Author: joeyh Date: 2013-10-29 21:14:31 +0000 (Tue, 29 Oct 2013) New Revision: 24216
Modified: data/CVE/list Log: automatic update Modified: data/CVE/list =================================================================== --- data/CVE/list 2013-10-29 19:58:25 UTC (rev 24215) +++ data/CVE/list 2013-10-29 21:14:31 UTC (rev 24216) @@ -1,13 +1,98 @@ +CVE-2013-6287 + RESERVED +CVE-2013-6286 + RESERVED +CVE-2013-6284 (Unspecified vulnerability in the Statutory Reporting for Insurance ...) + TODO: check +CVE-2013-6283 (VideoLAN VLC Media Player 2.0.8 and earlier allows remote attackers to ...) + TODO: check +CVE-2013-6282 + RESERVED +CVE-2013-6281 (Cross-site scripting (XSS) vulnerability in codebase/spreadsheet.php ...) + TODO: check +CVE-2013-6280 (Cross-site scripting (XSS) vulnerability in Social Sharing Toolkit ...) + TODO: check +CVE-2013-6279 + RESERVED +CVE-2013-6278 + RESERVED +CVE-2013-6277 + RESERVED +CVE-2013-6276 + RESERVED +CVE-2013-6274 + RESERVED +CVE-2013-6273 + RESERVED +CVE-2013-6272 + RESERVED +CVE-2013-6271 + RESERVED +CVE-2013-6270 + RESERVED +CVE-2013-6269 + RESERVED +CVE-2013-6268 + RESERVED +CVE-2013-6267 + RESERVED +CVE-2013-6266 + RESERVED +CVE-2013-6265 + RESERVED +CVE-2013-6264 + RESERVED +CVE-2013-6263 + RESERVED +CVE-2013-6262 + RESERVED +CVE-2013-6261 + RESERVED +CVE-2013-6260 + RESERVED +CVE-2013-6259 + RESERVED +CVE-2013-6258 + RESERVED +CVE-2013-6257 + RESERVED +CVE-2013-6256 + RESERVED +CVE-2013-6255 + RESERVED +CVE-2013-6254 + RESERVED +CVE-2013-6253 + RESERVED +CVE-2013-6252 + RESERVED +CVE-2013-6251 + RESERVED +CVE-2013-6250 + RESERVED +CVE-2013-6249 + RESERVED +CVE-2013-6248 + RESERVED +CVE-2013-6247 + RESERVED +CVE-2013-6246 (The Dell Quest One Password Manager, possibly 5.0, allows remote ...) + TODO: check +CVE-2013-6245 (Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise ...) + TODO: check +CVE-2013-6244 (The Live Update webdynpro application ...) + TODO: check CVE-2013-XXXX [remote command injection in content_type] - sup-mail <unfixed> (bug #728232) NOTE: http://rubyforge.org/pipermail/sup-talk/2013-October/004996.html -CVE-2013-6289 +CVE-2013-6289 (Cross-site scripting (XSS) vulnerability in the Apache Solr for TYPO3 ...) NOT-FOR-US: TYPO3 extension Apache Solr -CVE-2013-6288 +CVE-2013-6288 (Unspecified vulnerability in the Apache Solr for TYPO3 (solr) ...) NOT-FOR-US: TYPO3 extension Apache Solr -CVE-2013-6285 +CVE-2013-6285 (The search component in the Treasurer application in Tyler ...) NOT-FOR-US: Tyler Technologies TaxWeb CVE-2013-6275 [CSRF] + RESERVED - php-horde-ingo <unfixed> (bug #727669) - ingo1 <undetermined> CVE-2013-6242 @@ -239,10 +324,10 @@ RESERVED CVE-2013-6130 RESERVED -CVE-2013-6128 - RESERVED -CVE-2013-6127 - RESERVED +CVE-2013-6128 (The KCHARTXYLib.KChartXY ActiveX control in KChartXY.ocx before ...) + TODO: check +CVE-2013-6127 (The SUPERGRIDLib.SuperGrid ActiveX control in SuperGrid.ocx before ...) + TODO: check CVE-2013-6126 RESERVED CVE-2013-6125 @@ -373,7 +458,7 @@ TODO: check CVE-2007-6755 (The NIST SP 800-90A default statement of the Dual Elliptic Curve ...) TODO: check -CVE-2013-6243 [SQL Injection] +CVE-2013-6243 (SQL injection vulnerability in the Landing Pages plugin 1.2.3, before ...) NOT-FOR-US: WordPress Landing Pages Plugin CVE-2013-6167 RESERVED @@ -475,28 +560,23 @@ RESERVED CVE-2013-6021 (Buffer overflow in WGagent in WatchGuard WSM and Fireware before 11.8 ...) NOT-FOR-US: WatchGuard WSM and Fireware -CVE-2013-6020 - RESERVED +CVE-2013-6020 (passwordRequestPOST.jsp in Tyler Technologies TaxWeb 3.13.3.1 sends ...) NOT-FOR-US: Tyler Technologies TaxWeb -CVE-2013-6019 - RESERVED +CVE-2013-6019 (Cross-site scripting (XSS) vulnerability in Tyler Technologies TaxWeb ...) NOT-FOR-US: Tyler Technologies TaxWeb -CVE-2013-6018 - RESERVED +CVE-2013-6018 (Cross-site request forgery (CSRF) vulnerability in login.jsp in Tyler ...) NOT-FOR-US: Tyler Technologies TaxWeb CVE-2013-6017 RESERVED -CVE-2013-6016 - RESERVED +CVE-2013-6016 (The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, APM, ASM, ...) + TODO: check CVE-2013-6015 (Juniper Junos before 10.4S14, 11.4 before 11.4R5-S2, 12.1R before ...) NOT-FOR-US: Juniper Junos -CVE-2013-6014 - RESERVED +CVE-2013-6014 (Juniper Junos 10.4 before 10.4S15, 11.4 before 11.4R9, 11.4X27 before ...) NOT-FOR-US: Juniper Junos CVE-2013-6013 (Buffer overflow in the flow daemon (flowd) in Juniper Junos 10.4 ...) NOT-FOR-US: Juniper Junos -CVE-2013-6012 - RESERVED +CVE-2013-6012 (Juniper Junos 12.1X44 before 12.1.X44-D20 and 12.1X45 before ...) NOT-FOR-US: Juniper Junos CVE-2013-6011 (Citrix NetScaler Application Delivery Controller (ADC) 10.0 before ...) NOT-FOR-US: Citrix NetScaler Application Delivery Controller @@ -586,8 +666,7 @@ NOT-FOR-US: VMware ESXi and ESX CVE-2013-5969 RESERVED -CVE-2013-5968 - RESERVED +CVE-2013-5968 (Cross-site scripting (XSS) vulnerability in CA SiteMinder 12.0 through ...) NOT-FOR-US: CA SiteMinder CVE-2013-5967 (Multiple SQL injection vulnerabilities in AlienVault Open Source ...) NOT-FOR-US: AlienVault Open Source Security Information Management @@ -698,8 +777,7 @@ {DSA-2782-1} - polarssl 1.3.1-1 (bug #725359) NOTE: https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2013-05 -CVE-2013-5914 [Buffer overflow in ssl_read_record()] - RESERVED +CVE-2013-5914 (Buffer overflow in the ssl_read_record function in ssl_tls.c in ...) {DSA-2782-1} - polarssl 1.2.0-1 (bug #725359) NOTE: https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2013-04 @@ -1104,8 +1182,7 @@ RESERVED CVE-2013-5746 RESERVED -CVE-2013-5744 - RESERVED +CVE-2013-5744 (Cross-site scripting (XSS) vulnerability in Feng Office 2.3.2-rc and ...) NOT-FOR-US: Feng Office CVE-2013-5743 RESERVED @@ -1113,8 +1190,7 @@ [squeeze] - zabbix 1:1.8.2-1squeeze5 CVE-2013-5742 RESERVED -CVE-2013-5741 - RESERVED +CVE-2013-5741 (Triangle Research International (aka Tri) Nano-10 PLC devices with ...) NOT-FOR-US: Triangle Research International Nano-10 PLC CVE-2013-5745 (The vino_server_client_data_pending function in vino-server.c in GNOME ...) - vino 3.10.1-1 (low; bug #724545) @@ -1626,8 +1702,7 @@ RESERVED CVE-2013-5550 (The fabric-interconnect component in Cisco Unified Computing System ...) NOT-FOR-US: Cisco Unified Computing System -CVE-2013-5549 - RESERVED +CVE-2013-5549 (Cisco IOS XR 3.8.1 through 4.2.0 does not properly process fragmented ...) NOT-FOR-US: Cisco IOS XR CVE-2013-5548 RESERVED @@ -1651,10 +1726,10 @@ NOT-FOR-US: Cisco Identity Services Engine CVE-2013-5538 (The Sponsor Portal in Cisco Identity Services Engine (ISE) uses weak ...) NOT-FOR-US: Cisco Identity Services Engine -CVE-2013-5537 - RESERVED -CVE-2013-5536 - RESERVED +CVE-2013-5537 (The web framework on Cisco Web Security Appliance (WSA), Email ...) + TODO: check +CVE-2013-5536 (Cisco Secure Access Control System (ACS) does not properly implement ...) + TODO: check CVE-2013-5535 (The analytics page on Cisco Video Surveillance 4000 IP cameras has ...) NOT-FOR-US: Cisco Video Surveillance 4000 IP cameras CVE-2013-5534 (Directory traversal vulnerability in the attachment service in the ...) @@ -1663,10 +1738,9 @@ NOT-FOR-US: Cisco CVE-2013-5532 (Buffer overflow in the web-application interface on Cisco 9900 IP ...) NOT-FOR-US: Cisco -CVE-2013-5531 - RESERVED -CVE-2013-5530 - RESERVED +CVE-2013-5531 (Cisco Identity Services Engine (ISE) 1.x before 1.1.1 allows remote ...) + TODO: check +CVE-2013-5530 (The web framework in Cisco Identity Services Engine (ISE) 1.0 and ...) NOT-FOR-US: Cisco Identity Services Engine CVE-2013-5529 (The deployment module in the server in Cisco WebEx Meeting Center does ...) NOT-FOR-US: Cisco WebEx Meetings Server @@ -1682,10 +1756,10 @@ NOT-FOR-US: Cisco CVE-2013-5523 (The Sponsor Portal in Cisco Identity Services Engine (ISE) 1.2 and ...) NOT-FOR-US: Cisco -CVE-2013-5522 - RESERVED -CVE-2013-5521 - RESERVED +CVE-2013-5522 (Cisco IOS on Catalyst 3750X switches has default Service Module ...) + TODO: check +CVE-2013-5521 (Cisco Identity Services Engine does not properly restrict the creation ...) + TODO: check CVE-2013-5520 RESERVED CVE-2013-5519 (Cross-site scripting (XSS) vulnerability in the management interface ...) @@ -1866,8 +1940,7 @@ RESERVED CVE-2013-5431 RESERVED -CVE-2013-5430 - RESERVED +CVE-2013-5430 (The Jazz Team Server component in IBM Security AppScan Enterprise 8.x ...) NOT-FOR-US: IBM Security AppScan Enterprise CVE-2013-5429 RESERVED @@ -1879,8 +1952,8 @@ RESERVED CVE-2013-5425 RESERVED -CVE-2013-5424 - RESERVED +CVE-2013-5424 (IBM Flex System Manager (FSM) 1.3.0 allows remote attackers to bypass ...) + TODO: check CVE-2013-5423 RESERVED CVE-2013-5422 @@ -2348,68 +2421,68 @@ RESERVED CVE-2013-5193 RESERVED -CVE-2013-5192 - RESERVED -CVE-2013-5191 - RESERVED -CVE-2013-5190 - RESERVED -CVE-2013-5189 - RESERVED -CVE-2013-5188 - RESERVED -CVE-2013-5187 - RESERVED -CVE-2013-5186 - RESERVED -CVE-2013-5185 - RESERVED -CVE-2013-5184 - RESERVED -CVE-2013-5183 - RESERVED -CVE-2013-5182 - RESERVED -CVE-2013-5181 - RESERVED -CVE-2013-5180 - RESERVED -CVE-2013-5179 - RESERVED -CVE-2013-5178 - RESERVED -CVE-2013-5177 - RESERVED -CVE-2013-5176 - RESERVED -CVE-2013-5175 - RESERVED -CVE-2013-5174 - RESERVED -CVE-2013-5173 - RESERVED -CVE-2013-5172 - RESERVED -CVE-2013-5171 - RESERVED -CVE-2013-5170 - RESERVED -CVE-2013-5169 - RESERVED -CVE-2013-5168 - RESERVED -CVE-2013-5167 - RESERVED -CVE-2013-5166 - RESERVED -CVE-2013-5165 - RESERVED -CVE-2013-5164 - RESERVED +CVE-2013-5192 (The USB hub controller in Apple Mac OS X before 10.9 allows local ...) + TODO: check +CVE-2013-5191 (The syslog implementation in Apple Mac OS X before 10.9 allows local ...) + TODO: check +CVE-2013-5190 (Smart Card Services in Apple Mac OS X before 10.9 does not properly ...) + TODO: check +CVE-2013-5189 (Apple Mac OS X before 10.9 does not preserve a certain administrative ...) + TODO: check +CVE-2013-5188 (The Screen Lock implementation in Apple Mac OS X before 10.9, when ...) + TODO: check +CVE-2013-5187 (The Screen Lock implementation in Apple Mac OS X before 10.9 does not ...) + TODO: check +CVE-2013-5186 (Power Management in Apple Mac OS X before 10.9 does not properly ...) + TODO: check +CVE-2013-5185 (The ldapsearch command-line program in OpenLDAP in Apple Mac OS X ...) + TODO: check +CVE-2013-5184 (The kernel in Apple Mac OS X before 10.9 does not properly check for ...) + TODO: check +CVE-2013-5183 (Mail in Apple Mac OS X before 10.9, when Kerberos authentication is ...) + TODO: check +CVE-2013-5182 (Mail in Apple Mac OS X before 10.9 allows remote attackers to spoof ...) + TODO: check +CVE-2013-5181 (The auto-configuration feature in Mail in Apple Mac OS X before 10.9 ...) + TODO: check +CVE-2013-5180 (The srandomdev function in Libc in Apple Mac OS X before 10.9, when ...) + TODO: check +CVE-2013-5179 (App Sandbox in Apple Mac OS X before 10.9 allows attackers to bypass ...) + TODO: check +CVE-2013-5178 (LaunchServices in Apple Mac OS X before 10.9 does not properly ...) + TODO: check +CVE-2013-5177 (The kernel in Apple Mac OS X before 10.9 allows local users to cause a ...) + TODO: check +CVE-2013-5176 (The kernel in Apple Mac OS X before 10.9 does not properly handle ...) + TODO: check +CVE-2013-5175 (The kernel in Apple Mac OS X before 10.9 allows local users to obtain ...) + TODO: check +CVE-2013-5174 (Integer signedness error in the kernel in Apple Mac OS X before 10.9 ...) + TODO: check +CVE-2013-5173 (The random-number generator in the kernel in Apple Mac OS X before ...) + TODO: check +CVE-2013-5172 (The kernel in Apple Mac OS X before 10.9 does not properly determine ...) + TODO: check +CVE-2013-5171 (CoreGraphics in Apple Mac OS X before 10.9 allows local users to ...) + TODO: check +CVE-2013-5170 (Buffer underflow in CoreGraphics in Apple Mac OS X before 10.9 allows ...) + TODO: check +CVE-2013-5169 (CoreGraphics in Apple Mac OS X before 10.9, when display-sleep mode is ...) + TODO: check +CVE-2013-5168 (Console in Apple Mac OS X before 10.9 allows user-assisted remote ...) + TODO: check +CVE-2013-5167 (CFNetwork in Apple Mac OS X before 10.9 does not properly support ...) + TODO: check +CVE-2013-5166 (The Bluetooth USB host controller in Apple Mac OS X before 10.9 ...) + TODO: check +CVE-2013-5165 (socketfilterfw in Application Firewall in Apple Mac OS X before 10.9 ...) + TODO: check +CVE-2013-5164 (Multiple race conditions in the Phone app in Apple iOS before 7.0.3 ...) + TODO: check CVE-2013-5163 (Directory Services in Apple Mac OS X before 10.8.5 Supplemental Update ...) NOT-FOR-US: Apple OS X -CVE-2013-5162 - RESERVED +CVE-2013-5162 (Passcode Lock in Apple iOS before 7.0.3 on iPhone devices allows ...) + TODO: check CVE-2013-5161 (Passcode Lock in Apple iOS before 7.0.2 does not properly manage the ...) NOT-FOR-US: Apple iOS CVE-2013-5160 (Passcode Lock in Apple iOS before 7.0.2 on iPhone devices allows ...) @@ -2436,18 +2509,18 @@ NOT-FOR-US: Apple iOS CVE-2013-5149 (The Push Notifications subsystem in Apple iOS before 7 provides the ...) NOT-FOR-US: Apple iOS -CVE-2013-5148 - RESERVED +CVE-2013-5148 (Apple Keynote before 6.0 does not properly handle the interaction ...) + TODO: check CVE-2013-5147 (Passcode Lock in Apple iOS before 7 does not properly manage the lock ...) NOT-FOR-US: Apple iOS CVE-2013-5146 RESERVED CVE-2013-5145 (kextd in Kext Management in Apple iOS before 7 does not properly ...) NOT-FOR-US: Apple iOS -CVE-2013-5144 - RESERVED -CVE-2013-5143 - RESERVED +CVE-2013-5144 (Passcode Lock in Apple iOS before 7.0.3 on iPhone devices allows ...) + TODO: check +CVE-2013-5143 (The RADIUS service in Server App in Apple OS X Server before 3.0 ...) + TODO: check CVE-2013-5142 (The kernel in Apple iOS before 7 does not initialize unspecified ...) NOT-FOR-US: Apple iOS CVE-2013-5141 (The kernel in Apple iOS before 7 uses an incorrect data size for a ...) @@ -2460,10 +2533,10 @@ NOT-FOR-US: Apple iOS CVE-2013-5137 (IOKit in Apple iOS before 7 allows attackers to send user-interface ...) NOT-FOR-US: Apple iOS -CVE-2013-5136 - RESERVED -CVE-2013-5135 - RESERVED +CVE-2013-5136 (Apple Remote Desktop before 3.7 does not properly use server ...) + TODO: check +CVE-2013-5135 (Format string vulnerability in Screen Sharing Server in Apple Mac OS X ...) + TODO: check CVE-2013-5134 REJECTED CVE-2013-5133 @@ -2472,8 +2545,8 @@ NOT-FOR-US: Apple AirPort CVE-2013-5131 (Cross-site scripting (XSS) vulnerability in WebKit in Apple iOS before ...) NOT-FOR-US: Apple iOS -CVE-2013-5130 - RESERVED +CVE-2013-5130 (WebKit in Apple Safari before 6.1 disables the Private Browsing ...) + TODO: check CVE-2013-5129 (Multiple cross-site scripting (XSS) vulnerabilities in WebKit in Apple ...) NOT-FOR-US: Apple iOS CVE-2013-5128 (WebKit, as used in Apple iOS before 7, allows remote attackers to ...) @@ -2805,8 +2878,8 @@ - puppet <not-affected> (Only affects Puppet Enterprise) CVE-2013-4966 RESERVED -CVE-2013-4965 - RESERVED +CVE-2013-4965 (Puppet Enterprise before 3.1.0 does not properly restrict the number ...) + TODO: check CVE-2013-4964 (Puppet Enterprise before 3.0.1 does not set the secure flag for the ...) - puppet <not-affected> (Only affects Puppet Enterprise) CVE-2013-4963 @@ -2821,8 +2894,8 @@ - puppet <not-affected> (Only affects Puppet Enterprise) CVE-2013-4958 (Puppet Enterprise before 3.0.1 does not use a session timeout, which ...) - puppet <not-affected> (Only affects Puppet Enterprise) -CVE-2013-4957 - RESERVED +CVE-2013-4957 (The dashboard report in Puppet Enterprise before 3.0.1 allows ...) + TODO: check CVE-2013-4956 (Puppet Module Tool (PMT), as used in Puppet 2.7.x before 2.7.23 and ...) {DSA-2761-1} - puppet 3.2.4-1 @@ -3021,8 +3094,7 @@ RESERVED CVE-2013-4886 RESERVED -CVE-2013-4885 [arbitrary file upload flaw in http-domino-enum-passwords NSE script] - RESERVED +CVE-2013-4885 (The http-domino-enum-passwords.nse script in NMap before 6.40, when ...) - nmap 6.40-0.1 (low; bug #719289) [squeeze] - nmap <not-affected> (Vulnerable code not present) [wheezy] - nmap 6.00-0.3+deb7u1 @@ -3937,6 +4009,7 @@ CVE-2013-4478 RESERVED CVE-2013-4477 [OpenStack Keystone: Unintentional role granting with Keystone LDAP backend] + RESERVED - keystone <unfixed> (bug #728233) NOTE: https://bugs.launchpad.net/keystone/+bug/1242855 CVE-2013-4476 @@ -3977,8 +4050,7 @@ - gnutls28 <not-affected> (libdane is not built) NOTE: http://www.gnutls.org/security.html#GNUTLS-SA-2013-3 NOTE: Upstream commit for 3.2.x: https://gitorious.org/gnutls/gnutls/commit/ed51e5e53cfbab3103d6b7b85b7ba4515e4f30c3 -CVE-2013-4465 - RESERVED +CVE-2013-4465 (Unrestricted file upload vulnerability in the avatar upload ...) NOT-FOR-US: Simple Machines Forum CVE-2013-4464 RESERVED @@ -4050,7 +4122,7 @@ CVE-2013-4444 RESERVED CVE-2013-4443 - RESERVED + REJECTED CVE-2013-4442 [Silent fallback to insecure entropy] RESERVED - pwgen <unfixed> (bug #726578) @@ -4075,8 +4147,7 @@ CVE-2013-4435 RESERVED - salt <unfixed> (bug #726480) -CVE-2013-4434 [dropbear: avoid disclosing existence of valid users through inconsistent delays] - RESERVED +CVE-2013-4434 (Dropbear SSH Server before 2013.59 generates error messages for a ...) - dropbear 2012.55-1.4 (low; bug #726118) [squeeze] - dropbear <no-dsa> (Minor issue) [wheezy] - dropbear <no-dsa> (Minor issue) @@ -4105,8 +4176,7 @@ NOTE: https://bazaar.launchpad.net/~mahara-release/mahara/1.7_STABLE/revision/5833 NOTE: https://bazaar.launchpad.net/~mahara-release/mahara/1.5_STABLE/revision/5543 NOTE: https://bugs.launchpad.net/mahara/+bug/1211758 -CVE-2013-4428 [image_download policy not enforced for cached images] - RESERVED +CVE-2013-4428 (OpenStack Image Registry and Delivery Service (Glance) Folsom, Grizzly ...) - glance <unfixed> (bug #726478) [wheezy] - glance <not-affected> (does not have the download_image) CVE-2013-4427 [pyxtrlock Incorrect return value checking] @@ -4121,11 +4191,9 @@ RESERVED CVE-2013-4423 RESERVED -CVE-2013-4422 [SQL injection] - RESERVED +CVE-2013-4422 (SQL injection vulnerability in Quassel IRC before 0.9.1, when Qt 4.8.5 ...) - quassel <not-affected> (Postgres support not enabled in Debian, see #552374) -CVE-2013-4421 [memory exhaustion denial of service] - RESERVED +CVE-2013-4421 (The buf_decompress function in packet.c in Dropbear SSH Server before ...) - dropbear 2012.55-1.4 (low; bug #726019) [squeeze] - dropbear <no-dsa> (Minor issue) [wheezy] - dropbear <no-dsa> (Minor issue) @@ -4185,8 +4253,7 @@ RESERVED CVE-2013-4403 RESERVED -CVE-2013-4402 [infinite recursion in the compressed packet parser] - RESERVED +CVE-2013-4402 (GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote ...) {DSA-2774-1 DSA-2773-1} - gnupg2 2.0.22-1 (bug #725433) - gnupg 1.4.15-1 (bug #725439) @@ -4218,32 +4285,27 @@ CVE-2013-4395 RESERVED NOT-FOR-US: Simple Machines Forum -CVE-2013-4394 [systemd: Improper sanitization of invalid XKB layouts descriptions] - RESERVED +CVE-2013-4394 (The SetX11Keyboard function in systemd, when PolicyKit Local Authority ...) {DSA-2777-1} - systemd 204-5 (bug #725357) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=862324 NOTE: http://cgit.freedesktop.org/systemd/systemd/commit/?id=0b507b17a760b21e33fc52ff377db6aa5086c680 -CVE-2013-4393 [systemd: Possibility of denial of logging service by processing native messages from file] - RESERVED +CVE-2013-4393 (journald in systemd, when the origin of native messages is set to ...) - systemd 204-5 (bug #725357) [wheezy] - systemd <not-affected> (Vulnerable code not present) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=859104 NOTE: http://cgit.freedesktop.org/systemd/systemd/commit/?id=1dfa7e79a60de680086b1d93fcc3629b463f58bd -CVE-2013-4392 [systemd: TOCTOU race condition when updating file permissions and SELinux security contexts] - RESERVED +CVE-2013-4392 (systemd, when updating file permissions, allows local users to change ...) - systemd <unfixed> (low; bug #725357) [wheezy] - systemd <not-affected> (/etc/tmpfiles.d not supported in Wheezy) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=859060 TODO: no useful information available yet, recheck later -CVE-2013-4391 [systemd: Integer overflow, leading to heap-based buffer overflow by processing native messages] - RESERVED +CVE-2013-4391 (Integer overflow in the valid_user_field function in ...) {DSA-2777-1} - systemd 204-5 (bug #725357) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=859051 NOTE: http://cgit.freedesktop.org/systemd/systemd/commit/?id=505b6a61c22d5565e9308045c7b9bf79f7d0517e -CVE-2013-4390 - RESERVED +CVE-2013-4390 (Open redirect vulnerability in the AbstractAuthenticationFormServlet ...) NOT-FOR-US: Apache Sling CVE-2013-4389 (Multiple format string vulnerabilities in log_subscriber.rb files in ...) - rails-4.0 <not-affected> (Only affects 3.x) @@ -4305,8 +4367,7 @@ NOTE: Xen after Wheezy uses qemu-system-x86 from qemu, marking 4.2 as pseudo fixed CVE-2013-4374 RESERVED -CVE-2013-4373 - RESERVED +CVE-2013-4373 (The storeFiles method in JPADriftServerBean in Red Hat JBoss ...) NOT-FOR-US: Red Hat JBoss Operations Network CVE-2013-4372 (Multiple cross-site scripting (XSS) vulnerabilities in Fuse Management ...) NOT-FOR-US: JBoss Fuse @@ -4538,13 +4599,11 @@ - mediawiki 1:1.19.8+dfsg-1 (unimportant) NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=52746 NOTE: IE6 lacks so many security features that this doesn't matter -CVE-2013-4302 [mediawiki anti CSRF modules could be accessed via JSON] - RESERVED +CVE-2013-4302 ((1) ApiBlock.php, (2) ApiCreateAccount.php, (3) ApiLogin.php, (4) ...) {DSA-2753-1} - mediawiki 1:1.19.8+dfsg-1 NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=49090 -CVE-2013-4301 [mediawiki full path disclosure] - RESERVED +CVE-2013-4301 (includes/resourceloader/ResourceLoaderContext.php in MediaWiki 1.19.x ...) - mediawiki 1:1.19.8+dfsg-1 (unimportant) NOTE: Full path disclosure irrelevant in Debian NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=46332 @@ -4552,8 +4611,7 @@ - linux 3.11.5-1 [wheezy] - linux <not-affected> (Not exploitable by unprivileged users in 3.2) - linux-2.6 <not-affected> (Not exploitable by unprivileged users in 2.6.32) -CVE-2013-4299 [dm: dm-snapshot data leak] - RESERVED +CVE-2013-4299 (Interpretation conflict in drivers/md/dm-snap-persistent.c in the ...) - linux-2.6 <removed> - linux <unfixed> NOTE: upstream commit: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e9c6a182649f4259db704ae15a91ac820e63b0ca @@ -4570,14 +4628,12 @@ [squeeze] - libvirt <not-affected> (Vulnerable code not present, introduced by commit 158ba8730e44b7dd07a21ab90499996c5dec080a) NOTE: http://libvirt.org/git/?p=libvirt.git;a=commit;h=158ba8730e44b7dd07a21ab90499996c5dec080a NOTE: Fix: http://libvirt.org/git/?p=libvirt.git;a=commitdiff;h=e7f400a110e2e3673b96518170bfea0855dd82c0 -CVE-2013-4295 - RESERVED +CVE-2013-4295 (The gadget renderer in Apache Shindig 2.5.0 for PHP allows remote ...) NOT-FOR-US: Apache Shindig CVE-2013-4294 (The (1) mamcache and (2) KVS token backends in OpenStack Identity ...) - keystone 2013.1.3-2 (bug #722505) [wheezy] - keystone <not-affected> (only affects Folsom release and above) -CVE-2013-4293 - RESERVED +CVE-2013-4293 (The server in Red Hat JBoss Operations Network (JON) 3.1.2 logs ...) NOT-FOR-US: Red Hat JBoss Operations Network CVE-2013-4292 (libvirt 1.1.0 and 1.1.1 allows local users to cause a denial of ...) - libvirt 1.1.2~rc2-1 (bug #721325) @@ -5154,8 +5210,7 @@ [wheezy] - squid3 <not-affected> (Only affects 3.2 onwards) [squeeze] - squid3 <not-affected> (Only affects 3.2 onwards) NOTE: http://www.squid-cache.org/Advisories/SQUID-2013_3.txt -CVE-2013-4122 [cyrus-sasl NULL ptr. dereference] - RESERVED +CVE-2013-4122 (Cyrus SASL 2.1.23, 2.1.26, and earlier does not properly handle when a ...) - cyrus-sasl2 2.1.25.dfsg1-14 (bug #716835) [wheezy] - cyrus-sasl2 <not-affected> (Only exploitable with eglibc 2.17 and later) [squeeze] - cyrus-sasl2 <not-affected> (Only exploitable with eglibc 2.17 and later) @@ -5503,8 +5558,8 @@ RESERVED CVE-2013-3990 (Cross-site scripting (XSS) vulnerability in the MIME e-mail ...) NOT-FOR-US: IBM -CVE-2013-3989 - RESERVED +CVE-2013-3989 (IBM Security AppScan Enterprise 8.x before 8.8 sends a cleartext ...) + TODO: check CVE-2013-3988 RESERVED CVE-2013-3987 @@ -6140,8 +6195,7 @@ RESERVED CVE-2013-3705 RESERVED -CVE-2013-3704 - RESERVED +CVE-2013-3704 (The RPM GPG key import and handling feature in libzypp 12.15.0 and ...) NOT-FOR-US: libzypp CVE-2013-3703 RESERVED @@ -7075,8 +7129,7 @@ RESERVED CVE-2013-3281 RESERVED -CVE-2013-3280 - RESERVED +CVE-2013-3280 (EMC RSA Authentication Agent 7.1.x before 7.1.2 for Web for Internet ...) NOT-FOR-US: RSA Authentication Agent for Web for Internet Information Services CVE-2013-3279 (EMC Atmos before 2.1.4 has a blank password for the PostgreSQL ...) NOT-FOR-US: EMC @@ -7172,10 +7225,9 @@ NOTE: http://git.videolan.org/?p=vlc.git;a=commit;h=59c9e8309d5b435a2d85c2c9eaae979ba56ccdd9 NOTE: http://secunia.com/blog/372/ NOTE: http://www.jbkempf.com/blog/post/2013/More-lies-from-Secunia -CVE-2013-3244 - RESERVED -CVE-2013-3243 - RESERVED +CVE-2013-3244 (Multiple unspecified vulnerabilities in the CJDB_FILL_MEMORY_FROM_PPB ...) + TODO: check +CVE-2013-3243 (Unspecified vulnerability in OpenText/IXOS ECM for SAP NetWeaver ...) NOT-FOR-US: SAP NetWeaver CVE-2013-3242 (plugins/system/remember/remember.php in Joomla! 