Author: joeyh
Date: 2011-11-21 21:15:54 +0000 (Mon, 21 Nov 2011)
New Revision: 17656
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2011-11-21 19:17:54 UTC (rev 17655)
+++ data/CVE/list 2011-11-21 21:15:54 UTC (rev 17656)
@@ -1,3 +1,71 @@
+CVE-2011-4498 (Cross-site request forgery (CSRF) vulnerability in the web
console in ...)
+ TODO: check
+CVE-2011-4497 (QIS_wizard.htm on the ASUS RT-N56U router with firmware before
...)
+ TODO: check
+CVE-2011-4496 (Buffer overflow in Aviosoft DTV Player 1.0.1.2 allows remote
attackers ...)
+ TODO: check
+CVE-2011-4495
+ RESERVED
+CVE-2011-4494
+ RESERVED
+CVE-2011-4493
+ RESERVED
+CVE-2011-4492
+ RESERVED
+CVE-2011-4491
+ RESERVED
+CVE-2011-4490
+ RESERVED
+CVE-2011-4489
+ RESERVED
+CVE-2011-4488
+ RESERVED
+CVE-2011-4487
+ RESERVED
+CVE-2011-4486
+ RESERVED
+CVE-2011-4485
+ RESERVED
+CVE-2011-4484
+ RESERVED
+CVE-2011-4483
+ RESERVED
+CVE-2011-4482
+ RESERVED
+CVE-2011-4481
+ RESERVED
+CVE-2011-4480
+ RESERVED
+CVE-2011-4479
+ RESERVED
+CVE-2011-4478
+ RESERVED
+CVE-2011-4477
+ RESERVED
+CVE-2011-4476
+ RESERVED
+CVE-2011-4475
+ RESERVED
+CVE-2011-4474
+ RESERVED
+CVE-2011-4473
+ RESERVED
+CVE-2011-4472
+ RESERVED
+CVE-2011-4471
+ RESERVED
+CVE-2011-4470
+ RESERVED
+CVE-2011-4469
+ RESERVED
+CVE-2011-4468
+ RESERVED
+CVE-2011-4467
+ RESERVED
+CVE-2011-4466
+ RESERVED
+CVE-2011-4465 (Cross-site scripting (XSS) vulnerability in IBM Lotus Mobile
Connect ...)
+ TODO: check
CVE-2011-XXXX [busybox integer overflow]
- busybox <unfixed> (unimportant; bug #635370)
NOTE: not sure if this has a security impact, but its something that should be
corrected
@@ -163,8 +231,8 @@
RESERVED
CVE-2011-4405
RESERVED
-CVE-2011-4404
- RESERVED
+CVE-2011-4404 (The default configuration of the HTTP server in Jetty in vSphere
...)
+ TODO: check
CVE-2011-4403
RESERVED
CVE-2011-4402
@@ -363,8 +431,8 @@
NOTE: http://www.isc.org/software/bind/advisories/cve-2011-4313
CVE-2011-4312
RESERVED
-CVE-2011-4311
- RESERVED
+CVE-2011-4311 (ResourceSpace before 4.2.2833 does not properly validate access
keys, ...)
+ TODO: check
CVE-2011-4310
RESERVED
CVE-2011-4309
@@ -894,8 +962,8 @@
RESERVED
CVE-2011-4160
RESERVED
-CVE-2011-4159
- RESERVED
+CVE-2011-4159 (Unspecified vulnerability in System Administration Manager (SAM)
in ...)
+ TODO: check
CVE-2011-4158 (Unspecified vulnerability in HP Directories Support for ProLiant
...)
NOT-FOR-US: HP Directories Support
CVE-2011-4157 (Stack-based buffer overflow in hydra.exe in HP SAN/iQ before 9.5
on ...)
@@ -1040,6 +1108,7 @@
{DSA-2344-1}
- python-django-piston 0.2.2-2 (high; bug #647315)
CVE-2011-4102 (Heap-based buffer overflow in the erf_read_header function in
...)
+ {DSA-2351-1}
- wireshark 1.6.3-1
NOTE: http://www.wireshark.org/security/wnpa-sec-2011-19.html
NOTE:
http://anonsvn.wireshark.org/viewvc/trunk/wiretap/erf.c?r1=39508&r2=39507&pathrev=39508&view=patch
@@ -1213,8 +1282,8 @@
RESERVED
CVE-2011-4041
RESERVED
-CVE-2011-4040
- RESERVED
+CVE-2011-4040 (Buffer overflow in MiniSmtp 3.0.11818 in NJStar Communicator
allows ...)
+ TODO: check
CVE-2011-4039
RESERVED
CVE-2011-4038
@@ -1896,8 +1965,8 @@
NOT-FOR-US: Wordpress theme
CVE-2011-3850 (Cross-site scripting (XSS) vulnerability in the Atahualpa theme
before ...)
NOT-FOR-US: Wordpress theme
-CVE-2011-3849
- RESERVED
+CVE-2011-3849 (Unspecified vulnerability in dxserver before 6279 in CA
Directory 8.1 ...)
+ TODO: check
CVE-2011-3848 (Directory traversal vulnerability in Puppet 2.6.x before 2.6.10
and ...)
{DSA-2314-1}
- puppet 2.7.3-2