[Secure-testing-commits] r52321 - data/CVE

Salvatore Bonaccorso Mon, 05 Jun 2017 05:50:31 -0700

Author: carnil
Date: 2017-06-05 12:50:08 +0000 (Mon, 05 Jun 2017)
New Revision: 52321


Modified:
   data/CVE/list
Log:
Add CVE-2017-9430/dnstracer

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-06-05 12:44:27 UTC (rev 52320)
+++ data/CVE/list       2017-06-05 12:50:08 UTC (rev 52321)
@@ -11,8 +11,12 @@
        - grpc 1.3.2-0.1 (bug #864210)
        NOTE: https://github.com/grpc/grpc/pull/10492
        NOTE: Fixed by: 
https://github.com/grpc/grpc/commit/c6ec1155d026c91b1badb07ef1605bb747cff064
-CVE-2017-9430
+CVE-2017-9430 [stack-based buffer overflow]
        RESERVED
+       - dnstracer <unfixed> (unimportant)
+       NOTE: Crash in CLI tool, disputable if any exposed service makes use of 
dnstrace.
+       NOTE: One scenario would be to have a web application that launches 
dnstracer
+       NOTE: with user supplied name strings to evaluate.
 CVE-2017-9429
        RESERVED
 CVE-2017-9428 (A directory traversal vulnerability exists in ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r52321 - data/CVE

Reply via email to