[Secure-testing-commits] r56890 - data/CVE

Raphael Geissert Fri, 20 Oct 2017 08:13:15 -0700

Author: geissert
Date: 2017-10-20 15:12:39 +0000 (Fri, 20 Oct 2017)
New Revision: 56890


Modified:
   data/CVE/list
Log:
NFUs, webmin


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-10-20 13:13:16 UTC (rev 56889)
+++ data/CVE/list       2017-10-20 15:12:39 UTC (rev 56890)
@@ -35,23 +35,23 @@
 CVE-2017-15652
        RESERVED
 CVE-2017-15651 (PRTG Network Monitor 17.3.33.2830 allows remote authenticated 
...)
-       TODO: check
+       NOT-FOR-US: PRTG Network Monitor
 CVE-2017-15649 (net/packet/af_packet.c in the Linux kernel before 4.13.6 
allows local ...)
        - linux <unfixed>
        NOTE: Fixed by: 
https://git.kernel.org/linus/008ba2a13f2d04c947adc536d19debb8fe66f110
        NOTE: Fixed by: 
https://git.kernel.org/linus/4971613c1639d8e5f102c4e797c3bf8f83a5a69e
 CVE-2017-15648 (In PHPSUGAR PHP Melody before 2.7.3, page_manager.php has XSS 
via the ...)
-       TODO: check
+       NOT-FOR-US: PHPSUGAR PHP Melody
 CVE-2017-15647 (On FiberHome routers, Directory Traversal exists in 
/cgi-bin/webproc ...)
-       TODO: check
+       NOT-FOR-US: On FiberHome
 CVE-2017-15646 (Webmin before 1.860 has XSS with resultant remote code 
execution. Under ...)
-       TODO: check
+       - webmin <removed>
 CVE-2017-15645 (CSRF exists in Webmin 1.850. By sending a GET request to ...)
-       TODO: check
+       - webmin <removed>
 CVE-2017-15644 (SSRF exists in Webmin 1.850 via the PATH_INFO to 
tunnel/link.cgi, as ...)
-       TODO: check
+       - webmin <removed>
 CVE-2017-15643 (An active network attacker (MiTM) can achieve remote code 
execution on ...)
-       TODO: check
+       NOT-FOR-US: IKARUS Anti Virus
 CVE-2017-15650 (musl libc before 1.1.17 has a buffer overflow via crafted DNS 
replies ...)
        - musl 1.1.17-1
        NOTE: 
https://git.musl-libc.org/cgit/musl/patch/?id=45ca5d3fcb6f874bf5ba55d0e9651cef68515395
@@ -4512,11 +4512,11 @@
 CVE-2017-14020
        RESERVED
 CVE-2017-14019 (An Unquoted Search Path or Element issue was discovered in 
Progea ...)
-       TODO: check
+       NOT-FOR-US: Progea Movicon
 CVE-2017-14018
        RESERVED
 CVE-2017-14017 (An Uncontrolled Search Path Element issue was discovered in 
Progea ...)
-       TODO: check
+       NOT-FOR-US: Progea Movicon
 CVE-2017-14016
        RESERVED
 CVE-2017-14015
@@ -13486,7 +13486,7 @@
 CVE-2017-10934
        RESERVED
 CVE-2017-10933 (All versions prior to V2.06.00.00 of ZTE ZXDT22 SF01, an 
monitoring ...)
-       TODO: check
+       NOT-FOR-US: ZTE ZXDT22 SF01
 CVE-2017-10932 (All versions prior to V12.17.20 of the ZTE Microwave NR8000 
series ...)
        NOT-FOR-US: ZTE Microwave
 CVE-2017-10931 (The ZXR10 1800-2S before v3.00.40 incorrectly restricts the 
download ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r56890 - data/CVE

Reply via email to