Author: joeyh
Date: 2013-09-26 21:14:26 +0000 (Thu, 26 Sep 2013)
New Revision: 23795
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-09-26 21:05:28 UTC (rev 23794)
+++ data/CVE/list 2013-09-26 21:14:26 UTC (rev 23795)
@@ -1,3 +1,13 @@
+CVE-2013-5941
+ RESERVED
+CVE-2013-5940
+ RESERVED
+CVE-2013-5939
+ RESERVED
+CVE-2013-5938 (Cross-site scripting (XSS) vulnerability in the Click2Sell
Suite ...)
+ TODO: check
+CVE-2013-5937 (Cross-site request forgery (CSRF) vulnerability in the
Click2Sell ...)
+ TODO: check
CVE-2013-5936 (The Hazelcast cluster API in Open-Xchange AppSuite 7.0.x before
...)
TODO: check
CVE-2013-5935 (The Hazelcast cluster API in Open-Xchange AppSuite 7.0.x before
...)
@@ -783,8 +793,7 @@
- linux <unfixed>
[wheezy] - linux <not-affected> (KVM for arm introduced in 3.9)
- linux-2.6 <not-affected> (KVM for arm introduced in 3.9)
-CVE-2013-5586 [XSS]
- RESERVED
+CVE-2013-5586 (Cross-site scripting (XSS) vulnerability in wikka.php in
WikkaWiki ...)
NOT-FOR-US: WikkaWiki
CVE-2013-5585
RESERVED
@@ -857,7 +866,7 @@
RESERVED
- joomla <itp> (bug #571794)
CVE-2013-5575 [integer overflow]
- RESERVED
+ REJECTED
NOTE: Non-issue, to be rejected
CVE-2013-5568
RESERVED
@@ -2529,9 +2538,9 @@
RESERVED
CVE-2013-4775
RESERVED
-CVE-2013-4785 (The web interface for Dell iDRAC 6 firmware 1.7, and possibly
other ...)
+CVE-2013-4785 (The web interface on the Dell iDRAC6 with firmware before 1.95
allows ...)
NOT-FOR-US: Dell
-CVE-2013-4783 (The Dell iDRAC 6 BMC implementation allows remote attackers to
bypass ...)
+CVE-2013-4783 (The Dell iDRAC6 with firmware 1.x before 1.92 and 2.x and 3.x
before ...)
NOT-FOR-US: Dell
CVE-2013-4782 (The Supermicro BMC implementation allows remote attackers to
bypass ...)
NOT-FOR-US: Supermicro
@@ -3450,6 +3459,7 @@
NOTE: CVE for incomplete fix for CVE-2013-4287
CVE-2013-4362 [Insecure use of system]
RESERVED
+ {DSA-2765-1}
- davfs2 1.4.7-3 (bug #723034)
NOTE: http://savannah.nongnu.org/bugs/?40034
CVE-2013-4361
@@ -6181,6 +6191,7 @@
CVE-2013-3279
RESERVED
CVE-2013-3278
+ RESERVED
NOT-FOR-US: EMC
CVE-2013-3277 (Open redirect vulnerability in EMC RSA Archer GRC 5.x before
5.4 ...)
NOT-FOR-US: EMC
@@ -8847,7 +8858,7 @@
[wheezy] - libvirt <not-affected> (Vulnerable code introduced in with
commit abf75aea)
[jessie] - libvirt <not-affected> (Vulnerable code introduced in with
commit abf75aea)
CVE-2013-2229
- RESERVED
+ REJECTED
CVE-2013-2228 [RSA exponent of 1]
RESERVED
- salt 0.15.1-1
@@ -9568,7 +9579,7 @@
CVE-2013-2027
RESERVED
CVE-2013-2026
- RESERVED
+ REJECTED
CVE-2013-2025
RESERVED
NOT-FOR-US: Ushahidi
@@ -14737,7 +14748,7 @@
[squeeze] - pyrad <no-dsa> (Minor issue)
NOTE: this is initially related to #700669
CVE-2013-0341 [external entity expansion]
- RESERVED
+ REJECTED
- expat <unfixed> (unimportant)
NOTE: Expat provides API to mitigate expansion attacks, ultimately
under control of the app using Expat
CVE-2013-0340 [internal entity expansion]
@@ -21877,16 +21888,16 @@
TODO: check
CVE-2012-4093 (The Manager component in Cisco Unified Computing System (UCS)
allows ...)
NOT-FOR-US: Cisco Unified Computing System
-CVE-2012-4092
- RESERVED
+CVE-2012-4092 (The management interface in the Central Software component in
Cisco ...)
+ TODO: check
CVE-2012-4091
RESERVED
CVE-2012-4090
RESERVED
CVE-2012-4089 (MCTOOLS in the fabric interconnect in Cisco Unified Computing
System ...)
TODO: check
-CVE-2012-4088
- RESERVED
+CVE-2012-4088 (The FTP server in Cisco Unified Computing System (UCS) has a
hardcoded ...)
+ TODO: check
CVE-2012-4087 (A cluster setup script for fabric interconnect devices in Cisco
...)
TODO: check
CVE-2012-4086 (A setup script for fabric interconnect devices in Cisco Unified
...)
@@ -21903,8 +21914,8 @@
NOT-FOR-US: Cisco
CVE-2012-4080
RESERVED
-CVE-2012-4079
- RESERVED
+CVE-2012-4079 (The XML API service in the Fabric Interconnect component in
Cisco ...)
+ TODO: check
CVE-2012-4078 (The Baseboard Management Controller (BMC) in Cisco Unified
Computing ...)
TODO: check
CVE-2012-4077
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
