Author: sectracker Date: 2017-07-17 21:10:14 +0000 (Mon, 17 Jul 2017) New Revision: 53593
Modified: data/CVE/list Log: automatic update Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-07-17 20:56:56 UTC (rev 53592) +++ data/CVE/list 2017-07-17 21:10:14 UTC (rev 53593) @@ -1,3 +1,75 @@ +CVE-2017-11399 (Integer overflow in the ape_decode_frame function in ...) + TODO: check +CVE-2017-11398 + RESERVED +CVE-2017-11397 + RESERVED +CVE-2017-11396 + RESERVED +CVE-2017-11395 + RESERVED +CVE-2017-11394 + RESERVED +CVE-2017-11393 + RESERVED +CVE-2017-11392 + RESERVED +CVE-2017-11391 + RESERVED +CVE-2017-11390 + RESERVED +CVE-2017-11389 + RESERVED +CVE-2017-11388 + RESERVED +CVE-2017-11387 + RESERVED +CVE-2017-11386 + RESERVED +CVE-2017-11385 + RESERVED +CVE-2017-11384 + RESERVED +CVE-2017-11383 + RESERVED +CVE-2017-11382 + RESERVED +CVE-2017-11381 + RESERVED +CVE-2017-11380 + RESERVED +CVE-2017-11379 + RESERVED +CVE-2017-11378 + RESERVED +CVE-2017-11377 + RESERVED +CVE-2017-11376 + RESERVED +CVE-2017-11375 + RESERVED +CVE-2017-11374 + RESERVED +CVE-2017-11373 + RESERVED +CVE-2017-11372 + RESERVED +CVE-2017-11371 + RESERVED +CVE-2017-11370 + RESERVED +CVE-2017-11369 + RESERVED +CVE-2017-11368 + RESERVED +CVE-2017-11367 (The shoco_decompress function in the API in shoco through 2017-07-17 ...) + TODO: check +CVE-2017-11366 + RESERVED +CVE-2017-11365 + RESERVED +CVE-2017-11364 + RESERVED CVE-2017-11363 RESERVED CVE-2017-11362 (In PHP 7.x before 7.0.21 and 7.1.x before 7.1.7, ...) @@ -6,8 +78,8 @@ - php5 <removed> NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73473 NOTE: Fixed in 7.1.7, 7.0.21 -CVE-2017-11361 - RESERVED +CVE-2017-11361 (Inteno routers have a JUCI ACL misconfiguration that allows the "user" ...) + TODO: check CVE-2017-11360 (The ReadRLEImage function in coders\rle.c in ImageMagick 7.0.6-1 has a ...) - imagemagick 8:6.9.7.4+dfsg-12 (bug #867808) NOTE: https://github.com/ImageMagick/ImageMagick/issues/518 @@ -788,10 +860,10 @@ RESERVED CVE-2017-11129 RESERVED -CVE-2017-11128 - RESERVED -CVE-2017-11127 - RESERVED +CVE-2017-11128 (Bolt CMS 3.2.14 allows stored XSS via text input, as demonstrated by ...) + TODO: check +CVE-2017-11127 (Bolt CMS 3.2.14 allows stored XSS by uploading an SVG document with a ...) + TODO: check CVE-2017-11126 (The III_i_stereo function in libmpg123/layer3.c in mpg123 through ...) - mpg123 <unfixed> (unimportant) NOTE: no security impact @@ -1134,81 +1206,71 @@ NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2405 NOTE: http://marc.info/?l=sqlite-users&m=149933696214713&w=2 CVE-2017-10988 [Decode 'signed' attributes correctly] - RESERVED + REJECTED - freeradius <unfixed> [jessie] - freeradius <not-affected> (Only affects 3.x series) [wheezy] - freeradius <not-affected> (Only affects 3.x series) NOTE: http://freeradius.org/security/fuzzer-2017.html#FR-GV-305 NOTE: https://github.com/FreeRADIUS/freeradius-server/commit/de3b3b2e4153db26442facbd5e9b268a3bf795ba -CVE-2017-10987 [DHCP - Buffer over-read in fr_dhcp_decode_suboptions()] - RESERVED +CVE-2017-10987 (An FR-GV-304 issue in FreeRADIUS 3.x before 3.0.15 allows "DHCP - ...) - freeradius <unfixed> [jessie] - freeradius <not-affected> (Only affects 3.x series) [wheezy] - freeradius <not-affected> (Only affects 3.x series) NOTE: http://freeradius.org/security/fuzzer-2017.html#FR-GV-304 NOTE: https://github.com/FreeRADIUS/freeradius-server/commit/19a18bf7c8af649c9e9742fb6a046f6aff639866 -CVE-2017-10986 [DHCP - Infinite read in dhcp_attr2vp()] - RESERVED +CVE-2017-10986 (An FR-GV-303 issue in FreeRADIUS 3.x before 3.0.15 allows "DHCP - ...) - freeradius <unfixed> [jessie] - freeradius <not-affected> (Only affects 3.x series) [wheezy] - freeradius <not-affected> (Only affects 3.x series) NOTE: http://freeradius.org/security/fuzzer-2017.html#FR-GV-303 NOTE: https://github.com/FreeRADIUS/freeradius-server/commit/21e2e95751bfb54c0fb0328392d06671a75c191c -CVE-2017-10985 [Infinite loop and memory exhaustion with 'concat' attributes] - RESERVED +CVE-2017-10985 (An FR-GV-302 issue in FreeRADIUS 3.x before 3.0.15 allows "Infinite ...) - freeradius <unfixed> [jessie] - freeradius <not-affected> (Only affects 3.x series) [wheezy] - freeradius <not-affected> (Only affects 3.x series) NOTE: http://freeradius.org/security/fuzzer-2017.html#FR-GV-302 NOTE: https://github.com/FreeRADIUS/freeradius-server/commit/6726c16549b131ed39f6f8886cdf5d9d922a9a97 -CVE-2017-10984 [Write overflow in data2vp_wimax()] - RESERVED +CVE-2017-10984 (An FR-GV-301 issue in FreeRADIUS 3.x before 3.0.15 allows "Write ...) - freeradius <unfixed> [jessie] - freeradius <not-affected> (Only affects 3.x series) [wheezy] - freeradius <not-affected> (Only affects 3.x series) NOTE: http://freeradius.org/security/fuzzer-2017.html#FR-GV-301 NOTE: https://github.com/FreeRADIUS/freeradius-server/commit/931850e5d2f65193520c2d9c9878148c0cdc16a6 NOTE: https://github.com/FreeRADIUS/freeradius-server/commit/4b059296e14b6ab75dc17163077490528a819806 -CVE-2017-10983 [DHCP - Read overflow when decoding option 63] - RESERVED +CVE-2017-10983 (An FR-GV-206 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before ...) - freeradius <unfixed> NOTE: http://freeradius.org/security/fuzzer-2017.html#FR-GV-206 NOTE: 2.x: https://github.com/FreeRADIUS/freeradius-server/commit/ec08b30f87066f82073d02fab57e8ffeef81373d NOTE: 3.x: https://github.com/FreeRADIUS/freeradius-server/commit/5759b20af99af6d30924f0efd8da5eac2a17163d -CVE-2017-10982 [DHCP - Read overflow in fr_dhcp_decode_options()] - RESERVED +CVE-2017-10982 (An FR-GV-205 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - ...) - freeradius 3.0.12+dfsg-3 NOTE: http://freeradius.org/security/fuzzer-2017.html#FR-GV-205 NOTE: https://github.com/FreeRADIUS/freeradius-server/commit/10b6de9345c9e0d9d4d5e0426fa5c3d68d702875 NOTE: Mark as fixed in 3.0.12+dfsg-3 the first 3.x version in unstable NOTE: This is not fully technically correct, the issue affects only the 2.x NOTE: series but not 3.x. -CVE-2017-10981 [DHCP - Memory leak in fr_dhcp_decode()] - RESERVED +CVE-2017-10981 (An FR-GV-204 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - ...) - freeradius 3.0.12+dfsg-3 NOTE: http://freeradius.org/security/fuzzer-2017.html#FR-GV-204 NOTE: https://github.com/FreeRADIUS/freeradius-server/commit/812766e2150faa07b4c574e51393b014feaffe6c NOTE: Mark as fixed in 3.0.12+dfsg-3 the first 3.x version in unstable NOTE: This is not fully technically correct, the issue affects only the 2.x NOTE: series but not 3.x. -CVE-2017-10980 [DHCP - Memory leak in decode_tlv()] - RESERVED +CVE-2017-10980 (An FR-GV-203 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - ...) - freeradius 3.0.12+dfsg-3 NOTE: http://freeradius.org/security/fuzzer-2017.html#FR-GV-203 NOTE: https://github.com/FreeRADIUS/freeradius-server/commit/ef0727fc68e211a36637b5c4e4a6fa1326f0a029 NOTE: Mark as fixed in 3.0.12+dfsg-3 the first 3.x version in unstable NOTE: This is not fully technically correct, the issue affects only the 2.x NOTE: series but not 3.x. -CVE-2017-10979 [Write overflow in rad_coalesce] - RESERVED +CVE-2017-10979 (An FR-GV-202 issue in FreeRADIUS 2.x before 2.2.10 allows "Write ...) - freeradius 3.0.12+dfsg-3 NOTE: http://freeradius.org/security/fuzzer-2017.html#FR-GV-202 NOTE: https://github.com/FreeRADIUS/freeradius-server/commit/ae3ba0011e7d299e92c45300e0137a56a650e8f5 NOTE: Mark as fixed in 3.0.12+dfsg-3 the first 3.x version in unstable NOTE: This is not fully technically correct, the issue affects only the 2.x NOTE: series but not 3.x. -CVE-2017-10978 [Read / write overflow in make_secret()] - RESERVED +CVE-2017-10978 (An FR-GV-201 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before ...) - freeradius <unfixed> NOTE: http://freeradius.org/security/fuzzer-2017.html#FR-GV-201 NOTE: 2.x: https://github.com/FreeRADIUS/freeradius-server/commit/38ee90f2a5a28dc5887a30bdfdc98109c0418e68 @@ -2543,12 +2605,14 @@ NOTE: script used in some embedded product relying on BOA as webserver. NOTE: I asked Mitre to reject the CVE. -- Raphael Hertzog CVE-2017-9832 (An integer overflow vulnerability in ptp-pack.c (ptp_unpack_OPL ...) + {DLA-1029-1} - libmtp 1.1.13-1 [jessie] - libmtp <no-dsa> (Minor issue; can be fixed in a point release) NOTE: https://sourceforge.net/p/libmtp/mailman/message/35729062/ NOTE: https://sourceforge.net/p/libmtp/code/ci/aa7d91a789873a9d86969028e57f888a1241c085/ NOTE: reduced patchset: https://lists.debian.org/87lgnzvjvb....@curie.anarc.at CVE-2017-9831 (An integer overflow vulnerability in the ptp_unpack_EOS_CustomFuncEx ...) + {DLA-1029-1} - libmtp 1.1.13-1 [jessie] - libmtp <no-dsa> (Minor issue; can be fixed in a point release) NOTE: https://sourceforge.net/p/libmtp/mailman/message/35735992/ @@ -4399,8 +4463,8 @@ RESERVED CVE-2017-9640 RESERVED -CVE-2017-9639 - RESERVED +CVE-2017-9639 (An issue was discovered in Fuji Electric V-Server Version 3.3.22.0 and ...) + TODO: check CVE-2017-9638 RESERVED CVE-2017-9637 @@ -8942,8 +9006,8 @@ RESERVED CVE-2017-8035 RESERVED -CVE-2017-8034 - RESERVED +CVE-2017-8034 (The Cloud Controller and Router in Cloud Foundry (CAPI-release capi ...) + TODO: check CVE-2017-8033 RESERVED CVE-2017-8032 (In Cloud Foundry cf-release versions prior to v264; UAA release all ...) @@ -8988,8 +9052,8 @@ RESERVED CVE-2017-8012 RESERVED -CVE-2017-8011 - RESERVED +CVE-2017-8011 (EMC ViPR SRM, EMC Storage M&R, EMC VNX