Author: jmm
Date: 2016-04-26 13:41:43 +0000 (Tue, 26 Apr 2016)
New Revision: 41207
Modified:
data/CVE/list
Log:
several older wireshark issues fixed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-04-26 11:49:01 UTC (rev 41206)
+++ data/CVE/list 2016-04-26 13:41:43 UTC (rev 41207)
@@ -71827,7 +71827,7 @@
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8733
NOTE: Not suitable for code injection
CVE-2013-4080 (The dissect_r3_upstreamcommand_queryconfig function in ...)
- - wireshark <unfixed> (unimportant; bug #711918)
+ - wireshark 1.10.0-1 (unimportant; bug #711918)
NOTE: no code injection, not treated as a security issue, see
README.Debian.security
[squeeze] - wireshark <not-affected> (Only affects 1.8+)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8764
@@ -79133,34 +79133,34 @@
CVE-2010-5287 (SQL injection vulnerability in default.php in Cornerstone
Technologies ...)
NOT-FOR-US: Cornerstone Technologies webConductor
CVE-2013-1581 (The dissect_pft_fec_detailed function in ...)
- - wireshark <unfixed> (unimportant)
+ - wireshark 1.8.6-1 (unimportant)
NOTE: Not suitable for code injection
CVE-2013-1580 (The dissect_cmstatus_tlv function in
plugins/docsis/packet-cmstatus.c ...)
- - wireshark <unfixed> (unimportant)
+ - wireshark 1.8.6-1 (unimportant)
NOTE: Not suitable for code injection
CVE-2013-1579 (The rtps_util_add_bitmap function in
epan/dissectors/packet-rtps.c in ...)
- - wireshark <unfixed> (unimportant)
+ - wireshark 1.8.6-1 (unimportant)
NOTE: Not suitable for code injection
CVE-2013-1578 (The dissect_pw_eth_heuristic function in ...)
- - wireshark <unfixed> (unimportant)
+ - wireshark 1.8.6-1 (unimportant)
NOTE: Not suitable for code injection
CVE-2013-1577 (The dissect_sip_p_charging_func_addresses function in ...)
- - wireshark <unfixed> (unimportant)
+ - wireshark 1.8.6-1 (unimportant)
NOTE: Not suitable for code injection
CVE-2013-1576 (The dissect_sdp_media_attribute function in ...)
- - wireshark <unfixed> (unimportant)
+ - wireshark 1.8.6-1 (unimportant)
NOTE: Not suitable for code injection
CVE-2013-1575 (The dissect_r3_cmd_alarmconfigure function in ...)
- - wireshark <unfixed> (unimportant)
+ - wireshark 1.8.6-1 (unimportant)
NOTE: Not suitable for code injection
CVE-2013-1574 (The dissect_bthci_eir_ad_data function in ...)
- - wireshark <unfixed> (unimportant)
+ - wireshark 1.8.6-1 (unimportant)
NOTE: Not suitable for code injection
CVE-2013-1573 (The csnStreamDissector function in
epan/dissectors/packet-csn1.c in ...)
- - wireshark <unfixed> (unimportant)
+ - wireshark 1.8.6-1 (unimportant)
NOTE: Not suitable for code injection
CVE-2013-1572 (The dissect_oampdu_event_notification function in ...)
- - wireshark <unfixed> (unimportant)
+ - wireshark 1.8.6-1 (unimportant)
NOTE: Not suitable for code injection
CVE-2013-1470 (Cross-site scripting (XSS) vulnerability in calendar/index.php
in the ...)
NOTE: There was a RFP long time ago, bug #203818
@@ -83897,37 +83897,37 @@
NOTE: https://red.libssh.org/issues/84
NOTE:
http://git.libssh.org/projects/libssh.git/commit/?h=v0-5&id=4d8420f3282ed07fc99fc5e930c17df27ef1e9b2
CVE-2012-6062 (The dissect_rtcp_app function in epan/dissectors/packet-rtcp.c
in the ...)
- - wireshark <unfixed> (unimportant)
+ - wireshark 1.8.6-1 (unimportant)
NOTE: not suitable for code injection
CVE-2012-6061 (The dissect_wtp_common function in epan/dissectors/packet-wtp.c
in the ...)
- - wireshark <unfixed> (unimportant)
+ - wireshark 1.8.6-1 (unimportant)
NOTE: not suitable for code injection
CVE-2012-6060 (Integer overflow in the dissect_iscsi_pdu function in ...)
- - wireshark <unfixed> (unimportant)
+ - wireshark 1.8.6-1 (unimportant)
NOTE: not suitable for code injection
CVE-2012-6059 (The dissect_isakmp function in epan/dissectors/packet-isakmp.c
in the ...)
- - wireshark <unfixed> (unimportant)
+ - wireshark 1.8.6-1 (unimportant)
NOTE: not suitable for code injection
CVE-2012-6058 (Integer overflow in the dissect_icmpv6 function in ...)
- - wireshark <unfixed> (unimportant)
+ - wireshark 1.8.6-1 (unimportant)
NOTE: not suitable for code injection
CVE-2012-6057 (The dissect_eigrp_metric_comm function in ...)
- - wireshark <unfixed> (unimportant)
+ - wireshark 1.8.6-1 (unimportant)
NOTE: not suitable for code injection
CVE-2012-6056 (Integer overflow in the dissect_sack_chunk function in ...)
- - wireshark <unfixed> (unimportant)
+ - wireshark 1.8.6-1 (unimportant)
NOTE: not suitable for code injection
CVE-2012-6055 (epan/dissectors/packet-3g-a11.c in the 3GPP2 A11 dissector in
...)
- - wireshark <unfixed> (unimportant)
+ - wireshark 1.8.6-1 (unimportant)
NOTE: not suitable for code injection
CVE-2012-6054 (The dissect_sflow_245_address_type function in ...)
- - wireshark <unfixed> (unimportant)
+ - wireshark 1.8.6-1 (unimportant)
NOTE: not suitable for code injection
CVE-2012-6053 (epan/dissectors/packet-usb.c in the USB dissector in Wireshark
1.6.x ...)
- - wireshark <unfixed> (unimportant)
+ - wireshark 1.8.6-1 (unimportant)
NOTE: not suitable for code injection
CVE-2012-6052 (Wireshark 1.8.x before 1.8.4 allows remote attackers to obtain
...)
- - wireshark <unfixed> (unimportant)
+ - wireshark 1.8.6-1 (unimportant)
NOTE: not suitable for code injection
NOTE: Upstream patch:
http://anonsvn.wireshark.org/viewvc?view=revision&revision=45511
CVE-2011-5246
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
