Author: geissert Date: 2017-10-20 15:12:39 +0000 (Fri, 20 Oct 2017) New Revision: 56890
Modified: data/CVE/list Log: NFUs, webmin Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-10-20 13:13:16 UTC (rev 56889) +++ data/CVE/list 2017-10-20 15:12:39 UTC (rev 56890) @@ -35,23 +35,23 @@ CVE-2017-15652 RESERVED CVE-2017-15651 (PRTG Network Monitor 17.3.33.2830 allows remote authenticated ...) - TODO: check + NOT-FOR-US: PRTG Network Monitor CVE-2017-15649 (net/packet/af_packet.c in the Linux kernel before 4.13.6 allows local ...) - linux <unfixed> NOTE: Fixed by: https://git.kernel.org/linus/008ba2a13f2d04c947adc536d19debb8fe66f110 NOTE: Fixed by: https://git.kernel.org/linus/4971613c1639d8e5f102c4e797c3bf8f83a5a69e CVE-2017-15648 (In PHPSUGAR PHP Melody before 2.7.3, page_manager.php has XSS via the ...) - TODO: check + NOT-FOR-US: PHPSUGAR PHP Melody CVE-2017-15647 (On FiberHome routers, Directory Traversal exists in /cgi-bin/webproc ...) - TODO: check + NOT-FOR-US: On FiberHome CVE-2017-15646 (Webmin before 1.860 has XSS with resultant remote code execution. Under ...) - TODO: check + - webmin <removed> CVE-2017-15645 (CSRF exists in Webmin 1.850. By sending a GET request to ...) - TODO: check + - webmin <removed> CVE-2017-15644 (SSRF exists in Webmin 1.850 via the PATH_INFO to tunnel/link.cgi, as ...) - TODO: check + - webmin <removed> CVE-2017-15643 (An active network attacker (MiTM) can achieve remote code execution on ...) - TODO: check + NOT-FOR-US: IKARUS Anti Virus CVE-2017-15650 (musl libc before 1.1.17 has a buffer overflow via crafted DNS replies ...) - musl 1.1.17-1 NOTE: https://git.musl-libc.org/cgit/musl/patch/?id=45ca5d3fcb6f874bf5ba55d0e9651cef68515395 @@ -4512,11 +4512,11 @@ CVE-2017-14020 RESERVED CVE-2017-14019 (An Unquoted Search Path or Element issue was discovered in Progea ...) - TODO: check + NOT-FOR-US: Progea Movicon CVE-2017-14018 RESERVED CVE-2017-14017 (An Uncontrolled Search Path Element issue was discovered in Progea ...) - TODO: check + NOT-FOR-US: Progea Movicon CVE-2017-14016 RESERVED CVE-2017-14015 @@ -13486,7 +13486,7 @@ CVE-2017-10934 RESERVED CVE-2017-10933 (All versions prior to V2.06.00.00 of ZTE ZXDT22 SF01, an monitoring ...) - TODO: check + NOT-FOR-US: ZTE ZXDT22 SF01 CVE-2017-10932 (All versions prior to V12.17.20 of the ZTE Microwave NR8000 series ...) NOT-FOR-US: ZTE Microwave CVE-2017-10931 (The ZXR10 1800-2S before v3.00.40 incorrectly restricts the download ...) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits