[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process some SAP specific NFUs

Wed, 14 Feb 2018 13:38:04 -0800 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
96840827 by Salvatore Bonaccorso at 2018-02-14T22:37:16+01:00
Process some SAP specific NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -12110,61 +12110,61 @@ CVE-2018-2398
 CVE-2018-2397
        RESERVED
 CVE-2018-2396 (Under certain conditions a malicious user can prevent 
legitimate users ...)
-       TODO: check
+       NOT-FOR-US: SAP Internet Graphics Server
 CVE-2018-2395 (Under certain conditions a malicious user may retrieve 
information on ...)
-       TODO: check
+       NOT-FOR-US: SAP Internet Graphic Server
 CVE-2018-2394 (Under certain conditions an unauthenticated malicious user can 
prevent ...)
-       TODO: check
+       NOT-FOR-US: SAP Internet Graphics Server
 CVE-2018-2393 (Under certain conditions SAP Internet Graphics Server (IGS) 
7.20, ...)
-       TODO: check
+       NOT-FOR-US: SAP Internet Graphics Server
 CVE-2018-2392 (Under certain conditions SAP Internet Graphics Server (IGS) 
7.20, ...)
-       TODO: check
+       NOT-FOR-US: SAP Internet Graphics Server
 CVE-2018-2391 (Under certain conditions a malicious user can prevent 
legitimate users ...)
-       TODO: check
+       NOT-FOR-US: SAP Internet Graphics Server
 CVE-2018-2390 (Under certain conditions a malicious user can prevent 
legitimate users ...)
-       TODO: check
+       NOT-FOR-US: SAP Internet Graphics Server
 CVE-2018-2389 (Under certain conditions a malicious user can inject log files 
of SAP ...)
-       TODO: check
+       NOT-FOR-US: SAP Internet Graphics Server
 CVE-2018-2388 (Stored cross-site scripting vulnerability in SAP internet 
Graphics ...)
-       TODO: check
+       NOT-FOR-US: SAP internet Graphics Server
 CVE-2018-2387 (A vulnerability in the SAP internet Graphics Server, 7.20, 
7.20EXT, ...)
-       TODO: check
+       NOT-FOR-US: SAP internet Graphics Server
 CVE-2018-2386 (Under certain conditions a malicious user provoking an out of 
bounds ...)
-       TODO: check
+       NOT-FOR-US: SAP Internet Graphics Server
 CVE-2018-2385 (Under certain conditions a malicious user provoking a divide by 
zero ...)
-       TODO: check
+       NOT-FOR-US: SAP Internet Graphics Server
 CVE-2018-2384 (Under certain conditions a malicious user provoking a Null 
Pointer ...)
-       TODO: check
+       NOT-FOR-US: SAP Internet Graphics Server
 CVE-2018-2383 (Reflected cross-site scripting vulnerability in SAP internet 
Graphics ...)
-       TODO: check
+       NOT-FOR-US: SAP Internet Graphics Server
 CVE-2018-2382 (A vulnerability in the SAP internet Graphics Server, 7.20, 
7.20EXT, ...)
-       TODO: check
+       NOT-FOR-US: SAP internet Graphics Server
 CVE-2018-2381 (SAP ERP Financials Information System (SAP_APPL 6.00, 6.02, 
6.03, ...)
-       TODO: check
+       NOT-FOR-US: SAP ERP Financials Information System
 CVE-2018-2380
        RESERVED
 CVE-2018-2379 (In SAP HANA Extended Application Services, 1.0, an 
unauthenticated ...)
-       TODO: check
+       NOT-FOR-US: SAP HANA Extended Application Services
 CVE-2018-2378 (In SAP HANA Extended Application Services, 1.0, unauthorized 
users can ...)
-       TODO: check
+       NOT-FOR-US: SAP HANA Extended Application Services
 CVE-2018-2377 (In SAP HANA Extended Application Services, 1.0, some general 
server ...)
-       TODO: check
+       NOT-FOR-US: SAP HANA Extended Application Services
 CVE-2018-2376 (In SAP HANA Extended Application Services, 1.0, a controller 
user who ...)
-       TODO: check
+       NOT-FOR-US: SAP HANA Extended Application Services
 CVE-2018-2375 (In SAP HANA Extended Application Services, 1.0, a controller 
user who ...)
-       TODO: check
+       NOT-FOR-US: SAP HANA Extended Application Services
 CVE-2018-2374 (In SAP HANA Extended Application Services, 1.0, a controller 
user who ...)
-       TODO: check
+       NOT-FOR-US: SAP HANA Extended Application Services
 CVE-2018-2373 (Under certain circumstances, a specific endpoint of the 
Controller's ...)
-       TODO: check
+       NOT-FOR-US: SAP HANA Extended Application Services
 CVE-2018-2372 (A plain keystore password is written to a system log file in 
SAP HANA ...)
-       TODO: check
+       NOT-FOR-US: SAP HANA Extended Application Services
 CVE-2018-2371 (The SAML 2.0 service provider of SAP Netweaver AS Java Web ...)
-       TODO: check
+       NOT-FOR-US: SAP Netweaver AS Java Web Application
 CVE-2018-2370 (Server Side Request Forgery (SSRF) vulnerability in SAP Central 
...)
-       TODO: check
+       NOT-FOR-US: SAP Central Management Console
 CVE-2018-2369 (Under certain conditions SAP HANA, 1.00, 2.00, allows an ...)
-       TODO: check
+       NOT-FOR-US: SAP HANA
 CVE-2018-2368
        RESERVED
 CVE-2018-2367



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/9684082764b11bdcd38b2ebc7957570f68786bee

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/9684082764b11bdcd38b2ebc7957570f68786bee
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to