Author: sectracker Date: 2016-02-22 21:10:12 +0000 (Mon, 22 Feb 2016) New Revision: 39819
Modified: data/CVE/list Log: automatic update Modified: data/CVE/list =================================================================== --- data/CVE/list 2016-02-22 19:54:00 UTC (rev 39818) +++ data/CVE/list 2016-02-22 21:10:12 UTC (rev 39819) @@ -1,3 +1,43 @@ +CVE-2016-2532 + RESERVED +CVE-2016-2531 + RESERVED +CVE-2016-2530 + RESERVED +CVE-2016-2529 + RESERVED +CVE-2016-2528 + RESERVED +CVE-2016-2527 + RESERVED +CVE-2016-2526 + RESERVED +CVE-2016-2525 + RESERVED +CVE-2016-2524 + RESERVED +CVE-2016-2523 + RESERVED +CVE-2016-2522 + RESERVED +CVE-2016-2521 + RESERVED +CVE-2016-2520 + RESERVED +CVE-2016-2519 + RESERVED +CVE-2016-2518 + RESERVED +CVE-2016-2517 + RESERVED +CVE-2016-2516 + RESERVED +CVE-2016-2514 + RESERVED +CVE-2016-2513 + RESERVED +CVE-2016-2512 + RESERVED CVE-2016-XXXX [usb: integer overflow in remote NDIS control message handling] - qemu <unfixed> - qemu-kvm <removed> @@ -6,8 +46,10 @@ NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/02/22/3 TODO: check versions CVE-2016-2515 + RESERVED NOT-FOR-US: NodeJS Hawk CVE-2016-2511 [Reflected Cross-Site Scripting] + RESERVED - websvn <removed> CVE-2016-2509 (The password-sync feature on Belden Hirschmann Classic Platform ...) NOT-FOR-US: Belden Hirschmann Classic Platform switches @@ -224,7 +266,8 @@ CVE-2016-2403 RESERVED CVE-2013-7448 [path traversal vulnerability] - {DSA-3485-1} + RESERVED + {DSA-3485-1 DLA-424-1} - didiwiki 0.5-12 (bug #815111) NOTE: https://github.com/OpenedHand/didiwiki/pull/1/files NOTE: http://www.openwall.com/lists/oss-security/2016/02/19/4 @@ -640,22 +683,20 @@ RESERVED CVE-2016-2276 RESERVED -CVE-2016-2275 - RESERVED +CVE-2016-2275 (The web interface on Advantech/B+B SmartWorx VESP211-EU devices with ...) + TODO: check CVE-2016-2274 RESERVED CVE-2016-2273 RESERVED CVE-2016-2272 RESERVED -CVE-2016-2271 [XSA-170: VMX: guest user mode may crash guest with non-canonical RIP] - RESERVED +CVE-2016-2271 (VMX in Xen 4.6.x and earlier, when using an Intel or Cyrix CPU, allows ...) - xen <unfixed> [squeeze] - xen <end-of-life> (Unsupported in Squeeze LTS) NOTE: http://xenbits.xen.org/xsa/advisory-170.html TODO: check -CVE-2016-2270 [XSA-154: x86: inconsistent cachability flags on guest mappings] - RESERVED +CVE-2016-2270 (Xen 4.6.x and earlier allows local guest administrators to cause a ...) - xen <unfixed> [squeeze] - xen <end-of-life> (Unsupported in Squeeze LTS) NOTE: http://xenbits.xen.org/xsa/advisory-154.html @@ -1206,6 +1247,7 @@ NOTE: https://lists.matroska.org/pipermail/matroska-users/2015-October/006985.html NOTE: https://github.com/Matroska-Org/libebml/commit/ababb64e0c792ad2a314245233db0833ba12036b CVE-2016-2533 [Buffer overflow in Python-Pillow and PIL] + {DLA-422-1} - pillow 3.1.1-1 - python-imaging <removed> NOTE: https://github.com/python-pillow/Pillow/pull/1706 @@ -1449,45 +1491,37 @@ NOTE: https://www.djangoproject.com/weblog/2016/feb/01/releases-192-and-189/ CVE-2016-2046 (Cross-site scripting (XSS) vulnerability in the Nessus Web UI in ...) TODO: check -CVE-2016-2045 - RESERVED +CVE-2016-2045 (Cross-site scripting (XSS) vulnerability in the SQL editor in ...) - phpmyadmin 4:4.5.4-1 [squeeze] - phpmyadmin <not-affected> (vulnerable code not present) NOTE: https://www.phpmyadmin.net/security/PMASA-2016-9/ -CVE-2016-2044 - RESERVED +CVE-2016-2044 (libraries/sql-parser/autoload.php in the SQL parser in phpMyAdmin ...) - phpmyadmin 4:4.5.4-1 [squeeze] - phpmyadmin <not-affected> (vulnerable code not present) NOTE: https://www.phpmyadmin.net/security/PMASA-2016-8/ -CVE-2016-2043 - RESERVED +CVE-2016-2043 (Cross-site scripting (XSS) vulnerability in the goToFinish1NF function ...) - phpmyadmin 4:4.5.4-1 [squeeze] - phpmyadmin <not-affected> (vulnerable code not present) NOTE: https://www.phpmyadmin.net/security/PMASA-2016-7/ -CVE-2016-2042 - RESERVED +CVE-2016-2042 (phpMyAdmin 4.4.x before 4.4.15.3 and 4.5.x before 4.5.4 allows remote ...) - phpmyadmin 4:4.5.4-1 [squeeze] - phpmyadmin <not-affected> (vulnerable code not present) NOTE: https://www.phpmyadmin.net/security/PMASA-2016-6/ -CVE-2016-2041 - RESERVED +CVE-2016-2041 (libraries/common.