Author: carnil
Date: 2013-12-03 08:51:39 +0000 (Tue, 03 Dec 2013)
New Revision: 24535
Modified:
data/CVE/list
Log:
Run a manual update for CVE list
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-12-03 07:01:40 UTC (rev 24534)
+++ data/CVE/list 2013-12-03 08:51:39 UTC (rev 24535)
@@ -1,4 +1,44 @@
-CVE-2013-6918
+CVE-2013-6920
+ RESERVED
+CVE-2013-6919
+ RESERVED
+CVE-2013-6917
+ RESERVED
+CVE-2013-6916
+ RESERVED
+CVE-2013-6915
+ RESERVED
+CVE-2013-6914
+ RESERVED
+CVE-2013-6913
+ RESERVED
+CVE-2013-6912
+ RESERVED
+CVE-2013-6911
+ RESERVED
+CVE-2013-6910
+ RESERVED
+CVE-2013-6909
+ RESERVED
+CVE-2013-6908
+ RESERVED
+CVE-2013-6907
+ RESERVED
+CVE-2013-6906
+ RESERVED
+CVE-2013-6905
+ RESERVED
+CVE-2013-6904
+ RESERVED
+CVE-2013-6903
+ RESERVED
+CVE-2013-6902
+ RESERVED
+CVE-2013-6901
+ RESERVED
+CVE-2013-6900
+ RESERVED
+CVE-2013-6918 (The web interface on the Satechi travel router 1.5, when Wi-Fi
is used ...)
NOT-FOR-US: Satechi travel router
CVE-2013-6899
RESERVED
@@ -246,8 +286,8 @@
NOT-FOR-US: Olat
CVE-2013-6792
RESERVED
-CVE-2013-6791
- RESERVED
+CVE-2013-6791 (Microsoft Enhanced Mitigation Experience Toolkit (EMET) before
4.0 ...)
+ TODO: check
CVE-2013-6790
RESERVED
CVE-2013-6789 (security/MemberLoginForm.php in SilverStripe 3.0.3 supports ...)
@@ -391,8 +431,8 @@
RESERVED
CVE-2013-6719
RESERVED
-CVE-2013-6718
- RESERVED
+CVE-2013-6718 (The Advanced Management Module (AMM) with firmware 3.64B,
3.64C, and ...)
+ TODO: check
CVE-2013-6717
RESERVED
CVE-2013-6716
@@ -436,10 +476,10 @@
NOT-FOR-US: Cisco
CVE-2013-6697
RESERVED
-CVE-2013-6696
- RESERVED
-CVE-2013-6695
- RESERVED
+CVE-2013-6696 (Cisco Adaptive Security Appliance (ASA) Software does not
properly ...)
+ TODO: check
+CVE-2013-6695 (The RBAC implementation in Cisco Secure Access Control System
(ACS) ...)
+ TODO: check
CVE-2013-6694 (The IPSec implementation in Cisco IOS allows remote attackers
to cause ...)
NOT-FOR-US: Cisco
CVE-2013-6693 (The MLDP implementation in Cisco IOS 15.3(3)S and earlier on
7600 ...)
@@ -1141,8 +1181,7 @@
- percona-xtrabackup <unfixed> (bug #730544)
CVE-2013-6393
RESERVED
-CVE-2013-6392 [information disclosure]
- RESERVED
+CVE-2013-6392 (The genlock_dev_ioctl function in genlock.c in the Genlock
driver for ...)
- linux-2.6 <not-affected> (Android-specific)
- linux <not-affected> (Android-specific)
NOTE:
https://www.codeaurora.org/cgit/quic/la/kernel/msm/commit/drivers/base/genlock.c?id=e3c43027bdb59f03eec7ead0a01c77e4bf801625&h=jb_3.2.3
@@ -1372,8 +1411,8 @@
RESERVED
CVE-2013-6308
RESERVED
-CVE-2013-6307
- RESERVED
+CVE-2013-6307 (Cross-site scripting (XSS) vulnerability in IBM Security QRadar
SIEM ...)
+ TODO: check
CVE-2013-6306
RESERVED
CVE-2013-6305
@@ -1913,10 +1952,12 @@
RESERVED
CVE-2013-6054
RESERVED
+ {DSA-2808-1}
CVE-2013-6053
RESERVED
CVE-2013-6052
RESERVED
+ {DSA-2808-1}
CVE-2013-6051 [bgpd crash on valid BGP updates]
RESERVED
{DSA-2803-1}
@@ -1942,6 +1983,7 @@
RESERVED
CVE-2013-6045
RESERVED
+ {DSA-2808-1}
CVE-2013-6044 (The is_safe_url function in utils/http.py in Django 1.4.x
before ...)
{DSA-2740-1}
- python-django 1.5.2-1
@@ -2928,11 +2970,10 @@
RESERVED
CVE-2013-5637
RESERVED
-CVE-2013-5636
- RESERVED
+CVE-2013-5636 (Unlock.exe in Media Encryption EPM Explorer in Check Point
Endpoint ...)
NOT-FOR-US: Check Point Endpoint Security
-CVE-2013-5635
- RESERVED
+CVE-2013-5635 (Media Encryption EPM Explorer in Check Point Endpoint Security
through ...)
+ TODO: check
CVE-2013-5633
REJECTED
CVE-2013-5632
@@ -3378,8 +3419,8 @@
RESERVED
CVE-2013-5464
RESERVED
-CVE-2013-5463
- RESERVED
+CVE-2013-5463 (The WinCollect agent in IBM Security QRadar SIEM before
7.1.1.569824 ...)
+ TODO: check
CVE-2013-5462
RESERVED
CVE-2013-5461
@@ -3408,8 +3449,8 @@
NOT-FOR-US: IBM
CVE-2013-5449
RESERVED
-CVE-2013-5448
- RESERVED
+CVE-2013-5448 (Cross-site scripting (XSS) vulnerability in the Right Click
Plugin ...)
+ TODO: check
CVE-2013-5447
RESERVED
CVE-2013-5446 (The console on IBM WebSphere DataPower XC10 appliances 2.1.0
and 2.5.0 ...)
@@ -5448,7 +5489,7 @@
CVE-2013-4544
RESERVED
CVE-2013-4543
- RESERVED
+ REJECTED
CVE-2013-4542
RESERVED
CVE-2013-4541
@@ -5478,7 +5519,7 @@
CVE-2013-4529
RESERVED
CVE-2013-4528
- RESERVED
+ REJECTED
CVE-2013-4527
RESERVED
CVE-2013-4526
@@ -5854,7 +5895,7 @@
CVE-2013-4418
RESERVED
CVE-2013-4417
- RESERVED
+ REJECTED
CVE-2013-4416 (The Ocaml xenstored implementation (oxenstored) in Xen 4.1.x,
4.2.x, ...)
- xen <not-affected> (ocaml version of the xenstore daemon not used in
Debian)
CVE-2013-4415
@@ -7832,11 +7873,9 @@
RESERVED
CVE-2013-3709
RESERVED
-CVE-2013-3708
- RESERVED
+CVE-2013-3708 (The id1.GetPrinterURLList function in Novell iPrint Client
before 5.93 ...)
NOT-FOR-US: Novell iPrint Client
-CVE-2013-3707
- RESERVED
+CVE-2013-3707 (The HTTPSTK service in the novell-nrm package before ...)
NOT-FOR-US: Novell Open Enterprise Server 2
CVE-2013-3706
RESERVED
@@ -8221,7 +8260,7 @@
- otrs2 3.2.7-1
[squeeze] - otrs2 <not-affected>
CVE-2013-3550
- RESERVED
+ REJECTED
CVE-2013-3549
RESERVED
CVE-2013-3548
@@ -9962,8 +10001,8 @@
RESERVED
CVE-2013-2819
RESERVED
-CVE-2013-2818
- RESERVED
+CVE-2013-2818 (The DNP Master Driver in Alstom e-terracontrol 3.5, 3.6, and
3.7 ...)
+ TODO: check
CVE-2013-2817
RESERVED
CVE-2013-2816
@@ -10704,8 +10743,8 @@
RESERVED
CVE-2013-2506 (app/models/spree/user.rb in spree_auth_devise in Spree 1.1.x
before ...)
NOT-FOR-US: Spree
-CVE-2012-6535
- RESERVED
+CVE-2012-6535 (DjVuLibre before 3.5.25.3, as used in Evince, Sumatra PDF
Reader, ...)
+ TODO: check
CVE-2013-2505
RESERVED
CVE-2013-2504
@@ -14223,6 +14262,7 @@
RESERVED
CVE-2013-1447
RESERVED
+ {DSA-2808-1}
CVE-2013-1446
RESERVED
CVE-2013-1445 (The Crypto.Random.atfork function in PyCrypto before 2.6.1 does
not ...)
@@ -33882,8 +33922,7 @@
RESERVED
CVE-2012-0435 (SUSE WebYaST before 1.2 0.2.63-0.6.1 allows remote attackers to
modify ...)
NOT-FOR-US: YAST
-CVE-2012-0434
- RESERVED
+CVE-2012-0434 (The server in Crowbar, as used in SUSE Cloud 1.0, uses weak ...)
NOT-FOR-US: Crowbar
CVE-2012-0433
RESERVED
@@ -33897,13 +33936,12 @@
NOT-FOR-US: NetIQ eDirectory
CVE-2012-0428 (Cross-site scripting (XSS) vulnerability in NetIQ eDirectory
8.8.6.x ...)
NOT-FOR-US: NetIQ eDirectory
-CVE-2012-0427
- RESERVED
-CVE-2012-0426
- RESERVED
+CVE-2012-0427 (yast2-add-on-creator in SUSE inst-source-utils 2008.11.26
before ...)
+ TODO: check
+CVE-2012-0426 (Race condition in sap_suse_cluster_connector before 1.0.0-0.8.1
in ...)
NOT-FOR-US: SUSE Linux Enterprise for SAP Applications
-CVE-2012-0425
- RESERVED
+CVE-2012-0425 (LanItems.ycp in save_y2logs in yast2-network before 2.24.4 in
SUSE ...)
+ TODO: check
CVE-2012-0424
RESERVED
CVE-2012-0423
@@ -33912,8 +33950,7 @@
RESERVED
CVE-2012-0421 (The SUSE Audit Log Keeper daemon before 0.2.1-0.4.6.1 for SUSE
Manager ...)
NOT-FOR-US: SUSE Audit Log Keeper daemon
-CVE-2012-0420
- RESERVED
+CVE-2012-0420 (zypp-refresh-wrapper in SUSE Zypper before 1.3.20 and 1.6.x
before ...)
NOT-FOR-US: SUSE Zypper
CVE-2012-0419 (Directory traversal vulnerability in the agent HTTP interfaces
in ...)
NOT-FOR-US: Novell GroupWise
@@ -33925,8 +33962,8 @@
RESERVED
CVE-2012-0415
RESERVED
-CVE-2012-0414
- RESERVED
+CVE-2012-0414 (Cross-site scripting (XSS) vulnerability in the Spacewalk
service in ...)
+ TODO: check
CVE-2012-0413
RESERVED
CVE-2012-0412
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
