admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 10:41:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-02-02 17:01:12 +00:00
parent cbe29460f5
commit 078ed1201c
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
13 changed files with 1566 additions and 963 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

102
2008/4xxx/CVE-2008-4580.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2008-4580",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "fence_manual, as used in fence 2.02.00-r1 and possibly cman, allows local users to modify arbitrary files via a symlink attack on the fence_manual.fifo temporary file."
"value": "CVE-2008-4580 cman/fence: insecure temporary file usage in the manual fence agent"
}
]
},
@ -44,38 +21,73 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Insecure Temporary File",
"cweId": "CWE-377"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20081016 Re: CVE Request",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/10/16/1"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=240576",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=240576",
"refsource": "MISC",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=240576"
"name": "http://bugs.gentoo.org/show_bug.cgi?id=240576"
},
{
"name": "fence-fencemanual-symlink(45953)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45953"
"url": "http://www.openwall.com/lists/oss-security/2008/10/13/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2008/10/13/3"
},
{
"name": "USN-875-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-875-1"
"url": "http://www.openwall.com/lists/oss-security/2008/10/16/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2008/10/16/1"
},
{
"name": "[oss-security] 20081013 Re: CVE Request",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/10/13/3"
"url": "http://www.ubuntu.com/usn/USN-875-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-875-1"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2008-4580",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2008-4580"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=467387",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=467387"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45953",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45953"
}
]
}

277
2009/3xxx/CVE-2009-3726.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-3726",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The nfs4_proc_lock function in fs/nfs/nfs4proc.c in the NFSv4 client in the Linux kernel before 2.6.31-rc4 allows remote NFS servers to cause a denial of service (NULL pointer dereference and panic) by sending a certain response containing incorrect file attributes, which trigger attempted use of an open file that lacks NFSv4 state."
"value": "CVE-2009-3726 kernel: nfsv4: kernel panic in nfs4_proc_lock()"
}
]
},
@ -44,138 +21,230 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "NULL Pointer Dereference",
"cweId": "CWE-476"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "MRG for RHEL-5",
"version": {
"version_data": [
{
"version_value": "0:2.6.24.7-139.el5rt",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 4",
"version": {
"version_data": [
{
"version_value": "0:2.6.9-89.0.26.EL",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-164.9.1.el5",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=529227",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=529227"
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html",
"refsource": "MISC",
"name": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d953126a28f97ec965d23c69fd5795854c048f30",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d953126a28f97ec965d23c69fd5795854c048f30"
"url": "http://secunia.com/advisories/38794",
"refsource": "MISC",
"name": "http://secunia.com/advisories/38794"
},
{
"name": "oval:org.mitre.oval:def:9734",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9734"
"url": "http://secunia.com/advisories/38834",
"refsource": "MISC",
"name": "http://secunia.com/advisories/38834"
},
{
"name": "SUSE-SA:2009:061",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00002.html"
"url": "http://www.vupen.com/english/advisories/2010/0528",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/0528"
},
{
"name": "USN-864-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-864-1"
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00002.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00002.html"
},
{
"name": "38794",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38794"
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.html"
},
{
"name": "[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html"
"url": "http://secunia.com/advisories/37909",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37909"
},
{
"name": "36936",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36936"
"url": "http://www.debian.org/security/2010/dsa-2005",
"refsource": "MISC",
"name": "http://www.debian.org/security/2010/dsa-2005"
},
{
"name": "MDVSA-2009:329",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:329"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:051",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:051"
},
{
"name": "oval:org.mitre.oval:def:6636",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6636"
"url": "http://www.ubuntu.com/usn/usn-864-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/usn-864-1"
},
{
"name": "SUSE-SA:2009:056",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html"
},
{
"name": "SUSE-SA:2010:012",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html"
"url": "http://secunia.com/advisories/40218",
"refsource": "MISC",
"name": "http://secunia.com/advisories/40218"
},
{
"name": "37909",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37909"
"url": "http://www.redhat.com/support/errata/RHSA-2010-0474.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2010-0474.html"
},
{
"name": "RHSA-2010:0474",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0474.html"
"url": "https://access.redhat.com/errata/RHSA-2010:0474",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0474"
},
{
"name": "RHSA-2009:1670",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1670.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.html"
},
{
"name": "MDVSA-2011:051",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:051"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:329",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:329"
},
{
"name": "SUSE-SA:2009:064",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.html"
"url": "http://www.redhat.com/support/errata/RHSA-2009-1670.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2009-1670.html"
},
{
"name": "38834",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38834"
"url": "https://access.redhat.com/errata/RHSA-2009:1670",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:1670"
},
{
"name": "40218",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40218"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d953126a28f97ec965d23c69fd5795854c048f30",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d953126a28f97ec965d23c69fd5795854c048f30"
},
{
"name": "[linux-nfs] 20081022 kernel oops in nfs4_proc_lock",
"refsource": "MLIST",
"url": "http://www.spinics.net/linux/lists/linux-nfs/msg03357.html"
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/v2.6.31/ChangeLog-2.6.31-rc4",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/v2.6.31/ChangeLog-2.6.31-rc4"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/v2.6.31/ChangeLog-2.6.31-rc4",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/v2.6.31/ChangeLog-2.6.31-rc4"
"url": "http://www.openwall.com/lists/oss-security/2009/11/05/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2009/11/05/1"
},
{
"name": "[oss-security] 20091105 CVE request: kernel: NULL pointer dereference in nfs4_proc_lock()",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/11/05/1"
"url": "http://www.openwall.com/lists/oss-security/2009/11/05/4",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2009/11/05/4"
},
{
"name": "[oss-security] 20091105 Re: CVE request: kernel: NULL pointer dereference in nfs4_proc_lock()",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/11/05/4"
"url": "http://www.securityfocus.com/bid/36936",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/36936"
},
{
"name": "DSA-2005",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2005"
"url": "http://www.spinics.net/linux/lists/linux-nfs/msg03357.html",
"refsource": "MISC",
"name": "http://www.spinics.net/linux/lists/linux-nfs/msg03357.html"
},
{
"name": "ADV-2010-0528",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0528"
"url": "https://access.redhat.com/errata/RHSA-2009:1635",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:1635"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2009-3726",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2009-3726"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=529227",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=529227"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6636",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6636"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9734",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9734"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.2,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
]
}

100
2009/3xxx/CVE-2009-3892.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-3892",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Best Practical Solutions RT 3.6.x before 3.6.9, 3.8.x before 3.8.5, and other 3.4.6 through 3.8.4 versions allows remote attackers to inject arbitrary web script or HTML via certain Custom Fields."
"value": "CVE-2009-3892 Request Tracker XSS flaw"
}
]
},
@ -44,38 +21,73 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20091116 Re: CVE Id request: request-tracker",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/11/16/4"
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=546778",
"refsource": "MISC",
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=546778"
},
{
"name": "[rt-announce] 20090914 RT 3.8.5 Released",
"refsource": "MLIST",
"url": "http://lists.bestpractical.com/pipermail/rt-announce/2009-September/000173.html"
"url": "http://lists.bestpractical.com/pipermail/rt-announce/2009-September/000172.html",
"refsource": "MISC",
"name": "http://lists.bestpractical.com/pipermail/rt-announce/2009-September/000172.html"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=546778",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=546778"
"url": "http://lists.bestpractical.com/pipermail/rt-announce/2009-September/000173.html",
"refsource": "MISC",
"name": "http://lists.bestpractical.com/pipermail/rt-announce/2009-September/000173.html"
},
{
"name": "[rt-announce] 20090914 RT 3.6.9 Released",
"refsource": "MLIST",
"url": "http://lists.bestpractical.com/pipermail/rt-announce/2009-September/000172.html"
"url": "http://www.openwall.com/lists/oss-security/2009/11/15/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2009/11/15/1"
},
{
"name": "[oss-security] 20091115 CVE Id request: request-tracker",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/11/15/1"
"url": "http://www.openwall.com/lists/oss-security/2009/11/16/4",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2009/11/16/4"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2009-3892",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2009-3892"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=538173",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=538173"
}
]
}

138
2009/4xxx/CVE-2009-4026.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-4026",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The mac80211 subsystem in the Linux kernel before 2.6.32-rc8-next-20091201 allows remote attackers to cause a denial of service (panic) via a crafted Delete Block ACK (aka DELBA) packet, related to an erroneous \"code shuffling patch.\""
"value": "CVE-2009-4026 CVE-2009-4027 kernel: mac80211: fix spurious delBA handling"
}
]
},
@ -44,53 +21,108 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Reachable Assertion",
"cweId": "CWE-617"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "37170",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37170"
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html"
},
{
"name": "USN-864-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-864-1"
"url": "http://secunia.com/advisories/38017",
"refsource": "MISC",
"name": "http://secunia.com/advisories/38017"
},
{
"name": "SUSE-SA:2010:001",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html"
"url": "http://www.ubuntu.com/usn/usn-864-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/usn-864-1"
},
{
"name": "[oss-security] 20091201 CVE request: kernel: mac80211: fix two remote exploits",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/12/01/2"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=827d42c9ac91ddd728e4f4a31fefb906ef2ceff7",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=827d42c9ac91ddd728e4f4a31fefb906ef2ceff7"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=541149",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=541149"
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.32-rc8-next-20091201.gz",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.32-rc8-next-20091201.gz"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.32-rc8-next-20091201.gz",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.32-rc8-next-20091201.gz"
"url": "http://www.openwall.com/lists/oss-security/2009/12/01/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2009/12/01/2"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=827d42c9ac91ddd728e4f4a31fefb906ef2ceff7",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=827d42c9ac91ddd728e4f4a31fefb906ef2ceff7"
"url": "http://www.securityfocus.com/bid/37170",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/37170"
},
{
"name": "38017",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38017"
"url": "https://access.redhat.com/security/cve/CVE-2009-4026",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2009-4026"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=541149",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=541149"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
]
}

161
2010/3xxx/CVE-2010-3084.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-3084",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the niu_get_ethtool_tcam_all function in drivers/net/niu.c in the Linux kernel before 2.6.36-rc4 allows local users to cause a denial of service or possibly have unspecified other impact via the ETHTOOL_GRXCLSRLALL ethtool command."
"value": "CVE-2010-3084 kernel: niu: buffer overflow for ETHTOOL_GRXCLSRLALL"
}
]
},
@ -44,68 +21,128 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"cweId": "CWE-119"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-71.7.1.el6",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "USN-1000-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1000-1"
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html"
},
{
"name": "43098",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/43098"
"url": "http://www.ubuntu.com/usn/USN-1000-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1000-1"
},
{
"name": "[oss-security] 20100910 Re: CVE request: kernel: niu buffer overflow for ETHTOOL_GRXCLSRLALL",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/09/11/1"
"url": "http://www.vupen.com/english/advisories/2011/0298",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0298"
},
{
"name": "[oss-security] 20100909 CVE request: kernel: niu buffer overflow for ETHTOOL_GRXCLSRLALL",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/09/09/1"
"url": "http://www.redhat.com/support/errata/RHSA-2010-0842.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2010-0842.html"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ee9c5cfad29c8a13199962614b9b16f1c4137ac9",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ee9c5cfad29c8a13199962614b9b16f1c4137ac9"
"url": "https://access.redhat.com/errata/RHSA-2010:0842",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0842"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=632069",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=632069"
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.36-rc4",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.36-rc4"
},
{
"name": "SUSE-SA:2011:007",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ee9c5cfad29c8a13199962614b9b16f1c4137ac9",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ee9c5cfad29c8a13199962614b9b16f1c4137ac9"
},
{
"name": "RHSA-2010:0842",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0842.html"
"url": "http://www.openwall.com/lists/oss-security/2010/09/09/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2010/09/09/1"
},
{
"name": "ADV-2011-0298",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0298"
"url": "http://www.openwall.com/lists/oss-security/2010/09/11/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2010/09/11/1"
},
{
"name": "[netdev] 20100907 [PATCH net-2.6] niu: Fix kernel buffer overflow for ETHTOOL_GRXCLSRLALL",
"refsource": "MLIST",
"url": "http://www.spinics.net/lists/netdev/msg140133.html"
"url": "http://www.securityfocus.com/bid/43098",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/43098"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.36-rc4",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.36-rc4"
"url": "http://www.spinics.net/lists/netdev/msg140133.html",
"refsource": "MISC",
"name": "http://www.spinics.net/lists/netdev/msg140133.html"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2010-3084",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2010-3084"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=632069",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=632069"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.2,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
]
}

302
2010/3xxx/CVE-2010-3089.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-3089",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in GNU Mailman before 2.1.14rc1 allow remote authenticated users to inject arbitrary web script or HTML via vectors involving (1) the list information field or (2) the list description field."
"value": "CVE-2010-3089 mailman: Multiple security flaws leading to cross-site scripting (XSS) attacks"
}
]
},
@ -44,163 +21,250 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 4",
"version": {
"version_data": [
{
"version_value": "3:2.1.5.1-34.rhel4.7",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "3:2.1.9-6.el5_6.1",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "3:2.1.12-14.el6_0.2",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20100913 CVE Request: mailman",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security&m=128438736513097&w=2"
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html",
"refsource": "MISC",
"name": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
},
{
"name": "RHSA-2011:0307",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0307.html"
"url": "http://support.apple.com/kb/HT4581",
"refsource": "MISC",
"name": "http://support.apple.com/kb/HT4581"
},
{
"name": "[oss-security] 20100913 Re: CVE Request: mailman",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security&m=128441369020123&w=2"
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
},
{
"name": "FEDORA-2010-14877",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052297.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052297.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052297.html"
},
{
"name": "43294",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43294"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052312.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052312.html"
},
{
"name": "SUSE-SR:2011:009",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
"url": "http://lists.opensuse.org/opensuse-updates/2011-05/msg00000.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2011-05/msg00000.html"
},
{
"name": "ADV-2011-0460",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0460"
"url": "http://mail.python.org/pipermail/mailman-announce/2010-September/000150.html",
"refsource": "MISC",
"name": "http://mail.python.org/pipermail/mailman-announce/2010-September/000150.html"
},
{
"name": "openSUSE-SU-2011:0424",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2011-05/msg00000.html"
"url": "http://mail.python.org/pipermail/mailman-announce/2010-September/000151.html",
"refsource": "MISC",
"name": "http://mail.python.org/pipermail/mailman-announce/2010-September/000151.html"
},
{
"name": "DSA-2170",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2170"
"url": "http://marc.info/?l=oss-security&m=128438736513097&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=oss-security&m=128438736513097&w=2"
},
{
"name": "FEDORA-2010-14834",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052312.html"
"url": "http://marc.info/?l=oss-security&m=128440851513718&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=oss-security&m=128440851513718&w=2"
},
{
"name": "42502",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42502"
"url": "http://marc.info/?l=oss-security&m=128441135117819&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=oss-security&m=128441135117819&w=2"
},
{
"name": "[oss-security] 20100913 Re: CVE Request: mailman",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security&m=128441135117819&w=2"
"url": "http://marc.info/?l=oss-security&m=128441237618793&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=oss-security&m=128441237618793&w=2"
},
{
"name": "https://launchpad.net/mailman/+milestone/2.1.14rc1",
"refsource": "CONFIRM",
"url": "https://launchpad.net/mailman/+milestone/2.1.14rc1"
"url": "http://marc.info/?l=oss-security&m=128441369020123&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=oss-security&m=128441369020123&w=2"
},
{
"name": "USN-1069-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1069-1"
"url": "http://secunia.com/advisories/41265",
"refsource": "MISC",
"name": "http://secunia.com/advisories/41265"
},
{
"name": "RHSA-2011:0308",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0308.html"
"url": "http://secunia.com/advisories/42502",
"refsource": "MISC",
"name": "http://secunia.com/advisories/42502"
},
{
"name": "APPLE-SA-2011-03-21-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
"url": "http://secunia.com/advisories/43294",
"refsource": "MISC",
"name": "http://secunia.com/advisories/43294"
},
{
"name": "[oss-security] 20100913 Re: CVE Request: mailman",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security&m=128440851513718&w=2"
"url": "http://secunia.com/advisories/43425",
"refsource": "MISC",
"name": "http://secunia.com/advisories/43425"
},
{
"name": "41265",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41265"
"url": "http://secunia.com/advisories/43549",
"refsource": "MISC",
"name": "http://secunia.com/advisories/43549"
},
{
"name": "ADV-2011-0436",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0436"
"url": "http://secunia.com/advisories/43580",
"refsource": "MISC",
"name": "http://secunia.com/advisories/43580"
},
{
"name": "[mailman-announce] 20100909 Mailman security patch.",
"refsource": "MLIST",
"url": "http://mail.python.org/pipermail/mailman-announce/2010-September/000151.html"
"url": "http://www.debian.org/security/2011/dsa-2170",
"refsource": "MISC",
"name": "http://www.debian.org/security/2011/dsa-2170"
},
{
"name": "ADV-2010-3271",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3271"
"url": "http://www.redhat.com/support/errata/RHSA-2011-0307.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2011-0307.html"
},
{
"name": "[oss-security] 20100913 Re: CVE Request: mailman",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security&m=128441237618793&w=2"
"url": "http://www.redhat.com/support/errata/RHSA-2011-0308.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2011-0308.html"
},
{
"name": "43425",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43425"
"url": "http://www.ubuntu.com/usn/USN-1069-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1069-1"
},
{
"name": "ADV-2011-0542",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0542"
"url": "http://www.vupen.com/english/advisories/2010/3271",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/3271"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=631881",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=631881"
"url": "http://www.vupen.com/english/advisories/2011/0436",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0436"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=631859",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=631859"
"url": "http://www.vupen.com/english/advisories/2011/0460",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0460"
},
{
"name": "43580",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43580"
"url": "http://www.vupen.com/english/advisories/2011/0542",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0542"
},
{
"name": "[mailman-announce] 20100905 Mailman security patch.",
"refsource": "MLIST",
"url": "http://mail.python.org/pipermail/mailman-announce/2010-September/000150.html"
"url": "https://access.redhat.com/errata/RHSA-2011:0307",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:0307"
},
{
"name": "43549",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43549"
"url": "https://access.redhat.com/errata/RHSA-2011:0308",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:0308"
},
{
"name": "http://support.apple.com/kb/HT4581",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4581"
"url": "https://access.redhat.com/security/cve/CVE-2010-3089",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2010-3089"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=631859",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=631859"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=631881",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=631881"
},
{
"url": "https://launchpad.net/mailman/+milestone/2.1.14rc1",
"refsource": "MISC",
"name": "https://launchpad.net/mailman/+milestone/2.1.14rc1"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
}
]
}

215
2010/3xxx/CVE-2010-3301.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-3301",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The IA32 system call emulation functionality in arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.36-rc4-git2 on the x86_64 platform does not zero extend the %eax register after the 32-bit entry path to ptrace is used, which allows local users to gain privileges by triggering an out-of-bounds access to the system call table using the %rax register. NOTE: this vulnerability exists because of a CVE-2007-4573 regression."
"value": "CVE-2010-3301 kernel: IA32 System Call Entry Point Vulnerability"
}
]
},
@ -44,98 +21,158 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"cweId": "CWE-119"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-71.7.1.el6",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20100916 Re: CVE-2010-3301 kernel: IA32 System Call Entry Point Vulnerability",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/09/16/3"
},
{
"name": "[oss-security] 20100916 CVE-2010-3301 kernel: IA32 System Call Entry Point Vulnerability",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/09/16/1"
},
{
"name": "ADV-2010-3117",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3117"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=634449",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=634449"
},
{
"name": "MDVSA-2010:198",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:198"
},
{
"name": "http://sota.gen.nz/compat2/",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:198",
"refsource": "MISC",
"url": "http://sota.gen.nz/compat2/"
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:198"
},
{
"name": "USN-1041-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1041-1"
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html"
},
{
"name": "SUSE-SA:2011:007",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html"
"url": "http://www.vupen.com/english/advisories/2011/0298",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0298"
},
{
"name": "RHSA-2010:0842",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0842.html"
"url": "http://secunia.com/advisories/42758",
"refsource": "MISC",
"name": "http://secunia.com/advisories/42758"
},
{
"name": "MDVSA-2010:247",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:247"
"url": "http://www.redhat.com/support/errata/RHSA-2010-0842.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2010-0842.html"
},
{
"name": "ADV-2011-0298",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0298"
"url": "http://www.ubuntu.com/usn/USN-1041-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1041-1"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.36-rc4-git2.log",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.36-rc4-git2.log"
"url": "http://www.vupen.com/english/advisories/2011/0070",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0070"
},
{
"name": "42758",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42758"
"url": "https://access.redhat.com/errata/RHSA-2010:0842",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0842"
},
{
"name": "SUSE-SR:2010:017",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=eefdca043e8391dcd719711716492063030b55ac",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=eefdca043e8391dcd719711716492063030b55ac"
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.36-rc4-git2.log",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.36-rc4-git2.log"
},
{
"name": "ADV-2011-0070",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0070"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:247",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:247"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=36d001c70d8a0144ac1d038f6876c484849a74de",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=36d001c70d8a0144ac1d038f6876c484849a74de"
"url": "http://www.vupen.com/english/advisories/2010/3117",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/3117"
},
{
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=36d001c70d8a0144ac1d038f6876c484849a74de",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=36d001c70d8a0144ac1d038f6876c484849a74de"
},
{
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=eefdca043e8391dcd719711716492063030b55ac",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=eefdca043e8391dcd719711716492063030b55ac"
},
{
"url": "http://sota.gen.nz/compat2/",
"refsource": "MISC",
"name": "http://sota.gen.nz/compat2/"
},
{
"url": "http://www.openwall.com/lists/oss-security/2010/09/16/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2010/09/16/1"
},
{
"url": "http://www.openwall.com/lists/oss-security/2010/09/16/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2010/09/16/3"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2010-3301",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2010-3301"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=634449",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=634449"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.2,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
]
}

166
2010/3xxx/CVE-2010-3302.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-3302",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in programs/pluto/xauth.c in the client in Openswan 2.6.25 through 2.6.28 might allow remote authenticated gateways to execute arbitrary code or cause a denial of service via long (1) cisco_dns_info or (2) cisco_domain_info data in a packet."
"value": "CVE-2010-3302 openswan: buffer overflow vulnerability in XAUTH client-side support"
}
]
},
@ -44,68 +21,133 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"cweId": "CWE-119"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:2.6.24-8.el6_0.1",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "41769",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41769"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/048999.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/048999.html"
},
{
"name": "ADV-2010-2526",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2526"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049053.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049053.html"
},
{
"name": "http://www.openswan.org/download/CVE-2010-3302/CVE-2010-3302.txt",
"refsource": "CONFIRM",
"url": "http://www.openswan.org/download/CVE-2010-3302/CVE-2010-3302.txt"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049073.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049073.html"
},
{
"name": "43588",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/43588"
"url": "http://secunia.com/advisories/41769",
"refsource": "MISC",
"name": "http://secunia.com/advisories/41769"
},
{
"name": "RHSA-2010:0892",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0892.html"
"url": "http://www.openswan.org/download/CVE-2010-3308/openswan-2.6.26-2.6.28-CVE-2010-330x.patch",
"refsource": "MISC",
"name": "http://www.openswan.org/download/CVE-2010-3308/openswan-2.6.26-2.6.28-CVE-2010-330x.patch"
},
{
"name": "1024749",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024749"
"url": "http://www.redhat.com/support/errata/RHSA-2010-0892.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2010-0892.html"
},
{
"name": "http://www.openswan.org/download/CVE-2010-3308/openswan-2.6.26-2.6.28-CVE-2010-330x.patch",
"refsource": "CONFIRM",
"url": "http://www.openswan.org/download/CVE-2010-3308/openswan-2.6.26-2.6.28-CVE-2010-330x.patch"
"url": "http://www.securityfocus.com/bid/43588",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/43588"
},
{
"name": "http://www.openswan.org/download/CVE-2010-3302/openswan-2.6.25-CVE-2010-3302.patch",
"refsource": "CONFIRM",
"url": "http://www.openswan.org/download/CVE-2010-3302/openswan-2.6.25-CVE-2010-3302.patch"
"url": "http://www.securitytracker.com/id?1024749",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1024749"
},
{
"name": "FEDORA-2010-15508",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049053.html"
"url": "http://www.vupen.com/english/advisories/2010/2526",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/2526"
},
{
"name": "FEDORA-2010-15381",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/048999.html"
"url": "https://access.redhat.com/errata/RHSA-2010:0892",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0892"
},
{
"name": "FEDORA-2010-15516",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049073.html"
"url": "http://www.openswan.org/download/CVE-2010-3302/CVE-2010-3302.txt",
"refsource": "MISC",
"name": "http://www.openswan.org/download/CVE-2010-3302/CVE-2010-3302.txt"
},
{
"url": "http://www.openswan.org/download/CVE-2010-3302/openswan-2.6.25-CVE-2010-3302.patch",
"refsource": "MISC",
"name": "http://www.openswan.org/download/CVE-2010-3302/openswan-2.6.25-CVE-2010-3302.patch"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2010-3302",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2010-3302"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=634264",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=634264"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.1,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:H/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
]
}

198
2010/3xxx/CVE-2010-3311.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-3311",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in base/ftstream.c in libXft (aka the X FreeType library) in FreeType before 2.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Compact Font Format (CFF) font file that triggers a heap-based buffer overflow, related to an \"input stream position error\" issue, a different vulnerability than CVE-2010-1797."
"value": "CVE-2010-3311 freetype: Input stream position error by processing Compact Font Format (CFF) font files"
}
]
},
@ -44,63 +21,166 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Heap-based Buffer Overflow",
"cweId": "CWE-122"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 3",
"version": {
"version_data": [
{
"version_value": "0:2.1.4-18.el3",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 4",
"version": {
"version_data": [
{
"version_value": "0:2.1.9-17.el4.8",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:2.2.1-28.el5_5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:2.3.11-6.el6_0.1",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "43700",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/43700"
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"
},
{
"name": "DSA-2116",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2116"
"url": "http://secunia.com/advisories/48951",
"refsource": "MISC",
"name": "http://secunia.com/advisories/48951"
},
{
"name": "RHSA-2010:0737",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0737.html"
"url": "http://www.ubuntu.com/usn/USN-1013-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1013-1"
},
{
"name": "MDVSA-2010:201",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:201"
"url": "http://www.redhat.com/support/errata/RHSA-2010-0864.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2010-0864.html"
},
{
"name": "USN-1013-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1013-1"
"url": "https://access.redhat.com/errata/RHSA-2010:0864",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0864"
},
{
"name": "RHSA-2010:0864",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0864.html"
"url": "https://access.redhat.com/errata/RHSA-2010:0736",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0736"
},
{
"name": "48951",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48951"
"url": "https://access.redhat.com/errata/RHSA-2010:0737",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0737"
},
{
"name": "SUSE-SR:2010:019",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"
"url": "https://rhn.redhat.com/errata/RHSA-2010-0736.html",
"refsource": "MISC",
"name": "https://rhn.redhat.com/errata/RHSA-2010-0736.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=623625",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=623625"
"url": "https://rhn.redhat.com/errata/RHSA-2010-0737.html",
"refsource": "MISC",
"name": "https://rhn.redhat.com/errata/RHSA-2010-0737.html"
},
{
"name": "RHSA-2010:0736",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0736.html"
"url": "http://www.debian.org/security/2010/dsa-2116",
"refsource": "MISC",
"name": "http://www.debian.org/security/2010/dsa-2116"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:201",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:201"
},
{
"url": "http://www.securityfocus.com/bid/43700",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/43700"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2010-3311",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2010-3311"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=623625",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=623625"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}

299
2010/3xxx/CVE-2010-3432.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-3432",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The sctp_packet_config function in net/sctp/output.c in the Linux kernel before 2.6.35.6 performs extraneous initializations of packet data structures, which allows remote attackers to cause a denial of service (panic) via a certain sequence of SCTP traffic."
"value": "CVE-2010-3432 kernel: sctp: do not reset the packet during sctp_packet_config"
}
]
},
@ -44,138 +21,252 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"cweId": "CWE-119"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "MRG for RHEL-5",
"version": {
"version_data": [
{
"version_value": "0:2.6.33.7-rt29.47.el5rt",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 4",
"version": {
"version_data": [
{
"version_value": "0:2.6.9-89.33.1.EL",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-194.32.1.el5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-71.7.1.el6",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "42789",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42789"
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html"
},
{
"name": "ADV-2011-0024",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0024"
"url": "http://www.ubuntu.com/usn/USN-1000-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1000-1"
},
{
"name": "42778",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42778"
"url": "http://www.vupen.com/english/advisories/2011/0298",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0298"
},
{
"name": "[oss-security] 20100924 CVE Request -- Linux/SCTP DoS in sctp_packet_config()",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security&m=128534569803598&w=2"
"url": "http://www.redhat.com/support/errata/RHSA-2010-0842.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2010-0842.html"
},
{
"name": "RHSA-2011:0004",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0004.html"
"url": "https://access.redhat.com/errata/RHSA-2010:0842",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0842"
},
{
"name": "USN-1000-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1000-1"
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html"
},
{
"name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
"url": "http://secunia.com/advisories/42778",
"refsource": "MISC",
"name": "http://secunia.com/advisories/42778"
},
{
"name": "46397",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46397"
"url": "http://www.debian.org/security/2010/dsa-2126",
"refsource": "MISC",
"name": "http://www.debian.org/security/2010/dsa-2126"
},
{
"name": "ADV-2010-3113",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3113"
"url": "http://www.vupen.com/english/advisories/2011/0012",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0012"
},
{
"name": "SUSE-SA:2011:001",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html"
"url": "http://secunia.com/advisories/42400",
"refsource": "MISC",
"name": "http://secunia.com/advisories/42400"
},
{
"name": "RHSA-2010:0936",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0936.html"
"url": "http://secunia.com/advisories/42789",
"refsource": "MISC",
"name": "http://secunia.com/advisories/42789"
},
{
"name": "43480",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/43480"
"url": "http://secunia.com/advisories/46397",
"refsource": "MISC",
"name": "http://secunia.com/advisories/46397"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.6",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.6"
"url": "http://www.redhat.com/support/errata/RHSA-2010-0936.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2010-0936.html"
},
{
"name": "SUSE-SA:2011:007",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html"
"url": "http://www.redhat.com/support/errata/RHSA-2010-0958.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2010-0958.html"
},
{
"name": "RHSA-2010:0842",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0842.html"
"url": "http://www.redhat.com/support/errata/RHSA-2011-0004.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2011-0004.html"
},
{
"name": "ADV-2011-0298",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0298"
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded",
"refsource": "MISC",
"name": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"name": "RHSA-2010:0958",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0958.html"
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html",
"refsource": "MISC",
"name": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
"url": "http://www.vupen.com/english/advisories/2010/3113",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/3113"
},
{
"name": "[oss-security] 20100925 Re: CVE Request -- Linux/SCTP DoS in sctp_packet_config()",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security&m=128537701808336&w=2"
"url": "http://www.vupen.com/english/advisories/2011/0024",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0024"
},
{
"name": "ADV-2011-0012",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0012"
"url": "https://access.redhat.com/errata/RHSA-2010:0936",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0936"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=637675",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=637675"
"url": "https://access.redhat.com/errata/RHSA-2010:0958",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0958"
},
{
"name": "[netdev] 20100915 [PATCH] net: SCTP remote/local Denial of Service vulnerability description and fix",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-netdev&m=128453869227715&w=3"
"url": "https://access.redhat.com/errata/RHSA-2011:0004",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:0004"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=4bdab43323b459900578b200a4b8cf9713ac8fab",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=4bdab43323b459900578b200a4b8cf9713ac8fab"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4bdab43323b459900578b200a4b8cf9713ac8fab",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4bdab43323b459900578b200a4b8cf9713ac8fab"
},
{
"name": "42400",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42400"
"url": "http://marc.info/?l=linux-netdev&m=128453869227715&w=3",
"refsource": "MISC",
"name": "http://marc.info/?l=linux-netdev&m=128453869227715&w=3"
},
{
"name": "DSA-2126",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2126"
"url": "http://marc.info/?l=oss-security&m=128534569803598&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=oss-security&m=128534569803598&w=2"
},
{
"url": "http://marc.info/?l=oss-security&m=128537701808336&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=oss-security&m=128537701808336&w=2"
},
{
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.6",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.6"
},
{
"url": "http://www.securityfocus.com/bid/43480",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/43480"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2010-3432",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2010-3432"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=637675",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=637675"
}
]
},
"work_around": [
{
"lang": "en",
"value": "For users that do not run applications that use SCTP, you can prevent the sctp module from being loaded by adding the following entry to the end of the /etc/modprobe.d/blacklist file:\n\nblacklist sctp\n\nThis way, the sctp module cannot be loaded accidentally, which may occur if an application that requires SCTP is started. A reboot is not necessary for this change to take effect."
}
],
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
]
}

209
2011/1xxx/CVE-2011-1957.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-1957",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The dissect_dcm_main function in epan/dissectors/packet-dcm.c in the DICOM dissector in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (infinite loop) via an invalid PDU length."
"value": "CVE-2011-1957 wireshark: Infinite loop in the DICOM dissector"
}
]
},
@ -44,108 +21,168 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Loop with Unreachable Exit Condition ('Infinite Loop')",
"cweId": "CWE-835"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:1.2.15-2.el6_2.1",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "44958",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44958"
"url": "http://secunia.com/advisories/44449",
"refsource": "MISC",
"name": "http://secunia.com/advisories/44449"
},
{
"name": "FEDORA-2011-7846",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061437.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061290.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061290.html"
},
{
"name": "http://www.wireshark.org/security/wnpa-sec-2011-07.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2011-07.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061437.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061437.html"
},
{
"name": "http://anonsvn.wireshark.org/viewvc?view=revision&revision=36958",
"refsource": "CONFIRM",
"url": "http://anonsvn.wireshark.org/viewvc?view=revision&revision=36958"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061477.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061477.html"
},
{
"name": "48947",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48947"
"url": "http://openwall.com/lists/oss-security/2011/05/31/20",
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2011/05/31/20"
},
{
"name": "48066",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/48066"
"url": "http://openwall.com/lists/oss-security/2011/06/01/1",
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2011/06/01/1"
},
{
"name": "http://www.wireshark.org/security/wnpa-sec-2011-08.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2011-08.html"
"url": "http://openwall.com/lists/oss-security/2011/06/01/11",
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2011/06/01/11"
},
{
"name": "DSA-2274",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2274"
"url": "http://secunia.com/advisories/44958",
"refsource": "MISC",
"name": "http://secunia.com/advisories/44958"
},
{
"name": "44449",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44449"
"url": "http://secunia.com/advisories/45149",
"refsource": "MISC",
"name": "http://secunia.com/advisories/45149"
},
{
"name": "oval:org.mitre.oval:def:14325",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14325"
"url": "http://secunia.com/advisories/48947",
"refsource": "MISC",
"name": "http://secunia.com/advisories/48947"
},
{
"name": "[oss-security] 20110601 Re: CVE request for Wireshark 1.4.6/1.2.16 Multiple DoS issues",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/06/01/11"
"url": "http://www.debian.org/security/2011/dsa-2274",
"refsource": "MISC",
"name": "http://www.debian.org/security/2011/dsa-2274"
},
{
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5876",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5876"
"url": "http://www.securityfocus.com/bid/48066",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/48066"
},
{
"name": "[oss-security] 20110601 Re: CVE request for Wireshark 1.4.6/1.2.16 Multiple DoS issues",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/06/01/1"
"url": "http://www.wireshark.org/security/wnpa-sec-2011-07.html",
"refsource": "MISC",
"name": "http://www.wireshark.org/security/wnpa-sec-2011-07.html"
},
{
"name": "FEDORA-2011-7821",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061290.html"
"url": "http://www.wireshark.org/security/wnpa-sec-2011-08.html",
"refsource": "MISC",
"name": "http://www.wireshark.org/security/wnpa-sec-2011-08.html"
},
{
"name": "wireshark-dicom-dos(67790)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67790"
"url": "https://access.redhat.com/errata/RHSA-2012:0509",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:0509"
},
{
"name": "[oss-security] 20110531 CVE request for Wireshark 1.4.6/1.2.16 Multiple DoS issues",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/05/31/20"
"url": "http://anonsvn.wireshark.org/viewvc?view=revision&revision=36958",
"refsource": "MISC",
"name": "http://anonsvn.wireshark.org/viewvc?view=revision&revision=36958"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=710021",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=710021"
"url": "https://access.redhat.com/security/cve/CVE-2011-1957",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2011-1957"
},
{
"name": "FEDORA-2011-7858",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061477.html"
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5876",
"refsource": "MISC",
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5876"
},
{
"name": "45149",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45149"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=710021",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=710021"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67790",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67790"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14325",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14325"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
]
}

219
2011/1xxx/CVE-2011-1958.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-1958",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows user-assisted remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Diameter dictionary file."
"value": "CVE-2011-1958 wireshark (64bit): NULL pointer dereference by processing of a corrupted Diameter dictionary file"
}
]
},
@ -44,103 +21,179 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "NULL Pointer Dereference",
"cweId": "CWE-476"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:1.0.15-5.el5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:1.2.15-2.el6_2.1",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "44958",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44958"
"url": "http://secunia.com/advisories/44449",
"refsource": "MISC",
"name": "http://secunia.com/advisories/44449"
},
{
"name": "FEDORA-2011-7846",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061437.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061290.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061290.html"
},
{
"name": "http://www.wireshark.org/security/wnpa-sec-2011-07.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2011-07.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061437.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061437.html"
},
{
"name": "RHSA-2013:0125",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0125.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061477.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061477.html"
},
{
"name": "48947",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48947"
"url": "http://openwall.com/lists/oss-security/2011/05/31/20",
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2011/05/31/20"
},
{
"name": "48066",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/48066"
"url": "http://openwall.com/lists/oss-security/2011/06/01/1",
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2011/06/01/1"
},
{
"name": "http://www.wireshark.org/security/wnpa-sec-2011-08.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2011-08.html"
"url": "http://openwall.com/lists/oss-security/2011/06/01/11",
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2011/06/01/11"
},
{
"name": "wireshark-diameter-dos(67791)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67791"
"url": "http://rhn.redhat.com/errata/RHSA-2013-0125.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-0125.html"
},
{
"name": "DSA-2274",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2274"
"url": "http://secunia.com/advisories/44958",
"refsource": "MISC",
"name": "http://secunia.com/advisories/44958"
},
{
"name": "44449",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44449"
"url": "http://secunia.com/advisories/45149",
"refsource": "MISC",
"name": "http://secunia.com/advisories/45149"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=710184",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=710184"
"url": "http://secunia.com/advisories/48947",
"refsource": "MISC",
"name": "http://secunia.com/advisories/48947"
},
{
"name": "[oss-security] 20110601 Re: CVE request for Wireshark 1.4.6/1.2.16 Multiple DoS issues",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/06/01/11"
"url": "http://www.debian.org/security/2011/dsa-2274",
"refsource": "MISC",
"name": "http://www.debian.org/security/2011/dsa-2274"
},
{
"name": "oval:org.mitre.oval:def:15045",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15045"
"url": "http://www.securityfocus.com/bid/48066",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/48066"
},
{
"name": "[oss-security] 20110601 Re: CVE request for Wireshark 1.4.6/1.2.16 Multiple DoS issues",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/06/01/1"
"url": "http://www.wireshark.org/security/wnpa-sec-2011-07.html",
"refsource": "MISC",
"name": "http://www.wireshark.org/security/wnpa-sec-2011-07.html"
},
{
"name": "FEDORA-2011-7821",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061290.html"
"url": "http://www.wireshark.org/security/wnpa-sec-2011-08.html",
"refsource": "MISC",
"name": "http://www.wireshark.org/security/wnpa-sec-2011-08.html"
},
{
"name": "[oss-security] 20110531 CVE request for Wireshark 1.4.6/1.2.16 Multiple DoS issues",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/05/31/20"
"url": "https://access.redhat.com/errata/RHSA-2012:0509",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:0509"
},
{
"name": "FEDORA-2011-7858",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061477.html"
"url": "https://access.redhat.com/errata/RHSA-2013:0125",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0125"
},
{
"name": "45149",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45149"
"url": "https://access.redhat.com/security/cve/CVE-2011-1958",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2011-1958"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=710184",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=710184"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67791",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67791"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15045",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15045"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 2.6,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
]
}

143
2011/2xxx/CVE-2011-2203.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-2203",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The hfs_find_init function in the Linux kernel 2.6 allows local users to cause a denial of service (NULL pointer dereference and Oops) by mounting an HFS file system with a malformed MDB extent record."
"value": "CVE-2011-2203 kernel: hfs_find_init() sb->ext_tree NULL pointer dereference"
}
]
},
@ -44,53 +21,113 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "NULL Pointer Dereference",
"cweId": "CWE-476"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-274.12.1.el5",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20110613 Re: CVE request: kernel: hfs_find_init() sb->ext_tree NULL pointer dereference",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/06/13/16"
"url": "https://access.redhat.com/errata/RHSA-2011:1479",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:1479"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=712774",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=712774"
"url": "http://secunia.com/advisories/47754",
"refsource": "MISC",
"name": "http://secunia.com/advisories/47754"
},
{
"name": "USN-1328-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1328-1"
"url": "http://www.openwall.com/lists/oss-security/2011/06/13/16",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2011/06/13/16"
},
{
"name": "USN-1344-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1344-1"
"url": "http://www.securityfocus.com/bid/48236",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/48236"
},
{
"name": "48236",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/48236"
"url": "http://www.ubuntu.com/usn/USN-1324-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1324-1"
},
{
"name": "USN-1324-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1324-1"
"url": "http://www.ubuntu.com/usn/USN-1328-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1328-1"
},
{
"name": "47754",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47754"
"url": "http://www.ubuntu.com/usn/USN-1344-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1344-1"
},
{
"name": "[linux-kernel] 20110608 [BUG] hfs_find_init() sb->ext_tree NULL pointer dereference",
"refsource": "MLIST",
"url": "https://lkml.org/lkml/2011/6/8/154"
"url": "https://access.redhat.com/security/cve/CVE-2011-2203",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2011-2203"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=712774",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=712774"
},
{
"url": "https://lkml.org/lkml/2011/6/8/154",
"refsource": "MISC",
"name": "https://lkml.org/lkml/2011/6/8/154"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
]
}