M&R, EMC M&R for SAS Solution ...) + TODO: check CVE-2017-8010 RESERVED CVE-2017-8009 @@ -8998,20 +9062,20 @@ RESERVED CVE-2017-8007 RESERVED -CVE-2017-8006 - RESERVED -CVE-2017-8005 - RESERVED -CVE-2017-8004 - RESERVED +CVE-2017-8006 (In EMC RSA Authentication Manager 8.2 SP1 Patch 1 and earlier, a ...) + TODO: check +CVE-2017-8005 (The EMC RSA Identity Governance and Lifecycle, RSA Via Lifecycle and ...) + TODO: check +CVE-2017-8004 (The EMC RSA Identity Governance and Lifecycle, RSA Via Lifecycle and ...) + TODO: check CVE-2017-8003 (EMC Data Protection Advisor prior to 6.4 contains a path traversal ...) NOT-FOR-US: EMC Data Protection Advisor CVE-2017-8002 (EMC Data Protection Advisor prior to 6.4 contains multiple blind SQL ...) NOT-FOR-US: EMC Data Protection Advisor CVE-2017-8001 RESERVED -CVE-2017-8000 - RESERVED +CVE-2017-8000 (In EMC RSA Authentication Manager 8.2 SP1 and earlier, a malicious RSA ...) + TODO: check CVE-2017-7999 (Atlassian Eucalyptus before 4.4.1, when in EDGE mode, allows remote ...) NOT-FOR-US: Atlassian Eucalyptus CVE-2017-7998 @@ -10607,10 +10671,10 @@ RESERVED CVE-2017-7533 RESERVED -CVE-2017-7532 - RESERVED -CVE-2017-7531 - RESERVED +CVE-2017-7532 (In Moodle 3.x, course creators are able to change system default ...) + TODO: check +CVE-2017-7531 (In Moodle 3.3, the course overview block reveals activities in hidden ...) + TODO: check CVE-2017-7530 RESERVED CVE-2017-7529 (Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable ...) @@ -21743,8 +21807,8 @@ RESERVED CVE-2017-3755 RESERVED -CVE-2017-3754 - RESERVED +CVE-2017-3754 (Some Lenovo brand notebook systems do not have write protections ...) + TODO: check CVE-2017-3753 RESERVED CVE-2017-3752 @@ -21767,8 +21831,8 @@ NOT-FOR-US: Lenovo CVE-2017-3743 (If multiple users are concurrently logged into a single system where ...) NOT-FOR-US: Lenovo -CVE-2017-3742 - RESERVED +CVE-2017-3742 (In Lenovo Connect2 versions earlier than 4.2.5.4885 for Windows and ...) + TODO: check CVE-2017-3741 (In the Lenovo Power Management driver before 1.67.12.24, a local user ...) NOT-FOR-US: Lenovo CVE-2017-3740 (In Lenovo Active Protection System before 1.82.0.14, an attacker with ...) @@ -25250,8 +25314,8 @@ - moodle <not-affected> (Only affects 3.2 to 3.2.1) NOTE: https://tracker.moodle.org/browse/MDL-56526 NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-56526 -CVE-2017-2642 - RESERVED +CVE-2017-2642 (Moodle 3.x has user fullname disclosure on the user preferences page. ...) + TODO: check CVE-2017-2641 (In Moodle 2.x and 3.x, SQL injection can occur via user preferences. ...) - moodle 2.7.19+dfsg-1 NOTE: https://tracker.moodle.org/browse/MDL-58010 @@ -176342,7 +176406,7 @@ CVE-2010-0772 (Unspecified vulnerability in the channel process in IBM WebSphere MQ ...) NOT-FOR-US: IMB WebSphere MQ CVE-2010-0771 - RESERVED + REJECTED CVE-2010-0770 (IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.41, 6.1 before ...) NOT-FOR-US: IBM WebSphere Application Server CVE-2010-0769 (IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.41, 6.1 before ...) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits