) vulnerability in the invocation code
...)
NOT-FOR-US: Revive Adserver
-CVE-2017-5832
- RESERVED
+CVE-2017-5832 (Cross-site scripting (XSS) vulnerability in Revive Adserver
before ...)
NOT-FOR-US: Revive Adserver
-CVE-2017-5831
- RESERVED
+CVE-2017-5831 (Session fixation vulnerability in the forgot password mechanism
in ...)
NOT-FOR-US: Revive Adserver
-CVE-2017-5830
- RESERVED
+CVE-2017-5830 (Revive Adserver before 4.0.1 allows remote attackers to execute
...)
NOT-FOR-US: Revive Adserver
CVE-2017-5675
RESERVED
@@ -2688,8 +2681,8 @@
NOT-FOR-US: Citrix
CVE-2017-5572 (An issue was discovered in Linux Foundation xapi in Citrix
XenServer ...)
NOT-FOR-US: Citrix
-CVE-2017-5571
- RESERVED
+CVE-2017-5571 (Open redirect vulnerability in the lmadmin component in Flexera
...)
+ TODO: check
CVE-2017-5570 (An issue was discovered in eClinicalWorks Patient Portal 7.0
build 13. ...)
NOT-FOR-US: eClinicalWorks
CVE-2017-5569 (An issue was discovered in eClinicalWorks Patient Portal 7.0
build 13. ...)
@@ -2808,23 +2801,19 @@
NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1020601
NOTE: Fixed by:
https://github.com/systemd/systemd/commit/06eeacb6fe029804f296b065b3ce91e796e1cd0e
(v229)
NOTE: Introduced by:
https://github.com/systemd/systemd/commit/ee735086f8670be1591fa9593e80dd60163a7a2f
(v228)
-CVE-2017-5616 [Reflected XSS vulnerability]
- RESERVED
+CVE-2017-5616 (Cross-site scripting (XSS) vulnerability in cgiemail and
cgiecho ...)
- cgiemail <removed> (bug #852031)
[jessie] - cgiemail <no-dsa> (Will be removed in next point update)
NOTE: http://www.openwall.com/lists/oss-security/2017/01/20/6
-CVE-2017-5615 [SEC-215 HTTP header injection]
- RESERVED
+CVE-2017-5615 (cgiemail and cgiecho allow remote attackers to inject HTTP
headers via ...)
- cgiemail <removed> (bug #852031)
[jessie] - cgiemail <no-dsa> (Will be removed in next point update)
NOTE: http://www.openwall.com/lists/oss-security/2017/01/20/6
-CVE-2017-5614 [SEC-214 Open redirect]
- RESERVED
+CVE-2017-5614 (Open redirect vulnerability in cgiemail and cgiecho allows
remote ...)
- cgiemail <removed> (bug #852031)
[jessie] - cgiemail <no-dsa> (Will be removed in next point update)
NOTE: http://www.openwall.com/lists/oss-security/2017/01/20/6
-CVE-2017-5613 [SEC-212 Format string injection]
- RESERVED
+CVE-2017-5613 (Format string vulnerability in cgiemail and cgiecho allows
remote ...)
- cgiemail <removed> (bug #852031)
[jessie] - cgiemail <no-dsa> (Will be removed in next point update)
NOTE: http://www.openwall.com/lists/oss-security/2017/01/20/6
@@ -3534,8 +3523,7 @@
NOTE: http://www.openwall.com/lists/oss-security/2017/01/14/1
NOTE: https://wpvulndb.com/vulnerabilities/8721
NOTE:
https://github.com/WordPress/WordPress/commit/cea9e2dc62abf777e06b12ec4ad9d1aaa49b29f4
-CVE-2017-5356 [Irssi out of bounds read in format string]
- RESERVED
+CVE-2017-5356 (Irssi before 0.8.21 allows remote attackers to cause a denial
of ...)
- irssi 0.8.21-1 (low)
[jessie] - irssi <no-dsa> (Minor issue)
[wheezy] - irssi <no-dsa> (Minor issue)
@@ -3886,8 +3874,7 @@
NOT-FOR-US: Splunk
CVE-2016-10125 (D-Link DGS-1100 devices with Rev.B firmware 1.01.018 have a
hardcoded ...)
NOT-FOR-US: D-Link
-CVE-2016-10127 [XML external entity attack]
- RESERVED
+CVE-2016-10127 (PySAML2 allows remote attackers to conduct XML external entity
(XXE) ...)
- python-pysaml2 <unfixed>
NOTE: https://github.com/rohe/pysaml2/issues/366
NOTE: A proper fix for this issue would be to fix the underlying issue
in src:libxml2
@@ -3982,32 +3969,28 @@
NOT-FOR-US: Open Enterprise Server
CVE-2017-5181
RESERVED
-CVE-2017-5196 [Out of bounds read in certain incomplete character sequences]
- RESERVED
+CVE-2017-5196 (Irssi 0.8.18 before 0.8.21 allows remote attackers to cause a
denial ...)
- irssi 0.8.21-1 (bug #850403)
[jessie] - irssi <not-affected> (Affects only 0.8.18 and later)
[wheezy] - irssi <not-affected> (Affects only 0.8.18 and later)
NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/2
NOTE:
https://github.com/irssi/irssi/commit/6c6c42e3d1b49d90aacc0b67f8540471cae02a1d
NOTE: https://irssi.org/security/irssi_sa_2017_01.txt
-CVE-2017-5195 [Out of bounds read in certain incomplete control codes]
- RESERVED
+CVE-2017-5195 (Irssi 0.8.17 before 0.8.21 allows remote attackers to cause a
denial ...)
- irssi 0.8.21-1 (bug #850403)
[jessie] - irssi 0.8.17-1+deb8u3
[wheezy] - irssi <not-affected> (Affects only 0.8.17 and later)
NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/2
NOTE:
https://github.com/irssi/irssi/commit/6c6c42e3d1b49d90aacc0b67f8540471cae02a1d
NOTE: https://irssi.org/security/irssi_sa_2017_01.txt
-CVE-2017-5194 [Use after free when receiving invalid nick message]
- RESERVED
+CVE-2017-5194 (Use-after-free vulnerability in Irssi before 0.8.21 allows
remote ...)
- irssi 0.8.21-1 (bug #850403)
[jessie] - irssi 0.8.17-1+deb8u3
[wheezy] - irssi <no-dsa> (Minor issue)
NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/2
NOTE:
https://github.com/irssi/irssi/commit/6c6c42e3d1b49d90aacc0b67f8540471cae02a1d
NOTE: https://irssi.org/security/irssi_sa_2017_01.txt
-CVE-2017-5193 [NULL pointer dereference in the nickcmp function]
- RESERVED
+CVE-2017-5193 (The nickcmp function in Irssi before 0.8.21 allows remote
attackers to ...)
- irssi 0.8.21-1 (bug #850403)
[jessie] - irssi 0.8.17-1+deb8u3
[wheezy] - irssi <no-dsa> (Minor issue)
@@ -11369,8 +11352,8 @@
RESERVED
CVE-2017-2291
RESERVED
-CVE-2017-2290
- RESERVED
+CVE-2017-2290 (On Windows installations of the mcollective-puppet-agent
plugin, ...)
+ TODO: check
CVE-2017-2289
RESERVED
CVE-2017-2288
@@ -16486,8 +16469,7 @@
NOTE: https://github.com/ImageMagick/ImageMagick/issues/131
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/f3b483e8b054c50149912523b4773687e18afe25
NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10070 [mat file out of bound]
- RESERVED
+CVE-2016-10070 (Heap-based buffer overflow in the CalcMinMax function in
coders/mat.c ...)
{DSA-3726-1 DLA-756-1}
- imagemagick 8:6.9.6.2+dfsg-2 (bug #845246)
NOTE: https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1545366
@@ -16536,14 +16518,12 @@
- imagemagick 8:6.9.6.2+dfsg-2 (bug #845213)
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/0474237508f39c4f783208123431815f1ededb76
NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10066
- RESERVED
+CVE-2016-10066 (Buffer overflow in the ReadVIFFImage function in coders/viff.c
in ...)
{DSA-3726-1 DLA-756-1}
- imagemagick 8:6.9.6.2+dfsg-2 (bug #845213)
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/0474237508f39c4f783208123431815f1ededb76
NOTE: http://www.openwall.com/lists/oss-security/2016/12/20/3
-CVE-2016-10065 [Fix out of bound read in viff file handling]
- RESERVED
+CVE-2016-10065 (The ReadVIFFImage function in coders/viff.c in ImageMagick
before ...)
{DSA-3726-1 DLA-756-1}
- imagemagick 8:6.9.6.2+dfsg-2 (bug #845212)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/129
@@ -16573,8 +16553,7 @@
NOTE: 4e914bbe371433f0590cefdf3bd5f3a5710069f9 upstream. It is not the
same
NOTE: as the fputc issue in ReadGROUP4Image.
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/41e955984b034777903cfa61e500a0b922eb9cbd
-CVE-2016-10061
- RESERVED
+CVE-2016-10061 (The ReadGROUP4Image function in coders/tiff.c in ImageMagick
before ...)
{DSA-3726-1 DLA-756-1}
- imagemagick 8:6.9.6.2+dfsg-2 (bug #845196)
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/4e914bbe371433f0590cefdf3bd5f3a5710069f9
@@ -20457,8 +20436,8 @@
RESERVED
CVE-2016-8237
RESERVED
-CVE-2016-8236
- RESERVED
+CVE-2016-8236 (Reset to default settings may occur in Lenovo ThinkServer TSM
RD350, ...)
+ TODO: check
CVE-2016-8235
RESERVED
CVE-2016-8234
@@ -21683,14 +21662,13 @@
CVE-2016-7973 (The AppleTalk parser in tcpdump before 4.9.0 has a buffer
overflow in ...)
{DSA-3775-1 DLA-809-1}
- tcpdump 4.9.0-1
-CVE-2016-7972
- RESERVED
+CVE-2016-7972 (The check_allocations function in libass/ass_shaper.c in libass
before ...)
{DLA-668-1}
- libass 0.13.4-1
[jessie] - libass <no-dsa> (Minor issue)
NOTE:
https://github.com/libass/libass/pull/240/commits/aa54e0b59200a994d50a346b5d7ac818ebcf2d4b
CVE-2016-7971
- RESERVED
+ REJECTED
- libass <unfixed> (bug #840338; unimportant)
NOTE: The "third issue" is the DoS issue as per
https://github.com/libass/libass/pull/240 with
NOTE: "id:000248,sig:11,src:004326,op:havoc,rep:16" which does not have
fix upstream
@@ -21700,15 +21678,13 @@
NOTE: it would have been compiled with ASAN.
NOTE: Only leads to a crash when compiled with ASAN, otherwise takes a
long time,
NOTE: but still finished parsing the input.
-CVE-2016-7970
- RESERVED
+CVE-2016-7970 (Buffer overflow in the calc_coeff function in libass/ass_blur.c
in ...)
- libass 0.13.4-1
[jessie] - libass <not-affected> (Vulnerable code introduced later)
[wheezy] - libass <not-affected> (Vulnerable code first introduced in
July 2015)
NOTE: Fixed by:
https://github.com/libass/libass/pull/240/commits/08e754612019ed84d1db0d1fc4f5798248decd75
NOTE: Vulnerable function calc_coeff introduced in:
https://github.com/libass/libass/commit/d787615845d78d8f8e6d1a4ffc3dc3eecd8a92f6
(0.13.0)
-CVE-2016-7969
- RESERVED
+CVE-2016-7969 (The wrap_lines_smart function in ass_render.c in libass before
0.13.4 ...)
{DLA-668-1}
- libass 0.13.4-1
[jessie] - libass <no-dsa> (Minor issue)
@@ -23158,26 +23134,22 @@
NOTE:
https://sourceforge.net/p/libdwarf/code/ci/e12f6c0b69c20f58dccc4505309cf7f974c34dc2
NOTE: with final fix/follow up:
https://sourceforge.net/p/libdwarf/code/ci/3767305debcba8bd7e1c483ae48c509d25399252
NOTE: Introduced by (as confirmed by upstream):
https://sourceforge.net/p/libdwarf/code/ci/b446e23dc21704ccd3b76d8945aaf39e4aca8c27
-CVE-2016-7409
- RESERVED
+CVE-2016-7409 (The dbclient and server in Dropbear SSH before 2016.74, when
compiled ...)
- dropbear 2016.74-1 (unimportant)
NOTE: https://secure.ucc.asn.au/hg/dropbear/rev/6a14b1f6dc04
NOTE: Not an issue for the the Debian binary package since we do not
NOTE: compile with DEBUG_TRACE.
-CVE-2016-7408
- RESERVED
+CVE-2016-7408 (The dbclient in Dropbear SSH before 2016.74 allows remote
attackers to ...)
- dropbear 2016.74-1
[jessie] - dropbear <no-dsa> (Minor issue)
[wheezy] - dropbear <not-affected> (Vulnerable code not present)
NOTE: https://secure.ucc.asn.au/hg/dropbear/rev/eed9376a4ad6
-CVE-2016-7407
- RESERVED
+CVE-2016-7407 (The dropbearconvert command in Dropbear SSH before 2016.74
allows ...)
{DLA-634-1}
- dropbear 2016.74-1
[jessie] - dropbear <no-dsa> (Minor issue)
NOTE: https://secure.ucc.asn.au/hg/dropbear/rev/34e6127ef02e
-CVE-2016-7406
- RESERVED
+CVE-2016-7406 (Format string vulnerability in Dropbear SSH before 2016.74
allows ...)
{DLA-634-1}
- dropbear 2016.74-1
[jessie] - dropbear <no-dsa> (Minor issue)
@@ -25497,16 +25469,13 @@
CVE-2016-6885 (The pstm_exptmod function in MatrixSSL before 3.8.4 allows
remote ...)
- matrixssl <removed>
[wheezy] - matrixssl <end-of-life> (not supported in Wheezy)
-CVE-2016-6884 [Access Violation on Malicious TLS Record]
- RESERVED
+CVE-2016-6884 (TLS cipher suites with CBC mode in TLS 1.1 and 1.2 in MatrixSSL
before ...)
- matrixssl <removed>
[wheezy] - matrixssl <end-of-life> (not supported in Wheezy)
-CVE-2016-6883 [Side Channel Vulnerability on RSA Cipher Suites]
- RESERVED
+CVE-2016-6883 (MatrixSSL before 3.8.3 configured with RSA Cipher Suites allows
remote ...)
- matrixssl <removed>
[wheezy] - matrixssl <end-of-life> (not supported in Wheezy)
-CVE-2016-6882 [Validation of RSA Signature Creation]
- RESERVED
+CVE-2016-6882 (MatrixSSL before 3.8.7, when the DHE_RSA based cipher suite is
...)
- matrixssl <removed>
[wheezy] - matrixssl <end-of-life> (not supported in Wheezy)
CVE-2016-6635 (Cross-site request forgery (CSRF) vulnerability in the ...)
@@ -37131,8 +37100,8 @@
NOT-FOR-US: BlackBerry
CVE-2016-3128 (A spoofing vulnerability in the Core of BlackBerry Enterprise
Server ...)
NOT-FOR-US: BlackBerry
-CVE-2016-3127
- RESERVED
+CVE-2016-3127 (An information disclosure vulnerability in the logging
implementation ...)
+ TODO: check
CVE-2016-3126 (Cross-site scripting (XSS) vulnerability in the Management
Console in ...)
NOT-FOR-US: BlackBerry
CVE-2016-3123
@@ -39566,10 +39535,10 @@
- linux 4.4.2-1
- linux-2.6 <removed>
NOTE: Fixed by:
https://git.kernel.org/linus/e50293ef9775c5f1cf3fcc093037dd6a8c5684ea (v4.4-rc6)
-CVE-2015-8815
- RESERVED
-CVE-2015-8814
- RESERVED
+CVE-2015-8815 (Multiple cross-site scripting (XSS) vulnerabilities in Umbraco
before ...)
+ TODO: check
+CVE-2015-8814 (Umbraco before 7.4.0 allows remote attackers to bypass
anti-forgery ...)
+ TODO: check
CVE-2016-2392 (The is_rndis function in the USB Net device emulator ...)
- qemu 1:2.6+dfsg-1 (bug #815008)
[jessie] - qemu <no-dsa> (Minor issue)
@@ -40139,8 +40108,7 @@
NOT-FOR-US: HP LaserJet Printers
CVE-2016-2243 (Sure Start on HP Commercial PCs 2015 allows local users to
cause a ...)
NOT-FOR-US: HP Commercial PCs with Sure Start
-CVE-2015-8813
- RESERVED
+CVE-2015-8813 (The Page_Load function in ...)
NOT-FOR-US: Umbraco
CVE-2015-8812 (drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel
before 4.5 ...)
{DSA-3503-1 DLA-439-1}
@@ -64058,8 +64026,7 @@
RESERVED
CVE-2015-2878
RESERVED
-CVE-2015-2877 [Cross-VM ASL INtrospection (CAIN)]
- RESERVED
+CVE-2015-2877 (** DISPUTED ** Kernel Samepage Merging (KSM) in the Linux
kernel ...)
- linux <unfixed> (unimportant)
- linux-2.6 <removed> (unimportant)
NOTE:
https://www.usenix.org/conference/woot15/workshop-program/presentation/barresi
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
