thr3ads.net - Secure testing commits - [Secure-testing-commits] r11966

If this information is useful, please help other people find it:
Share via:
Giuseppe Iuculano
2009-May-24 16:56 UTC
[Secure-testing-commits] r11966 - data/CVE

Author: derevko-guest
Date: 2009-05-24 16:56:59 +0000 (Sun, 24 May 2009)
New Revision: 11966

Modified:
   data/CVE/list
Log:
NFUs
openssl bug filed


Modified: data/CVE/list
==================================================================---
data/CVE/list	2009-05-24 09:14:14 UTC (rev 11965)
+++ data/CVE/list	2009-05-24 16:56:59 UTC (rev 11966)
@@ -1006,15 +1006,14 @@
 CVE-2009-1380
 	RESERVED
 CVE-2009-1379 (Use-after-free vulnerability in the
dtls1_retrieve_buffered_fragment ...)
-	TODO: check
+	- openssl <unfixed> (low; bug #530400)
+	- openssl097 <not-affected> (DTLS support was introduced in 0.9.8)
 CVE-2009-1378 (Multiple memory leaks in the dtls1_process_out_of_seq_message
function ...)
-	- openssl <unfixed>
+	- openssl <unfixed> (low; bug #530400)
 	- openssl097 <not-affected> (DTLS support was introduced in 0.9.8)
-	TODO: File bug
 CVE-2009-1377 (The dtls1_buffer_record function in ssl/d1_pkt.c in OpenSSL
0.9.8k and ...)
-	- openssl <unfixed>
+	- openssl <unfixed> (low; bug #530400)
 	- openssl097 <not-affected> (DTLS support was introduced in 0.9.8)
-	TODO: File bug
 CVE-2009-1376 [new pidgin issues]
 	RESERVED
 	{DSA-1805-1}
@@ -2057,7 +2056,7 @@
 CVE-2009-1162
 	RESERVED
 CVE-2009-1161 (Directory traversal vulnerability in the TFTP service in Cisco
...)
-	TODO: check
+	NOT-FOR-US: CiscoWorks
 CVE-2009-1160 (Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX
Security ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliances
 CVE-2009-1159 (Unspecified vulnerability on Cisco Adaptive Security Appliances
(ASA) ...)
@@ -2723,11 +2722,11 @@
 CVE-2009-0945 (Array index error in the insertItemBefore method in WebKit, as
used in ...)
 	TODO: check
 CVE-2009-0944 (The Microsoft Office Spotlight Importer in Spotlight in Apple
Mac OS X ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Office Spotlight
 CVE-2009-0943 (Help Viewer in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7
does not ...)
-	TODO: check
+	NOT-FOR-US: Help Viewer in Apple Mac OS X
 CVE-2009-0942 (Help Viewer in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7
does not ...)
-	TODO: check
+	NOT-FOR-US: Help Viewer in Apple Mac OS X
 CVE-2009-0941 (The HP Embedded Web Server (EWS) on HP LaserJet Printers,
Edgeline ...)
 	NOT-FOR-US: HP Embedded Web Server
 CVE-2009-0940 (Multiple cross-site request forgery (CSRF) vulnerabilities in
the HP ...)
@@ -2864,7 +2863,7 @@
 CVE-2009-0898
 	RESERVED
 CVE-2009-0897 (IBM WebSphere Partner Gateway (WPG) 6.1.0 before 6.1.0.1 and
6.1.1 ...)
-	TODO: check
+	NOT-FOR-US: IBM WebSphere
 CVE-2009-0896
 	RESERVED
 CVE-2009-0895
@@ -3694,7 +3693,7 @@
 CVE-2009-0722 (Directory traversal vulnerability in admin.php in Potato News
1.0.0 ...)
 	NOT-FOR-US: Potato News
 CVE-2009-0721 (Unspecified vulnerability in Easy Login in the Sender module in
HP ...)
-	TODO: check
+	NOT-FOR-US: HP Remote Graphics
 CVE-2009-0720 (Unspecified vulnerability in HP OpenView Network Node Manager
(OV NNM) ...)
 	NOT-FOR-US: HP OpenView Network Node Manager
 CVE-2009-0719 (Unspecified vulnerability in useradd in HP HP-UX B.11.11,
B.11.23, and ...)
@@ -3708,7 +3707,7 @@
 CVE-2009-0715 (Unspecified vulnerability in Secure NaviCLI in HP Storage
Essentials ...)
 	NOT-FOR-US: HP Storage Essentials
 CVE-2009-0714 (Unspecified vulnerability in HP Data Protector Express and
Express SSE ...)
-	TODO: check
+	NOT-FOR-US: HP Data Protector Express
 CVE-2009-0713 (Unspecified vulnerability in WMI Mapper for HP Systems Insight
Manager ...)
 	NOT-FOR-US: WMI Mapper
 CVE-2009-0712 (Unspecified vulnerability in WMI Mapper for HP Systems Insight
Manager ...)
@@ -5857,30 +5856,30 @@
 CVE-2009-0161 (The OpenSSL::OCSP module for Ruby in Apple Mac OS X 10.5 before
10.5.7 ...)
 	TODO: check
 CVE-2009-0160 (QuickDraw Manager in Apple Mac OS X 10.4.11 and 10.5 before
10.5.7 ...)
-	TODO: check
+	NOT-FOR-US: QuickDraw Manager
 CVE-2009-0159 (Stack-based buffer overflow in the cookedprint function in
ntpq/ntpq.c ...)
 	{DSA-1801-1}
 	- ntp <unfixed> (low; bug #525373)
 CVE-2009-0158 (Stack-based buffer overflow in telnet in Apple Mac OS X 10.4.11
and ...)
-	TODO: check
+	NOT-FOR-US: telnet in Apple Mac OS X
 CVE-2009-0157 (Heap-based buffer overflow in CFNetwork in Apple Mac OS X 10.5
before ...)
-	TODO: check
+	NOT-FOR-US: CFNetwork in Apple
 CVE-2009-0156 (Launch Services in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7
...)
-	TODO: check
+	NOT-FOR-US: Launch Services in Apple Mac OS
 CVE-2009-0155 (Integer underflow in CoreGraphics in Apple Mac OS X 10.5 before
10.5.7 ...)
-	TODO: check
+	NOT-FOR-US: CoreGraphics in Apple Mac OS
 CVE-2009-0154 (Heap-based buffer overflow in Apple Type Services (ATS) in Apple
Mac ...)
-	TODO: check
+	NOT-FOR-US: Apple Type Services
 CVE-2009-0153 (International Components for Unicode (ICU) in Apple Mac OS X
10.5 ...)
-	TODO: check
+	NOT-FOR-US: Apple Mac OS X
 CVE-2009-0152 (iChat in Apple Mac OS X 10.5 before 10.5.7 disables SSL for AOL
...)
-	TODO: check
+	NOT-FOR-US: iChat in Apple Mac OS X
 CVE-2009-0151
 	RESERVED
 CVE-2009-0150 (Stack-based buffer overflow in Apple Mac OS X 10.5 before 10.5.7
...)
-	TODO: check
+	NOT-FOR-US: Apple Mac OS X
 CVE-2009-0149 (Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows local users
to ...)
-	TODO: check
+	NOT-FOR-US: Apple Mac OS X
 CVE-2009-0148 (Multiple buffer overflows in Cscope before 15.7a allow remote
...)
 	{DSA-1806-1}
 	- cscope <unfixed> (low; bug #528510)
@@ -5899,9 +5898,9 @@
 	- kdegraphics <unfixed> (medium; bug #524810)
 	- swftools <unfixed> (medium; bug #527449)
 CVE-2009-0145 (CoreGraphics in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7
allows ...)
-	TODO: check
+	NOT-FOR-US: CoreGraphics in Apple Mac OS X
 CVE-2009-0144 (CFNetwork in Apple Mac OS X 10.5 before 10.5.7 does not properly
parse ...)
-	TODO: check
+	NOT-FOR-US: CFNetwork in Apple Mac OS X
 CVE-2009-0143 (Apple iTunes before 8.1 does not properly inform the user about
the ...)
 	NOT-FOR-US: Apple iTunes
 CVE-2009-0142 (Race condition in AFP Server in Apple Mac OS X 10.5.6 allows
local ...)
@@ -6917,7 +6916,7 @@
 CVE-2009-0011 (Certificate Assistant in Apple Mac OS X 10.5.6 allows local
users to ...)
 	NOT-FOR-US: Apple Mac OS X
 CVE-2009-0010 (Integer underflow in QuickDraw Manager in Apple Mac OS X 10.4.11
and ...)
-	TODO: check
+	NOT-FOR-US: QuickDraw Manager in Apple Mac OS X
 CVE-2009-0009 (Unspecified vulnerability in the Pixlet codec in Apple Mac OS X
...)
 	NOT-FOR-US: Apple Mac OS X
 CVE-2009-0008 (Unspecified vulnerability in Apple QuickTime MPEG-2 Playback
Component ...)
@@ -16834,7 +16833,7 @@
 CVE-2008-1518 (Stack-based buffer overflow in kl1.sys in Kaspersky Anti-Virus
6.0 and ...)
 	NOT-FOR-US: Kaspersky Anti-Virus
 CVE-2008-1517 (Array index error in the xnu (Mach) kernel in Apple Mac OS X
10.5 ...)
-	TODO: check
+	NOT-FOR-US: Apple Mac OS X xnu Kernel
 CVE-2008-1516
 	RESERVED
 CVE-2008-1515 (The SOAP interface in OTRS 2.1.x before 2.1.8 and 2.2.x before
2.2.6 ...)
Secure testing commits - May 2009 - r11966 - data/CVE

[Secure-testing-commits] r11966 - data/CVE
