[Secure-testing-commits] r55396 - data/CVE

security tracker role Sat, 02 Sep 2017 14:10:29 -0700

Author: sectracker
Date: 2017-09-02 21:10:12 +0000 (Sat, 02 Sep 2017)
New Revision: 55396


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-09-02 20:52:17 UTC (rev 55395)
+++ data/CVE/list       2017-09-02 21:10:12 UTC (rev 55396)
@@ -7,7 +7,7 @@
 CVE-2017-XXXX [directory traversal vulnerability]
        - unrar-free <unfixed> (bug #874059)
        NOTE: http://www.openwall.com/lists/oss-security/2017/08/20/1
-CVE-2017-14114 [information disclosure or denial of service]
+CVE-2017-14114 (RTPproxy through 2.2.alpha.20160822 has a NAT feature that 
results in ...)
        - rtpproxy <unfixed> (bug #874070)
        NOTE: https://rtpbleed.com/
 CVE-2017-14113
@@ -97,16 +97,16 @@
        RESERVED
 CVE-2017-14078
        RESERVED
-CVE-2017-14098 [AST-2017-007: Remote Crash Vulerability in res_pjsip]
+CVE-2017-14098 (In the pjsip channel driver (res_pjsip) in Asterisk 13.x 
before 13.17.1 ...)
        - asterisk <unfixed> (bug #873909)
        [stretch] - asterisk <not-affected> (Vulnerable code not present; issue 
introduced in 13.15)
        [jessie] - asterisk <not-affected> (Vulnerable code not present; issue 
introduced in 13.15)
        [wheezy] - asterisk <not-affected> (Vulnerable code not present; issue 
introduced in 13.15)
        NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27152
-CVE-2017-14100 [AST-2017-006: Shell access command injection inapp_minivm]
+CVE-2017-14100 (In Asterisk 11.x before 11.25.2, 13.x before 13.17.1, and 14.x 
before ...)
        - asterisk <unfixed> (bug #873908)
        NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27103
-CVE-2017-14099 [AST-2017-005: Media takeover in RTP stack]
+CVE-2017-14099 (In res/res_rtp_asterisk.c in Asterisk 11.x before 11.25.2, 
13.x before ...)
        - asterisk <unfixed> (bug #873907)
        NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27013
 CVE-2017-14077


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r55396 - data/CVE

Reply via email to