[Secure-testing-commits] r21550 - data/CVE

Thu, 07 Mar 2013 22:58:53 -0800 

Author: carnil
Date: 2013-03-08 06:58:41 +0000 (Fri, 08 Mar 2013)
New Revision: 21550

Modified:
   data/CVE/list
Log:
add wireshark CVEs

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2013-03-07 21:28:28 UTC (rev 21549)
+++ data/CVE/list       2013-03-08 06:58:41 UTC (rev 21550)
@@ -6,34 +6,104 @@
        RESERVED
 CVE-2013-2489
        RESERVED
-CVE-2013-2488
+CVE-2013-2488 [DTLS dissector crash]
        RESERVED
-CVE-2013-2487
+       - wireshark <unfixed>
+       NOTE: http://www.wireshark.org/security/wnpa-sec-2013-22.html
+       NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8380
+       NOTE: Versions affected: 1.8.0 to 1.8.X, 1.6.0 to 1.6.X
+       TODO: squeeze version 1.2.x affected also?
+CVE-2013-2487 [RELOAD dissector infinite loop]
        RESERVED
-CVE-2013-2486
+       - wireshark <unfixed>
+       [squeeze] - wireshark <not-affected> (only 1.8.x series)
+       NOTE: http://www.wireshark.org/security/wnpa-sec-2013-21.html
+       NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8364
+       NOTE: Versions affected: 1.8.0 to 1.8.5
+CVE-2013-2486 [RELOAD dissector infinite loop]
        RESERVED
-CVE-2013-2485
+       - wireshark <unfixed>
+       [squeeze] - wireshark <not-affected> (only 1.8.x series)
+       NOTE: http://www.wireshark.org/security/wnpa-sec-2013-21.html
+       NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8364
+       NOTE: Versions affected: 1.8.0 to 1.8.5
+CVE-2013-2485 [CSP dissector infinite loop]
        RESERVED
-CVE-2013-2484
+       - wireshark <unfixed>
+       NOTE: http://www.wireshark.org/security/wnpa-sec-2013-20.html
+       NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8359
+       NOTE: Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13
+       TODO: squeeze version 1.2.x affected also?
+CVE-2013-2484 [CIMD dissector crash]
        RESERVED
-CVE-2013-2483
+       - wireshark <unfixed>
+       NOTE: http://www.wireshark.org/security/wnpa-sec-2013-19.html
+       NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8346
+       NOTE: Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13
+       TODO: squeeze version 1.2.x affected also?
+CVE-2013-2483 [ACN dissector divide by zero]
        RESERVED
-CVE-2013-2482
+       - wireshark <unfixed>
+       NOTE: http://www.wireshark.org/security/wnpa-sec-2013-18.html
+       NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8340
+       NOTE: Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13
+       TODO: squeeze version 1.2.x affected also?
+CVE-2013-2482 [AMPQ dissector infinite loop]
        RESERVED
-CVE-2013-2481
+       - wireshark <unfixed>
+       NOTE: http://www.wireshark.org/security/wnpa-sec-2013-17.html
+       NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8337
+       NOTE: Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13
+       TODO: squeeze version 1.2.x affected also?
+CVE-2013-2481 [Mount dissector crash]
        RESERVED
-CVE-2013-2480
+       - wireshark <unfixed>
+       NOTE: http://www.wireshark.org/security/wnpa-sec-2013-16.html
+       NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8335
+       NOTE: Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13
+       TODO: squeeze version 1.2.x affected also?
+CVE-2013-2480 [RTPS and RTPS2 dissector crash]
        RESERVED
-CVE-2013-2479
+       - wireshark <unfixed>
+       NOTE: http://www.wireshark.org/security/wnpa-sec-2013-15.html
+       NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8332
+       NOTE: Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13
+       TODO: squeeze version 1.2.x affected also?
+CVE-2013-2479 [MPLS Echo dissector infinite loop]
        RESERVED
-CVE-2013-2478
+       - wireshark <unfixed>
+       [squeeze] - wireshark <not-affected> (only affecting 1.8.x)
+       NOTE: http://www.wireshark.org/security/wnpa-sec-2013-14.html
+       NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8039
+       NOTE: Versions affected: 1.8.0 to 1.8.5
+CVE-2013-2478 [MS-MMS dissector crash]
        RESERVED
-CVE-2013-2477
+       - wireshark <unfixed>
+       NOTE: http://www.wireshark.org/security/wnpa-sec-2013-13.html
+       NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8382
+       NOTE: announce mentions: Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 
1.6.13
+       TODO: squeeze 1.2.x affected? 
+CVE-2013-2477 [CSN.1 dissector crash]
        RESERVED
-CVE-2013-2476
+       - wireshark <unfixed>
+       [squeeze] - wireshark <not-affected> (only affecting 1.8.x)
+       NOTE: http://www.wireshark.org/security/wnpa-sec-2013-12.html
+       NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8383
+       NOTE: Versions affected: 1.8.0 to 1.8.5
+CVE-2013-2476 [The HART/IP dissectory could go into an infinite loop]
        RESERVED
-CVE-2013-2475
+       - wireshark <unfixed>
+       [squeeze] - wireshark <not-affected> (only affecting 1.8.x)
+       NOTE: http://www.wireshark.org/security/wnpa-sec-2013-11.html
+       NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8360
+       NOTE: Versions affected: 1.8.0 to 1.8.5
+CVE-2013-2475 [TCP dissector crash]
        RESERVED
+       - wireshark <unfixed>
+       [squeeze] - wireshark <not-affected> (only affecting 1.8.x)
+       NOTE: http://www.wireshark.org/security/wnpa-sec-2013-10.html
+       NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8274
+       NOTE: Versions affected: 1.8.0 to 1.8.5
 CVE-2013-2474
        RESERVED
 CVE-2013-2473


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to