Author: joeyh Date: 2012-06-22 21:14:34 +0000 (Fri, 22 Jun 2012) New Revision: 19558 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2012-06-22 14:39:52 UTC (rev 19557) +++ data/CVE/list 2012-06-22 21:14:34 UTC (rev 19558) @@ -1,3 +1,5 @@ +CVE-2012-3791 (Multiple SQL injection vulnerabilities in Simple Web Content ...) + TODO: check CVE-2012-3790 (Cross-site scripting (XSS) vulnerability in index.php in Adiscon ...) TODO: check CVE-2011-5095 (The Diffie-Hellman key-exchange implementation in OpenSSL 0.9.8, when ...) @@ -2205,12 +2207,12 @@ RESERVED CVE-2012-2719 RESERVED -CVE-2012-2718 - RESERVED +CVE-2012-2718 (SQL injection vulnerability in the Counter module for Drupal allows ...) + TODO: check CVE-2012-2717 RESERVED -CVE-2012-2716 - RESERVED +CVE-2012-2716 (Cross-site request forgery (CSRF) vulnerability in the Comment ...) + TODO: check CVE-2012-2715 RESERVED CVE-2012-2714 @@ -2384,8 +2386,7 @@ {DSA-2491-1} - postgresql-9.1 9.1.4-1 - postgresql-8.4 8.4.12-1 -CVE-2012-2654 - RESERVED +CVE-2012-2654 (The (1) EC2 and (2) OS APIs in OpenStack Compute (Nova) Folsom ...) - nova 2012.1-6 (bug #676465) CVE-2012-2653 RESERVED @@ -3078,8 +3079,7 @@ - haproxy <unfixed> (bug #674447) CVE-2012-2390 (Memory leak in mm/hugetlb.c in the Linux kernel before 3.4.2 allows ...) - linux-2.6 3.2.19-1 (low) -CVE-2012-2389 - RESERVED +CVE-2012-2389 (hostapd 0.7.3, and possibly other versions before 1.0, uses 0644 ...) - hostapd <not-affected> (Debian package provides no default config file) - wpa <not-affected> (Debian package provides no default config file) CVE-2012-2388 @@ -3642,8 +3642,8 @@ RESERVED CVE-2012-2180 (The chaining functionality in the Distributed Relational Database ...) TODO: check -CVE-2012-2179 - RESERVED +CVE-2012-2179 (libodm.a in IBM AIX 5.3, 6.1, and 7.1 allows local users to overwrite ...) + TODO: check CVE-2012-2178 RESERVED CVE-2012-2177 @@ -3656,10 +3656,10 @@ TODO: check CVE-2012-2173 (The ODBC driver in IBM Security AppScan Source 7.x and 8.x before 8.6 ...) TODO: check -CVE-2012-2172 - RESERVED -CVE-2012-2171 - RESERVED +CVE-2012-2172 (Cross-site scripting (XSS) vulnerability in SoftwareRegistration.do in ...) + TODO: check +CVE-2012-2171 (SQL injection vulnerability in ModuleServlet.do in the Storage Manager ...) + TODO: check CVE-2012-2170 (The Application Snoop Servlet in IBM WebSphere Application Server 7.0 ...) TODO: check CVE-2012-2169 @@ -3708,8 +3708,7 @@ - spip 2.1.13-1 (low; bug #671264) CVE-2012-2150 RESERVED -CVE-2012-2149 [libwpd memory overwrite] - RESERVED +CVE-2012-2149 (The WPXContentListener::_closeTableRow function in ...) - libwpd 0.9.4-1 NOTE: http://permalink.gmane.org/gmane.comp.security.full-disclosure/85789 NOTE: http://libwpd.git.sourceforge.net/git/gitweb.cgi?p=libwpd/libwpd;a=blobdiff;f=src/lib/WPXOLEStream.cpp;h=5bb11bd14912bda74c86392b20eb3d07207b7edb;hp=12b9340584855dca85cd429c1d3cf8a8e252e293;hb=7ce74979eef53d575ca433b525b6dff29cac5fd1;hpb=12560d3cb0f5d998b6d73bb6c881ec815a775932 @@ -3790,8 +3789,7 @@ RESERVED - dokuwiki 0.0.20120125a-1 NOTE: http://bugs.dokuwiki.org/index.php?do=details&task_id=2488 -CVE-2012-2127 - RESERVED +CVE-2012-2127 (fs/proc/root.c in the procfs implementation in the Linux kernel before ...) - linux-2.6 3.2-1 [squeeze] - linux-2.6 <not-affected> (Introduced in 3.1) CVE-2012-2126 @@ -5016,8 +5014,7 @@ - libpgjava <not-affected> (Even the version in oldstable had 8.2) CVE-2012-1617 RESERVED -CVE-2012-1616 - RESERVED +CVE-2012-1616 (Use-after-free vulnerability in icclib before 2.13, as used by Argyll ...) - argyll <unfixed> TODO: check CVE-2012-1615 [sectool dbus priv escalation] @@ -6099,8 +6096,7 @@ [squeeze] - python2.6 <no-dsa> (unimportant) [squeeze] - python3.1 <no-dsa> (unimportant) NOTE: the same hash DoS attack as other languages/bindings -CVE-2012-1149 - RESERVED +CVE-2012-1149 (Integer overflow in the vclmi.dll module in OpenOffice.org (OOo) 3.3, ...) {DSA-2487-1 DSA-2473-1} - libreoffice 1:3.4.5-1 - openoffice.org 1:3.3.0-1 @@ -8316,8 +8312,8 @@ RESERVED CVE-2012-0305 RESERVED -CVE-2012-0304 - RESERVED +CVE-2012-0304 (Symantec LiveUpdate Administrator before 2.3.1 uses weak permissions ...) + TODO: check CVE-2012-0303 RESERVED CVE-2012-0302 @@ -8825,12 +8821,10 @@ RESERVED - linux-2.6 <unfixed> (unimportant) NOTE: Minor info leak, unlikely to be fixed upstream -CVE-2011-4914 - RESERVED +CVE-2011-4914 (The ROSE protocol implementation in the Linux kernel before 2.6.39 ...) {DSA-2389-1} - linux-2.6 2.6.38-4 -CVE-2011-4913 - RESERVED +CVE-2011-4913 (The rose_parse_ccitt function in net/rose/rose_subr.c in the Linux ...) {DSA-2264-1 DSA-2240-1} - linux-2.6 2.6.38-4 CVE-2011-4912 @@ -9203,8 +9197,7 @@ CVE-2012-0220 (Multiple cross-site scripting (XSS) vulnerabilities in the meta plugin ...) {DSA-2474-1} - ikiwiki 3.20120516 -CVE-2012-0219 [socat ''xioscan_readline()'' Heap Based Buffer Overflow Vulnerability] - RESERVED +CVE-2012-0219 (Heap-based buffer overflow in the xioscan_readline function in ...) - socat 1.7.1.3-1.3 (bug #672994) NOTE: http://www.dest-unreach.org/socat/contrib/socat-secadv3.html CVE-2012-0218 @@ -9288,18 +9281,18 @@ NOT-FOR-US: IBM WebSphere Application Server CVE-2012-0192 (Multiple integer overflows in vclmi.dll in the visual class library ...) NOT-FOR-US: IBM Lotus Symphony -CVE-2012-0191 - RESERVED +CVE-2012-0191 (The web container in IBM Lotus Expeditor 6.1.x and 6.2.x before 6.2 ...) + TODO: check CVE-2012-0190 (Unspecified vulnerability in the Render method in the ExportHTML.ocx ...) NOT-FOR-US: IBM SPSS Dimensions CVE-2012-0189 (Multiple unspecified vulnerabilities in the (1) PrintFile and (2) ...) NOT-FOR-US: IBM SPSS SamplePower CVE-2012-0188 (Unspecified vulnerability in the SetLicenseInfoEx method in an ActiveX ...) NOT-FOR-US: IBM SPSS Dimensions -CVE-2012-0187 - RESERVED -CVE-2012-0186 - RESERVED +CVE-2012-0187 (Untrusted search path vulnerability in IBM Lotus Expeditor 6.1.x and ...) + TODO: check +CVE-2012-0186 (Directory traversal vulnerability in the Eclipse Help component in IBM ...) + TODO: check CVE-2011-4837 (Cross-site request forgery (CSRF) vulnerability in /ctrl in the web ...) NOT-FOR-US: HomeSeer CVE-2011-4836 (Cross-site scripting (XSS) vulnerability in the web interface in ...) @@ -10007,8 +10000,7 @@ - xen-qemu-dm-4.0 <removed> [squeeze] - xen <not-affected> (vulnerable code not present) - xen <unfixed> (medium) -CVE-2012-0028 - RESERVED +CVE-2012-0028 (The robust futex implementation in the Linux kernel before 2.6.28 does ...) - linux-2.6 2.6.32-1 CVE-2012-0027 (The GOST ENGINE in OpenSSL before 1.0.0f does not properly handle ...) - openssl 1.0.0f-1 @@ -10316,8 +10308,7 @@ RESERVED - libvirt 0.9.9-1 (low) [squeeze] - libvirt <no-dsa> (Minor issue) -CVE-2011-4599 - RESERVED +CVE-2011-4599 (Stack-based buffer overflow in the _canonicalize function in ...) {DSA-2397-1} - icu 4.8.1.1-3 (bug #654883) CVE-2011-4598 (channels/chan_sip.c in Asterisk Open Source 1.6.2.x before 1.6.2.21 ...) @@ -11099,8 +11090,7 @@ [lenny] - linux-2.6 <not-affected> (Vulnerable code not present) CVE-2011-4325 (The NFS implementation in Linux kernel before 2.6.31-rc6 calls certain ...) - linux-2.6 2.6.32-1 -CVE-2011-4324 - RESERVED +CVE-2011-4324 (The encode_share_access function in fs/nfs/nfs4xdr.c in the Linux ...) - linux-2.6 <not-affected> (RHEL5-specific backport error) CVE-2011-4323 REJECTED @@ -16254,8 +16244,7 @@ NOT-FOR-US: cgit CVE-2011-2710 (Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before ...) - joomla <itp> (bug #571794) -CVE-2011-2709 [GSSAPI_MECH_CONF environment variable not ignored in privileged processes] - RESERVED +CVE-2011-2709 (libgssapi and libgssglue before 0.4 do not properly check privileges, ...) - libgssglue 0.4-1 (low; bug #670256) [squeeze] - libgssglue <no-dsa> (Minor issue in Squeeze) NOTE: Our mount.nfs does not link against libgssglue, @@ -16733,8 +16722,7 @@ - asterisk 1:1.8.4.3-1 (bug #631446) CVE-2011-2528 (Unspecified vulnerability in (1) Zope 2.12.x before 2.12.19 and 2.13.x ...) - plone3 <removed> -CVE-2011-2527 - RESERVED +CVE-2011-2527 (The change_process_uid function in os-posix.c in Qemu 0.14.0 and ...) {DSA-2282-1} - qemu-kvm 0.14.1+dfsg-3 (bug #633669) - kvm <not-affected> (Vulnerable code not present) @@ -16792,8 +16780,7 @@ - openjdk-6 6b21~pre1-1 - icedtea-web <unfixed> NOTE: Browser plugin was removed in openjdk-6 6b21~pre1-1. -CVE-2011-2512 [qemu-kvm: OOB memory access caused by negative vq notifies] - RESERVED +CVE-2011-2512 (The virtio_queue_notify in qemu-kvm 0.14.0 and earlier does not ...) {DSA-2270-1} - qemu-kvm 0.14.1+dfsg-2 (bug #631975) - kvm <removed> @@ -17557,8 +17544,7 @@ {DSA-2389-1 DSA-2310-1} - linux-2.6 2.6.39-3 [squeeze] - linux-2.6 2.6.32-36 -CVE-2011-2212 - RESERVED +CVE-2011-2212 (Buffer overflow in the virtio subsystem in qemu-kvm 0.14.0 and earlier ...) {DSA-2282-1} - qemu-kvm 0.14.1+dfsg-3 (bug #632987) - kvm <removed> @@ -18925,13 +18911,11 @@ CVE-2011-1752 (The mod_dav_svn module for the Apache HTTP Server, as distributed in ...) {DSA-2251-1} - subversion 1.6.17dfsg-1 -CVE-2011-1751 - RESERVED +CVE-2011-1751 (The pciej_write function in hw/acpi_piix4.c in the PIIX4 Power ...) {DSA-2241-1} - qemu-kvm 0.14.1+dfsg-1 - kvm <undetermined> -CVE-2011-1750 [virtio-blk: heap buffer overflow caused by unaligned requests] - RESERVED +CVE-2011-1750 (Multiple heap-based buffer overflows in the virtio-blk driver ...) {DSA-2230-1} - qemu-kvm 0.14.1+dfsg-1 (bug #624177) - kvm <not-affected> (Vulnerable code not present) @@ -19654,8 +19638,7 @@ CVE-2011-1494 (Integer overflow in the _ctl_do_mpt_command function in ...) {DSA-2240-1} - linux-2.6 2.6.38-5 (unimportant) -CVE-2011-1493 - RESERVED +CVE-2011-1493 (Array index error in the rose_parse_national function in ...) {DSA-2264-1 DSA-2240-1} - linux-2.6 2.6.38-4 CVE-2011-1492 (steps/utils/modcss.inc in Roundcube Webmail before 0.5.1 does not ...) @@ -19702,8 +19685,7 @@ NOT-FOR-US: PHP-Nuke CVE-2011-1480 (SQL injection vulnerability in admin.php in the administration backend ...) NOT-FOR-US: PHP-Nuke -CVE-2011-1479 - RESERVED +CVE-2011-1479 (Double free vulnerability in the inotify subsystem in the Linux kernel ...) - linux-2.6 2.6.38-4 [lenny] - linux-2.6 <not-affected> (Only affected 2.6.37 and 2.6.38) [squeeze] - linux-2.6 <not-affected> (Only affected 2.6.37 and 2.6.38) @@ -19711,12 +19693,10 @@ {DSA-2240-1} - linux-2.6 2.6.38-1 [lenny] - linux-2.6 <not-affected> (Vulnerable code not present) -CVE-2011-1477 - RESERVED +CVE-2011-1477 (Multiple array index errors in sound/oss/opl3.c in the Linux kernel ...) {DSA-2264-1 DSA-2240-1} - linux-2.6 2.6.38-4 -CVE-2011-1476 - RESERVED +CVE-2011-1476 (Integer underflow in the Open Sound System (OSS) subsystem in the ...) {DSA-2240-1} - linux-2.6 2.6.38-4 CVE-2011-1475 (The HTTP BIO connector in Apache Tomcat 7.0.x before 7.0.12 does not ...) @@ -20685,8 +20665,7 @@ REJECTED - linux-2.6 3.0.0-5 (low) [squeeze] - linux-2.6 2.6.32-40 -CVE-2011-1160 - RESERVED +CVE-2011-1160 (The tpm_open function in drivers/char/tpm/tpm.c in the Linux kernel ...) {DSA-2264-1 DSA-2240-1} - linux-2.6 2.6.38-4 (low) CVE-2011-1159 (acpid.c in acpid before 2.0.9 does not properly handle a situation in ...) @@ -21002,16 +20981,13 @@ - openldap 2.4.25-1 (low; bug #617606) [lenny] - openldap 2.4.11-1+lenny2.1 [squeeze] - openldap 2.4.23-7.1 -CVE-2011-1080 - RESERVED +CVE-2011-1080 (The do_replace function in net/bridge/netfilter/ebtables.c in the ...) {DSA-2264-1 DSA-2240-1} - linux-2.6 2.6.38-4 (low) -CVE-2011-1079 - RESERVED +CVE-2011-1079 (The bnep_sock_ioctl function in net/bluetooth/bnep/sock.c in the Linux ...) {DSA-2264-1 DSA-2240-1} - linux-2.6 2.6.38-4 (low) -CVE-2011-1078 - RESERVED +CVE-2011-1078 (The sco_sock_getsockopt_old function in net/bluetooth/sco.c in the ...) {DSA-2264-1 DSA-2240-1} - linux-2.6 2.6.38-4 (low) CVE-2011-1077 (Multiple cross-site scripting (XSS) vulnerabilities in Apache Archiva ...) @@ -21174,16 +21150,14 @@ - openldap 2.4.25-1 (low; bug #617606) [lenny] - openldap 2.4.11-1+lenny2.1 [squeeze] - openldap 2.4.23-7.1 -CVE-2011-1023 - RESERVED +CVE-2011-1023 (The Reliable Datagram Sockets (RDS) subsystem in the Linux kernel ...) - linux-2.6 2.6.38-1 [squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.35) [lenny] - linux-2.6 <not-affected> (Introduced in 2.6.35) CVE-2011-1022 (The cgre_receive_netlink_msg function in daemon/cgrulesengd.c in ...) {DSA-2193-1} - libcgroup 0.37.1-1 (bug #615987) -CVE-2011-1021 - RESERVED +CVE-2011-1021 (drivers/acpi/debugfs.c in the Linux kernel before 3.0 allows local ...) - linux-2.6 2.6.37-1 [wheezy] - linux-2.6 <not-affected> (Introduced in 2.6.33) [squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.33) @@ -22087,8 +22061,7 @@ NOT-FOR-US: Red Hat Network Satellite/Spacewalk CVE-2011-0717 (Session fixation vulnerability in Red Hat Network (RHN) Satellite ...) NOT-FOR-US: Red Hat Network Satellite/Spacewalk -CVE-2011-0716 - RESERVED +CVE-2011-0716 (The br_multicast_add_group function in net/bridge/br_multicast.c in ...) - linux-2.6 2.6.38-1 (low) [lenny] - linux-2.6 <not-affected> (Vulnerable code not present, introduced in 2.6.34) [squeeze] - linux-2.6 <not-affected> (Vulnerable code not present, introduced in 2.6.34) @@ -23385,15 +23358,13 @@ - patch <unfixed> (unimportant) NOTE: Applying a patch blindly opens more severe security issues than only directory traversal... NOTE: openwall ships a fix -CVE-2010-4650 - RESERVED +CVE-2010-4650 (Buffer overflow in the fuse_do_ioctl function in fs/fuse/file.c in the ...) - linux-2.6 2.6.32-30 [lenny] - linux-2.6 <not-affected> (Introduced in 2.6.29) CVE-2010-4649 (Integer overflow in the ib_uverbs_poll_cq function in ...) {DSA-2153-1} - linux-2.6 2.6.32-30 -CVE-2010-4648 - RESERVED +CVE-2010-4648 (The orinoco_ioctl_set_auth function in ...) - linux-2.6 2.6.32-30 [lenny] - linux-2.6 <not-affected> (Introduced in 2.6.28) CVE-2010-4647 (Multiple cross-site scripting (XSS) vulnerabilities in the Help ...) @@ -24657,8 +24628,7 @@ [lenny] - tomcat6 <not-affected> (Only ships the servlet package) CVE-2011-0012 (The SPICE Firefox plug-in (spice-xpi) 2.4, 2.3, 2.2, and possibly ...) NOT-FOR-US: SPICE Firefox plug-in -CVE-2011-0011 [qemu-kvm: Setting VNC password to empty string silently disables all authentication] - RESERVED +CVE-2011-0011 (qemu-kvm before 0.11.0 disables VNC authentication when the password ...) {DSA-2230-1} - qemu-kvm 0.14.0+dfsg-1~tls (low; bug #611134) - kvm <not-affected> (Vulnerable code not present) @@ -24677,8 +24647,7 @@ {DSA-2147-1} - pimd 2.1.6-1 (unimportant; bug #609304) [squeeze] - pimd 2.1.1-1.1 (unimportant; bug #609304) -CVE-2011-0006 - RESERVED +CVE-2011-0006 (The ima_lsm_rule_init function in security/integrity/ima/ima_policy.c ...) - linux-2.6 2.6.32-30 [lenny] - linux-2.6 <not-affected> (Introduced in 2.6.30) CVE-2011-0005 (Cross-site scripting (XSS) vulnerability in the com_search module for ...) @@ -25397,8 +25366,7 @@ NOTE: http://www.openssl.org/news/secadv_20101202.txt CVE-2010-4251 (The socket implementation in net/core/sock.c in the Linux kernel ...) - linux-2.6 2.6.32-22 -CVE-2010-4250 [linux inotify memory leak] - RESERVED +CVE-2010-4250 (Memory leak in the inotify_init1 function in ...) - linux-2.6 2.6.37-1 [squeeze] - linux-2.6 <not-affected> (Introduced after 2.6.32) [lenny] - linux-2.6 <not-affected> (Introduced after 2.6.32)