Author: joeyh
Date: 2012-12-05 21:14:25 +0000 (Wed, 05 Dec 2012)
New Revision: 20612
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-12-05 10:00:09 UTC (rev 20611)
+++ data/CVE/list 2012-12-05 21:14:25 UTC (rev 20612)
@@ -1,3 +1,7 @@
+CVE-2012-6067 (freeFTPd.exe in freeFTPd through 1.0.11 allows remote attackers
to ...)
+ TODO: check
+CVE-2012-6066 (freeSSHd.exe in freeSSHd through 1.2.6 allows remote attackers
to ...)
+ TODO: check
CVE-2012-XXXX [Insecure salt value usage when in the same mysql session]
- mysql-5.1 <unfixed>
- mysql-5.5 <unfixed>
@@ -8,28 +12,28 @@
NOT-FOR-US: CMS Made Simple
CVE-2012-6063 (Double free vulnerability in the sftp_mkdir function in sftp.c
in ...)
- libssh 0.5.3-1
-CVE-2012-6062
- RESERVED
-CVE-2012-6061
- RESERVED
-CVE-2012-6060
- RESERVED
-CVE-2012-6059
- RESERVED
-CVE-2012-6058
- RESERVED
-CVE-2012-6057
- RESERVED
-CVE-2012-6056
- RESERVED
-CVE-2012-6055
- RESERVED
-CVE-2012-6054
- RESERVED
-CVE-2012-6053
- RESERVED
-CVE-2012-6052
- RESERVED
+CVE-2012-6062 (The dissect_rtcp_app function in epan/dissectors/packet-rtcp.c
in the ...)
+ TODO: check
+CVE-2012-6061 (The dissect_wtp_common function in epan/dissectors/packet-wtp.c
in the ...)
+ TODO: check
+CVE-2012-6060 (Integer overflow in the dissect_iscsi_pdu function in ...)
+ TODO: check
+CVE-2012-6059 (The dissect_isakmp function in epan/dissectors/packet-isakmp.c
in the ...)
+ TODO: check
+CVE-2012-6058 (Integer overflow in the dissect_icmpv6 function in ...)
+ TODO: check
+CVE-2012-6057 (The dissect_eigrp_metric_comm function in ...)
+ TODO: check
+CVE-2012-6056 (Integer overflow in the dissect_sack_chunk function in ...)
+ TODO: check
+CVE-2012-6055 (epan/dissectors/packet-3g-a11.c in the 3GPP2 A11 dissector in
...)
+ TODO: check
+CVE-2012-6054 (The dissect_sflow_245_address_type function in ...)
+ TODO: check
+CVE-2012-6053 (epan/dissectors/packet-usb.c in the USB dissector in Wireshark
1.6.x ...)
+ TODO: check
+CVE-2012-6052 (Wireshark 1.8.x before 1.8.4 allows remote attackers to obtain
...)
+ TODO: check
CVE-2011-5246
RESERVED
CVE-2013-0100
@@ -418,8 +422,8 @@
RESERVED
CVE-2012-5976
RESERVED
-CVE-2012-5975
- RESERVED
+CVE-2012-5975 (The SSH USERAUTH CHANGE REQUEST feature in SSH Tectia Server
6.0.4 ...)
+ TODO: check
CVE-2012-5974
RESERVED
CVE-2012-5973
@@ -1314,47 +1318,47 @@
CVE-2012-5603
RESERVED
CVE-2012-5602
- RESERVED
+ REJECTED
- wireshark <unfixed> (unimportant)
NOTE: not suitable for code injection
CVE-2012-5601
- RESERVED
+ REJECTED
- wireshark <unfixed> (unimportant)
NOTE: not suitable for code injection
CVE-2012-5600
- RESERVED
+ REJECTED
- wireshark <unfixed> (unimportant)
NOTE: not suitable for code injection
CVE-2012-5599
- RESERVED
+ REJECTED
- wireshark <unfixed> (unimportant)
NOTE: not suitable for code injection
CVE-2012-5598
- RESERVED
+ REJECTED
- wireshark <unfixed> (unimportant)
NOTE: not suitable for code injection
CVE-2012-5597
- RESERVED
+ REJECTED
- wireshark <unfixed> (unimportant)
NOTE: not suitable for code injection
CVE-2012-5596
- RESERVED
+ REJECTED
- wireshark <unfixed> (unimportant)
NOTE: not suitable for code injection
CVE-2012-5595
- RESERVED
+ REJECTED
- wireshark <unfixed> (unimportant)
NOTE: not suitable for code injection
CVE-2012-5594
- RESERVED
+ REJECTED
- wireshark <unfixed> (unimportant)
NOTE: not suitable for code injection
CVE-2012-5593
- RESERVED
+ REJECTED
- wireshark <unfixed> (unimportant)
NOTE: not suitable for code injection
CVE-2012-5592
- RESERVED
+ REJECTED
- wireshark <unfixed> (unimportant)
NOTE: not suitable for code injection
CVE-2012-5591
@@ -2802,14 +2806,14 @@
NOT-FOR-US: RealPlayer
CVE-2012-4986
RESERVED
-CVE-2012-4985
- RESERVED
+CVE-2012-4985 (The Forescout CounterACT NAC device 6.3.4.1 does not block ARP
and ...)
+ TODO: check
CVE-2012-4984
RESERVED
-CVE-2012-4983
- RESERVED
-CVE-2012-4982
- RESERVED
+CVE-2012-4983 (Multiple cross-site scripting (XSS) vulnerabilities on the
Forescout ...)
+ TODO: check
+CVE-2012-4982 (Open redirect vulnerability in assets/login on the Forescout
...)
+ TODO: check
CVE-2012-4981
RESERVED
CVE-2012-4980
@@ -3123,8 +3127,8 @@
NOT-FOR-US: Oreans WinLicense
CVE-2012-4863
RESERVED
-CVE-2012-4862
- RESERVED
+CVE-2012-4862 (The Host Connect emulator in IBM Rational Developer for System
z 7.1 ...)
+ TODO: check
CVE-2012-4861
RESERVED
CVE-2012-4860
@@ -3879,10 +3883,10 @@
NOT-FOR-US: EMC
CVE-2012-4610 (EMC Avamar Client for VMware 6.1 stores the cleartext server
root ...)
NOT-FOR-US: VMware
-CVE-2012-4609
- RESERVED
-CVE-2012-4608
- RESERVED
+CVE-2012-4609 (The web interface in EMC RSA NetWitness Informer before 2.0.5.6
allows ...)
+ TODO: check
+CVE-2012-4608 (Cross-site request forgery (CSRF) vulnerability in the web
interface ...)
+ TODO: check
CVE-2012-4607
RESERVED
CVE-2011-5127 (Directory traversal vulnerability in Blue Coat Reporter 9.x
before ...)
@@ -4795,8 +4799,8 @@
RESERVED
CVE-2012-4348
RESERVED
-CVE-2012-4347
- RESERVED
+CVE-2012-4347 (Multiple directory traversal vulnerabilities in Symantec
Messaging ...)
+ TODO: check
CVE-2012-4346
RESERVED
CVE-2012-4345 (Multiple cross-site scripting (XSS) vulnerabilities in the
Database ...)
@@ -7413,8 +7417,8 @@
NOT-FOR-US: IBM Rational Business Developer
CVE-2012-3318
RESERVED
-CVE-2012-3317
- RESERVED
+CVE-2012-3317 (IBM WebSphere Message Broker 6.1 before 6.1.0.11, 7.0 before
7.0.0.5, ...)
+ TODO: check
CVE-2012-3316
RESERVED
CVE-2012-3315 (The Java servlets in the management console in IBM Tivoli
Federated ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