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x ...) {DLA-406-1} - phpmyadmin 4:4.5.4-1 NOTE: https://www.phpmyadmin.net/security/PMASA-2016-5/ NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/fe62b69a5b032de8e1d9d0a04456c1cecf46428c -CVE-2016-2040 - RESERVED +CVE-2016-2040 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...) - phpmyadmin 4:4.5.4-1 [squeeze] - phpmyadmin <no-dsa> (minor issue) NOTE: https://www.phpmyadmin.net/security/PMASA-2016-3/ -CVE-2016-2039 - RESERVED +CVE-2016-2039 (libraries/session.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x ...) {DLA-406-1} - phpmyadmin 4:4.5.4-1 NOTE: https://www.phpmyadmin.net/security/PMASA-2016-2/ NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/6fe54dfa000dd6f43f237e859781fad7111ac1bd -CVE-2016-2038 - RESERVED +CVE-2016-2038 (phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x ...) - phpmyadmin 4:4.5.4-1 [squeeze] - phpmyadmin <no-dsa> (minor issue) NOTE: https://www.phpmyadmin.net/security/PMASA-2016-1/ @@ -1836,8 +1870,7 @@ TODO: check CVE-2016-1928 (Buffer overflow in the XS engine (hdbxsengine) in SAP HANA allows ...) TODO: check -CVE-2016-1927 - RESERVED +CVE-2016-1927 (The suggestPassword function in js/functions.js in phpMyAdmin 4.0.x ...) - phpmyadmin 4:4.5.4-1 [squeeze] - phpmyadmin <no-dsa> (minor issue) NOTE: https://www.phpmyadmin.net/security/PMASA-2016-4/ @@ -2593,14 +2626,12 @@ RESERVED CVE-2016-1630 RESERVED -CVE-2016-1629 - RESERVED +CVE-2016-1629 (Google Chrome before 48.0.2564.116 allows remote attackers to bypass ...) {DSA-3486-1} - chromium-browser 48.0.2564.116-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) [squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS) -CVE-2016-1628 - RESERVED +CVE-2016-1628 (pi.c in OpenJPEG, as used in PDFium in Google Chrome before ...) {DSA-3486-1} - chromium-browser 48.0.2564.116-1 [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) @@ -3376,8 +3407,8 @@ RESERVED CVE-2016-1336 RESERVED -CVE-2016-1335 - RESERVED +CVE-2016-1335 (The SSH implementation in Cisco StarOS before 19.3.M0.62771 and 20.x ...) + TODO: check CVE-2016-1334 (Cisco Small Business 500 Wireless Access Point devices with firmware ...) TODO: check CVE-2016-1333 (Cisco IOS 15.5(3)M and 15.6(1)T0a on Cisco 1000 Connected Grid routers ...) @@ -4128,12 +4159,12 @@ RESERVED CVE-2016-1157 RESERVED -CVE-2016-1156 - RESERVED +CVE-2016-1156 (LINE 4.3.0.724 and earlier on Windows and 4.3.1 and earlier on OS X ...) + TODO: check CVE-2016-1155 RESERVED -CVE-2016-1154 - RESERVED +CVE-2016-1154 (SQL injection vulnerability in the Help plug-in 1.3.5 and earlier in ...) + TODO: check CVE-2016-1153 (customapp in Cybozu Office 9.9.0 through 10.3.0 allows remote ...) NOT-FOR-US: Cybozu Office CVE-2016-1152 (Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users ...) @@ -4316,7 +4347,7 @@ CVE-2015-8632 RESERVED CVE-2015-8631 (Multiple memory leaks in kadmin/server/server_stubs.c in kadmind in ...) - {DSA-3466-1} + {DSA-3466-1 DLA-423-1} - krb5 <unfixed> (bug #813126) NOTE: Fixed by: https://github.com/krb5/krb5/commit/83ed75feba32e46f736fcce0d96a0445f29b96c2 CVE-2015-8630 (The (1) kadm5_create_principal_3 and (2) kadm5_modify_principal ...) @@ -4327,7 +4358,7 @@ NOTE: Fixed by: https://github.com/krb5/krb5/commit/b863de7fbf080b15e347a736fdda0a82d42f4f6b NOTE: Introduced by: https://github.com/krb5/krb5/commit/0780e46fc13dbafa177525164997cd204cc50b51 (krb5-1.12-alpha1) CVE-2015-8629 (The xdr_nullstring function in lib/kadm5/kadm_rpc_xdr.c in kadmind in ...) - {DSA-3466-1} + {DSA-3466-1 DLA-423-1} - krb5 <unfixed> (bug #813296) NOTE: Fixed by: https://github.com/krb5/krb5/commit/df17a1224a3406f57477bcd372c61e04c0e5a5bb CVE-2015-8620 @@ -5481,13 +5512,11 @@ NOTE: http://www.halfdog.net/Security/2015/NtpCronjobUserNtpToRootPrivilegeEscalation/ CVE-2016-0726 RESERVED -CVE-2016-0725 [XSS Vulnerability in course management search] - RESERVED +CVE-2016-0725 (Cross-site scripting (XSS) vulnerability in the search_pagination ...) - moodle <not-affected> (Only affects 3.0 to 3.0.1, 2.9 to 2.9.3 and 2.8 to 2.8.9) [squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts) NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-52552 -CVE-2016-0724 [Two enrolment-related web services don't check course visibility] - RESERVED +CVE-2016-0724 (The (1) core_enrol_get_course_enrolment_methods and (2) ...) - moodle 2.7.12+dfsg-1 (bug #811344) [squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts) NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-52072 @@ -9647,8 +9676,8 @@ NOT-FOR-US: Newphoria CVE-2015-7770 (Dell SonicWall TotalSecure TZ 100 devices with firmware before ...) NOT-FOR-US: Dell -CVE-2015-7769 - RESERVED +CVE-2015-7769 (baserCMS 3.0.2 through 3.0.8 allows remote authenticated users to ...) + TODO: check CVE-2015-7768 (Buffer overflow in Konica Minolta FTP Utility 1.0 allows remote ...) NOT-FOR-US: Konica Minolta CVE-2015-7767 (Buffer overflow in Konica Minolta FTP Utility 1.0 allows remote ...) @@ -10749,8 +10778,8 @@ NOT-FOR-US: IBM CVE-2015-7426 (The Data Protection extension in the VMware GUI in IBM Tivoli Storage ...) TODO: check -CVE-2015-7425 - RESERVED +CVE-2015-7425 (The Data Protection component in the VMware vSphere GUI in IBM Tivoli ...) + TODO: check CVE-2015-7424 RESERVED CVE-2015-7423 @@ -16223,36 +16252,28 @@ [wheezy] - subversion <not-affected> (Vulnerable code not present) [squeeze] - subversion <not-affected> (Vulnerable code not present) NOTE: https://subversion.apache.org/security/CVE-2015-5343-advisory.txt -CVE-2015-5342 - RESERVED +CVE-2015-5342 (The choice module in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x ...) - moodle 2.7.11+dfsg-1 [squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts) -CVE-2015-5341 - RESERVED +CVE-2015-5341 (mod_scorm in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before ...) - moodle 2.7.11+dfsg-1 [squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts) -CVE-2015-5340 - RESERVED +CVE-2015-5340 (Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and ...) - moodle 2.7.11+dfsg-1 [squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts) -CVE-2015-5339 - RESERVED +CVE-2015-5339 (The core_enrol_get_enrolled_users web service in enrol/externallib.php ...) - moodle 2.7.11+dfsg-1 [squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts) -CVE-2015-5338 - RESERVED +CVE-2015-5338 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...) - moodle 2.7.11+dfsg-1 [squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts) -CVE-2015-5337 - RESERVED +CVE-2015-5337 (Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and ...) - moodle 2.7.11+dfsg-1 [squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts) -CVE-2015-5336 - RESERVED +CVE-2015-5336 (Multiple cross-site scripting (XSS) vulnerabilities in the survey ...) - moodle 2.7.11+dfsg-1 [squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts) -CVE-2015-5335 - RESERVED +CVE-2015-5335 (Cross-site request forgery (CSRF) vulnerability in ...) - moodle 2.7.11+dfsg-1 [squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts) CVE-2015-5334 @@ -16261,11 +16282,9 @@ CVE-2015-5333 RESERVED - libressl <itp> (bug #754513) -CVE-2015-5332 - RESERVED +CVE-2015-5332 (Atto in Moodle 2.8.x before 2.8.9 and 2.9.x before 2.9.3 allows remote ...) - moodle <not-affected> (Only affects 2.8 and later) -CVE-2015-5331 - RESERVED +CVE-2015-5331 (Moodle 2.9.x before 2.9.3 does not properly check the contact list ...) - moodle <not-affected> (Only affects 2.9 and later) CVE-2015-5330 (ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before ...) {DSA-3433-1} @@ -16544,8 +16563,7 @@ NOT-FOR-US: OpenShift CVE-2015-5273 (The abrt-action-install-debuginfo-to-abrt-cache help program in ...) NOT-FOR-US: abrt is Red Hat / Fedora specific -CVE-2015-5272 [MSA-15-0031: Teacher in forum can still post to "all participants" and groups they are not members of] - RESERVED +CVE-2015-5272 (The Forum module in Moodle 2.7.x before 2.7.10 allows remote ...) - moodle 2.7.10+dfsg-1 (bug #799634) [squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts) NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50576 @@ -16557,33 +16575,27 @@ NOTE: https://bugs.launchpad.net/tripleo/+bug/1494896 CVE-2015-5270 REJECTED -CVE-2015-5269 [MSA-15-0036: XSS in grouping description] - RESERVED +CVE-2015-5269 (Cross-site scripting (XSS) vulnerability in group/overview.php in ...) - moodle 2.7.10+dfsg-1 (bug #799634) [squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts) NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50709 -CVE-2015-5268 [MSA-15-0035: Rating component does not check separate groups] - RESERVED +CVE-2015-5268 (The rating component in Moodle through 2.6.11, 2.7.x before 2.7.10, ...) - moodle 2.7.10+dfsg-1 (bug #799634) [squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts) NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50173 -CVE-2015-5267 [MSA-15-0034: Vulnerability in password recovery mechanism] - RESERVED +CVE-2015-5267 (lib/moodlelib.php in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x ...) - moodle 2.7.10+dfsg-1 (bug #799634) [squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts) NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50860 -CVE-2015-5266 [MSA-15-0033: Meta course synchronisation enrols suspended students as managers for a short period of time] - RESERVED +CVE-2015-5266 (The enrol_meta_sync function in enrol/meta/locallib.php in Moodle ...) - moodle 2.7.10+dfsg-1 (bug #799634) [squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts) NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50744 -CVE-2015-5265 [MSA-15-0032: Users can delete files uploaded by other users in wiki] - RESERVED +CVE-2015-5265 (The wiki component in Moodle through 2.6.11, 2.7.x before 2.7.10, ...) - moodle 2.7.10+dfsg-1 (bug #799634) [squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts) NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48371 -CVE-2015-5264 [MSA-15-0030: Students can re-attempt answering questions in the lesson] - RESERVED +CVE-2015-5264 (The lesson module in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x ...) - moodle 2.7.10+dfsg-1 (bug #799634) [squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts) NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50516 @@ -22255,22 +22267,18 @@ CVE-2015-3276 (The nss_parse_ciphers function in libraries/libldap/tls_m.c in ...) - openldap <unfixed> (unimportant) NOTE: Debian builds with GNUTLS, not NSS -CVE-2015-3275 [Javascript injection in SCORM module] - RESERVED +CVE-2015-3275 (Multiple cross-site scripting (XSS) vulnerabilities in the SCORM ...) - moodle 2.7.9+dfsg-1 (bug #792242) [squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts) NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50614 -CVE-2015-3274 [Possible XSS through custom text profile fields in Web Services] - RESERVED +CVE-2015-3274 (Cross-site scripting (XSS) vulnerability in the user_get_user_details ...) - moodle 2.7.9+dfsg-1 (bug #792242) [squeeze] - moodle <not-affected> (Only similar function looks like the fixed version) NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50130 -CVE-2015-3273 [Capability 'mod/forum:canposttomygroups' is not respected when using 'Post a copy to all groups' in forum] - RESERVED +CVE-2015-3273 (mod/forum/post.php in Moodle 2.9.x before 2.9.1 does not consider the ...) - moodle <not-affected> (Affects only 2.9) NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50220 -CVE-2015-3272 [Possible phishing when redirecting to external site using referer header] - RESERVED +CVE-2015-3272 (Open redirect vulnerability in the clean_param function in ...) - moodle 2.7.9+dfsg-1 (bug #792242) [squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts) NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50688 _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits