[Secure-testing-commits] r49980 - data/CVE

Moritz Muehlenhoff Thu, 23 Mar 2017 15:08:17 -0700

Author: jmm
Date: 2017-03-23 22:07:08 +0000 (Thu, 23 Mar 2017)
New Revision: 49980


Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-03-23 21:59:26 UTC (rev 49979)
+++ data/CVE/list       2017-03-23 22:07:08 UTC (rev 49980)
@@ -1,7 +1,7 @@
 CVE-2017-7243
        RESERVED
 CVE-2017-7242 (Multiple Cross-Site Scripting (XSS) were discovered in 
admin/modules ...)
-       TODO: check
+       NOT-FOR-US: SLiMS
 CVE-2017-7241
        RESERVED
 CVE-2017-7240
@@ -148,7 +148,7 @@
 CVE-2017-7201
        RESERVED
 CVE-2017-7199 (Nessus 6.6.2 - 6.10.3 contains a flaw related to insecure 
permissions ...)
-       TODO: check
+       NOT-FOR-US: Nessus
 CVE-2017-7200 (An SSRF issue was discovered in OpenStack Glance before Newton. 
The ...)
        - glance 2:13.0.0-1
        [jessie] - glance <no-dsa> (Minor issue, too intrusive to backport)
@@ -688,7 +688,7 @@
 CVE-2017-6951 (The keyring_search_aux function in security/keys/keyring.c in 
the Linux ...)
        - linux 4.0.2-1
 CVE-2017-6950 (SAP GUI 7.2 through 7.5 allows remote attackers to bypass 
intended ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2017-6949 (An issue was discovered in CHICKEN Scheme through 4.12.0. When 
using a ...)
        - chicken <unfixed> (bug #858057)
        [jessie] - chicken <no-dsa> (Minor issue)
@@ -768,7 +768,7 @@
 CVE-2017-6912
        RESERVED
 CVE-2017-6911 (USB Pratirodh is prone to sensitive information disclosure. It 
stores ...)
-       TODO: check
+       NOT-FOR-US: USB Pratirodh
 CVE-2017-6910
        RESERVED
 CVE-2017-6909 (An issue was discovered in Shimmie &lt;= 2.5.1. The 
vulnerability exists ...)
@@ -798,7 +798,7 @@
 CVE-2017-6896 (Privilege escalation vulnerability on the DIGISOL DG-HR1400 
1.00.02 ...)
        NOT-FOR-US: DIGISOL DG-HR1400 1.00.02 wireless router
 CVE-2017-6895 (USB Pratirodh allows remote attackers to conduct XML External 
Entity ...)
-       TODO: check
+       NOT-FOR-US: USB Pratirodh
 CVE-2017-6894
        RESERVED
 CVE-2017-6893
@@ -1637,7 +1637,7 @@
 CVE-2017-6518 (Cross-site scripting (XSS) vulnerability in 
/sanadata/seo/index.asp in ...)
        NOT-FOR-US: SanaCMS
 CVE-2017-6517 (Microsoft Skype 7.16.0.102 contains a vulnerability that could 
allow ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2017-6516 (A Local Privilege Escalation Vulnerability in MagniComp's 
Sysinfo ...)
        NOT-FOR-US: MagniComp
 CVE-2017-6515
@@ -2258,11 +2258,11 @@
 CVE-2017-6362
        RESERVED
 CVE-2017-6361 (QNAP QTS before 4.2.4 Build 20170313 allows attackers to 
execute ...)
-       TODO: check
+       NOT-FOR-US: QNAP
 CVE-2017-6360 (QNAP QTS before 4.2.4 Build 20170313 allows attackers to gain 
...)
-       TODO: check
+       NOT-FOR-US: QNAP
 CVE-2017-6359 (QNAP QTS before 4.2.4 Build 20170313 allows attackers to gain 
...)
-       TODO: check
+       NOT-FOR-US: QNAP
 CVE-2017-6358
        RESERVED
 CVE-2017-6357
@@ -2736,7 +2736,7 @@
 CVE-2017-6192
        RESERVED
 CVE-2017-6191 (Buffer overflow in APNGDis 2.8 and below allows a remote 
attacker to ...)
-       TODO: check
+       NOT-FOR-US: APNGDis
 CVE-2017-6190
        RESERVED
 CVE-2017-6189 (Untrusted search path vulnerability in Amazon Kindle for PC 
before ...)
@@ -5848,7 +5848,7 @@
 CVE-2017-5228 (All editions of Rapid7 Metasploit prior to version 
4.13.0-2017020701 ...)
        NOT-FOR-US: Rapid7
 CVE-2017-5227 (QNAP QTS before 4.2.4 Build 20170313 allows attackers to obtain 
...)
-       TODO: check
+       NOT-FOR-US: QNAP
 CVE-2017-5225 (LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow 
in the ...)
        {DLA-795-1}
        - tiff 4.0.7-5 (bug #851297)
@@ -25063,7 +25063,7 @@
 CVE-2016-7469
        RESERVED
 CVE-2016-7468 (An unauthenticated remote attacker may be able to disrupt 
services on ...)
-       TODO: check
+       NOT-FOR-US: F5
 CVE-2016-7467
        RESERVED
 CVE-2016-7465
@@ -46539,7 +46539,7 @@
        NOTE: http://gultsch.de/gajim_roster_push_and_message_interception.html
        NOTE: 
https://trac.gajim.org/changeset/af78b7c068904d78c5dfb802826aae99f26a8947/
 CVE-2015-8687 (Multiple cross-site scripting (XSS) vulnerabilities in the 
Management ...)
-       TODO: check
+       NOT-FOR-US: Alcatel
 CVE-2015-8686
        RESERVED
 CVE-2015-8685 (Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr 
...)
@@ -57583,7 +57583,7 @@
 CVE-2015-5735 (The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, 
and (4) ...)
        NOT-FOR-US: Fortinet
 CVE-2015-5729 (The Soft Access Point (AP) feature in Samsung Smart TVs X10P, 
X12, ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2015-5728
        RESERVED
 CVE-2015-5727 (The BER decoder in Botan 1.10.x before 1.10.10 and 1.11.x 
before ...)
@@ -62284,7 +62284,7 @@
 CVE-2015-4168
        RESERVED
 CVE-2015-4166 (Cloudera Key Trustee Server before 5.4.3 does not store keys 
...)
-       TODO: check
+       NOT-FOR-US: Cloudera
 CVE-2015-4165 [unspecified arbitrary files modification vulnerability]
        RESERVED
        - elasticsearch 1.6.0+dfsg-1 (bug #788471)
@@ -62574,7 +62574,7 @@
 CVE-2015-4079
        RESERVED
 CVE-2015-4078 (Cloudera Navigator 2.2.x before 2.2.4 and 2.3.x before 2.3.3 
include ...)
-       TODO: check
+       NOT-FOR-US: Cloudera
 CVE-2015-4077 (The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, 
and (4) ...)
        NOT-FOR-US: Fortinet
 CVE-2015-4076
@@ -68247,7 +68247,7 @@
 CVE-2015-2264 (Multiple untrusted search path vulnerabilities in (1) ...)
        NOT-FOR-US: Telerik Analytics Monitor Library
 CVE-2015-2263 (Cloudera Manager 4.x, 5.0.x before 5.0.6, 5.1.x before 5.1.5, 
5.2.x ...)
-       TODO: check
+       NOT-FOR-US: Cloudera
 CVE-2015-2262
        RESERVED
 CVE-2015-2261
@@ -81654,7 +81654,7 @@
 CVE-2014-7280 (Cross-site scripting (XSS) vulnerability in the Web UI before 
2.3.4 ...)
        NOT-FOR-US: Nessus Web UI
 CVE-2014-7279 (The Konke Smart Plug K does not require authentication for 
TELNET ...)
-       TODO: check
+       NOT-FOR-US: Konke Smart Plug K
 CVE-2014-7284 (The net_get_random_once implementation in net/core/utils.c in 
the ...)
        - linux 3.16.2-1
        [wheezy] - linux <not-affected> (Vulnerable code introduced in 3.13)
@@ -100682,7 +100682,7 @@
        NOTE: https://svn.apache.org/viewvc?view=revision&revision=1603781 (7.x)
        NOTE: https://svn.apache.org/viewvc?view=revision&revision=1659537 (6.x)
 CVE-2014-0229 (Apache Hadoop 0.23.x before 0.23.11 and 2.x before 2.4.1, as 
used in ...)
-       TODO: check
+       NOT-FOR-US: Hadoop as packaged by Cloudera
 CVE-2014-0228 (Apache Hive before 0.13.1, when in SQL standards based 
authorization ...)
        NOT-FOR-US: Apache Hive
 CVE-2014-0227 (java/org/apache/coyote/http11/filters/ChunkedInputFilter.java 
in ...)
@@ -102834,7 +102834,7 @@
 CVE-2013-6447 (Multiple XML External Entity (XXE) vulnerabilities in the (1) 
...)
        NOT-FOR-US: JBoss Seam
 CVE-2013-6446 (The JobHistory Server in Cloudera CDH 4.x before 4.6.0 and 5.x 
before ...)
-       TODO: check
+       NOT-FOR-US: Cloudera
 CVE-2013-6445 (Cumin (aka MRG Management Console), as used in Red Hat 
Enterprise MRG ...)
        NOT-FOR-US: Cumin
 CVE-2013-6444 (PyWBEM 0.7 and earlier does not verify that the server hostname 
...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r49980 - data/CVE

Reply via email to