2.5.x before 2.5.10 ...) - joomla <itp> (bug #571794) @@ -8612,8 +8664,7 @@ CVE-2013-2652 RESERVED NOT-FOR-US: WebCollab -CVE-2013-2651 - RESERVED +CVE-2013-2651 (Multiple cross-site scripting (XSS) vulnerabilities in BoltWire 3.5 ...) NOT-FOR-US: Boltwire CVE-2013-2650 RESERVED @@ -9775,8 +9826,7 @@ - linux-2.6 <removed> (low) - linux 3.9.4-1 (low) NOTE: https://github.com/torvalds/linux/commit/85dfb745ee40232876663ae206cba35f24ab2a40 -CVE-2013-2236 [Quagga OSPF-API stack overrun] - RESERVED +CVE-2013-2236 (Stack-based buffer overflow in the new_msg_lsa_change_notify function ...) - quagga 0.99.22.4-1 (bug #726724) NOTE: http://lists.quagga.net/pipermail/quagga-dev/2013-July/010621.html CVE-2013-2235 @@ -9872,8 +9922,7 @@ NOTE: http://santuario.apache.org/secadv.data/CVE-2013-2210.txt CVE-2013-2209 (Cross-site scripting (XSS) vulnerability in the auto-complete widget ...) NOT-FOR-US: Reviewboard (this was once in experimental, but removed later on) -CVE-2013-2208 [arbitrary code execution when processing untrusted TPP template] - RESERVED +CVE-2013-2208 (tpp 1.3.1 allows remote attackers to execute arbitrary commands via a ...) - tpp 1.3.1-3 (low; bug #706644) [squeeze] - tpp <no-dsa> (Minor issue) [wheezy] - tpp <no-dsa> (Minor issue) @@ -9944,8 +9993,7 @@ - linux <not-affected> (RHEL-specific issue) CVE-2013-2187 RESERVED -CVE-2013-2186 - RESERVED +CVE-2013-2186 (The DiskFileItem class in Apache Commons FileUpload as used in, Red ...) - libcommons-fileupload-java <unfixed> (bug #726601) CVE-2013-2185 [tomcat: arbitrary file upload via deserialization] RESERVED @@ -10035,7 +10083,7 @@ {DSA-2737-1} - swift 1.8.0-6 (low; bug #712202) [wheezy] - swift 1.4.8-2+deb7u1 -CVE-2013-2160 (Apache CXF 2.5.x before 2.5.10, 2.6.x before 2.6.7, and 2.7.x before ...) +CVE-2013-2160 (The streaming XML parser in Apache CXF 2.5.x before 2.5.10, 2.6.x ...) NOT-FOR-US: Apache CXF CVE-2013-2159 [monkey broken authentication] RESERVED @@ -10242,8 +10290,7 @@ NOTE: Starting with 2013.1-1 code in keystone/middleware/auth_token.py moved to python-keystoneclient CVE-2013-2103 RESERVED -CVE-2013-2102 - RESERVED +CVE-2013-2102 (The default configuration of Red Hat JBoss Portal before 6.1.0 enables ...) NOT-FOR-US: GateIn Portal CVE-2013-2101 RESERVED @@ -11461,13 +11508,11 @@ RESERVED CVE-2013-1744 RESERVED -CVE-2013-1743 [Cross-Site Scripting] - RESERVED +CVE-2013-1743 (Multiple cross-site scripting (XSS) vulnerabilities in report.cgi in ...) - bugzilla <not-affected> (Only affects 4.1 to 4.4) - bugzilla4 <itp> (bug #669643) NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=924932 -CVE-2013-1742 [Cross-Site Scripting] - RESERVED +CVE-2013-1742 (Multiple cross-site scripting (XSS) vulnerabilities in ...) - bugzilla <removed> (low) [squeeze] - bugzilla <no-dsa> (Minor issue) - bugzilla4 <itp> (bug #669643) @@ -11509,14 +11554,12 @@ [squeeze] - icedove <end-of-life> - iceape <unfixed> [squeeze] - iceape <end-of-life> -CVE-2013-1734 [Cross-Site Request Forgery] - RESERVED +CVE-2013-1734 (Cross-site request forgery (CSRF) vulnerability in attachment.cgi in ...) - bugzilla <removed> (low) [squeeze] - bugzilla <no-dsa> (Minor issue) - bugzilla4 <itp> (bug #669643) NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=913904 -CVE-2013-1733 [Cross-Site Request Forgery] - RESERVED +CVE-2013-1733 (Cross-site request forgery (CSRF) vulnerability in process_bug.cgi in ...) - bugzilla <not-affected> (Only affects 4.4) - bugzilla4 <itp> (bug #669643) NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=911593 @@ -12525,8 +12568,7 @@ RESERVED CVE-2013-1446 RESERVED -CVE-2013-1445 [PRNG not correctly reseeded in some situations] - RESERVED +CVE-2013-1445 (The Crypto.Random.atfork function in PyCrypto before 2.6.1 does not ...) {DSA-2781-1} - python-crypto 2.6.1-1 CVE-2013-1444 (A certain Debian patch for txt2man 1.5.5, as used in txt2man 1.5.5-2, ...) @@ -13402,8 +13444,8 @@ RESERVED CVE-2013-1068 RESERVED -CVE-2013-1067 - RESERVED +CVE-2013-1067 (Apport 2.12.5 and earlier uses weak permissions for core dump files ...) + TODO: check CVE-2013-1066 (language-selector 0.110.x before 0.110.1, 0.90.x before 0.90.1, and ...) NOT-FOR-US: language-selector CVE-2013-1065 (backend.py in Jockey before 0.9.7-0ubuntu7.11 does not properly use ...) @@ -13428,8 +13470,7 @@ RESERVED CVE-2013-1057 RESERVED -CVE-2013-1056 - RESERVED +CVE-2013-1056 (X.org X server 1.13.3 and earlier, when not run as root, allows local ...) - xorg-server <not-affected> (Ubuntu-specific patch, see http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-1056.html) CVE-2013-1055 RESERVED @@ -15728,8 +15769,7 @@ CVE-2013-0338 (libxml2 2.9.0 and earlier allows context-dependent attackers to cause ...) {DSA-2652-1} - libxml2 2.8.0+dfsg1-7+nmu1 (bug #702260) -CVE-2013-0337 [Directory /var/log/nginx is world readable] - RESERVED +CVE-2013-0337 (The default configuration of nginx, possibly 1.3.13 and earlier, uses ...) - nginx <unfixed> (low; bug #701112) [squeeze] - nginx <no-dsa> (Minor issue) [wheezy] - nginx <no-dsa> (Minor issue) @@ -16495,8 +16535,7 @@ RESERVED CVE-2012-6304 RESERVED -CVE-2012-6303 [WaveSurfer and Snack Sound Toolkit buffer overflows] - RESERVED +CVE-2012-6303 (Heap-based buffer overflow in the GetWavHeader function in ...) - snack 2.2.10-dfsg1-12.1 (low; bug #695614) [squeeze] - snack 2.2.10-dfsg1-9+squeeze1 - wavesurfer <not-affected> (originally reported in wavesurfer, but actually a bug in libsnack, see bug #695615) @@ -21500,8 +21539,7 @@ NOT-FOR-US: Red Hat CloudForms CVE-2012-4573 (The v1 API in OpenStack Glance Grizzly, Folsom (2012.2), and Essex ...) - glance 2012.1.1-2 (bug #692641) -CVE-2012-4572 - RESERVED +CVE-2012-4572 (Red Hat JBoss Enterprise Application Platform (EAP) before 6.1.0 and ...) - jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226) CVE-2012-4571 (Python Keyring 0.9.1 does not securely initialize the cipher when ...) - python-keyring 0.9.2-1 (bug #675379) @@ -21626,8 +21664,7 @@ - linux 3.2.35-1 - linux-2.6 <removed> [squeeze] - linux-2.6 2.6.32-48 -CVE-2012-4529 - RESERVED +CVE-2012-4529 (The org.apache.catalina.connector.Response.encodeURL method in Red Hat ...) - jbossas4 <not-affected> (Only builds a few libraries, not the full application server) CVE-2012-4528 (The mod_security2 module before 2.7.0 for the Apache HTTP Server ...) - modsecurity-apache 2.6.6-5 (bug #691146) @@ -31089,17 +31126,14 @@ CVE-2012-0828 RESERVED - xchat <not-affected> (Only affects Xchat on Windows and Maemo) -CVE-2012-0827 - RESERVED +CVE-2012-0827 (The File module in Drupal 7.x before 7.11, when using unspecified ...) - drupal7 7.11-1 - drupal6 <not-affected> -CVE-2012-0826 - RESERVED +CVE-2012-0826 (Cross-site request forgery (CSRF) vulnerability in the Aggregator ...) {DSA-2776-1} - drupal7 7.11-1 - drupal6 6.26-1 -CVE-2012-0825 - RESERVED +CVE-2012-0825 (Drupal 6.x before 6.23 and 7.x before 7.11 does not verify that ...) {DSA-2776-1} - drupal7 7.11-1 - drupal6 6.26-1 @@ -35910,8 +35944,7 @@ - phpmyadmin 4:3.4.7.1-1 (bug #656247) [lenny] - phpmyadmin <not-affected> (Vulerable code not present) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=751112 -CVE-2011-4106 - RESERVED +CVE-2011-4106 (TimThumb (timthumb.php) before 2.0 does not validate the entire source ...) NOT-FOR-US: wordpress plugin timthumb CVE-2011-4105 (LightDM before 1.0.6 allows local users to change ownership of ...) - lightdm 1.0.6-2 @@ -57776,8 +57809,7 @@ - xmail 1.27-1 (low) [lenny] - xmail <no-dsa> (Minor issue) NOTE: http://www.xmailserver.org/ChangeLog.html#feb_25__2010_v_1_27 -CVE-2010-1159 [aircrack-ng EAPOL buffer overflow] - RESERVED +CVE-2010-1159 (Multiple heap-based buffer overflows in Aircrack-ng before 1.1 allow ...) - aircrack-ng 1:1.1-1 (low; bug #577758) [lenny] - aircrack-ng <no-dsa> (low) [etch] - aircrack-ng <no-dsa> (low) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits