admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-21 05:40:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-02-02 17:01:12 +00:00
parent cbe29460f5
commit 078ed1201c
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
13 changed files with 1566 additions and 963 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

102
2008/4xxx/CVE-2008-4580.json
View File

@ -1,40 +1,17 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2008-4580", "ID": "CVE-2008-4580",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "fence_manual, as used in fence 2.02.00-r1 and possibly cman, allows local users to modify arbitrary files via a symlink attack on the fence_manual.fifo temporary file." "value": "CVE-2008-4580 cman/fence: insecure temporary file usage in the manual fence agent"
} }
] ]
}, },
@ -44,38 +21,73 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "n/a" "value": "Insecure Temporary File",
"cweId": "CWE-377"
} }
] ]
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "[oss-security] 20081016 Re: CVE Request", "url": "http://bugs.gentoo.org/show_bug.cgi?id=240576",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/10/16/1"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=240576",
"refsource": "MISC", "refsource": "MISC",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=240576" "name": "http://bugs.gentoo.org/show_bug.cgi?id=240576"
}, },
{ {
"name": "fence-fencemanual-symlink(45953)", "url": "http://www.openwall.com/lists/oss-security/2008/10/13/3",
"refsource": "XF", "refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45953" "name": "http://www.openwall.com/lists/oss-security/2008/10/13/3"
}, },
{ {
"name": "USN-875-1", "url": "http://www.openwall.com/lists/oss-security/2008/10/16/1",
"refsource": "UBUNTU", "refsource": "MISC",
"url": "http://www.ubuntu.com/usn/USN-875-1" "name": "http://www.openwall.com/lists/oss-security/2008/10/16/1"
}, },
{ {
"name": "[oss-security] 20081013 Re: CVE Request", "url": "http://www.ubuntu.com/usn/USN-875-1",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2008/10/13/3" "name": "http://www.ubuntu.com/usn/USN-875-1"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2008-4580",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2008-4580"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=467387",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=467387"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45953",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45953"
} }
] ]
} }

277
2009/3xxx/CVE-2009-3726.json
View File

@ -1,40 +1,17 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-3726", "ID": "CVE-2009-3726",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "The nfs4_proc_lock function in fs/nfs/nfs4proc.c in the NFSv4 client in the Linux kernel before 2.6.31-rc4 allows remote NFS servers to cause a denial of service (NULL pointer dereference and panic) by sending a certain response containing incorrect file attributes, which trigger attempted use of an open file that lacks NFSv4 state." "value": "CVE-2009-3726 kernel: nfsv4: kernel panic in nfs4_proc_lock()"
} }
] ]
}, },
@ -44,138 +21,230 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "n/a" "value": "NULL Pointer Dereference",
"cweId": "CWE-476"
} }
] ]
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "MRG for RHEL-5",
"version": {
"version_data": [
{
"version_value": "0:2.6.24.7-139.el5rt",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 4",
"version": {
"version_data": [
{
"version_value": "0:2.6.9-89.0.26.EL",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-164.9.1.el5",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=529227", "url": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=529227" "name": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html"
}, },
{ {
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d953126a28f97ec965d23c69fd5795854c048f30", "url": "http://secunia.com/advisories/38794",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d953126a28f97ec965d23c69fd5795854c048f30" "name": "http://secunia.com/advisories/38794"
}, },
{ {
"name": "oval:org.mitre.oval:def:9734", "url": "http://secunia.com/advisories/38834",
"refsource": "OVAL", "refsource": "MISC",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9734" "name": "http://secunia.com/advisories/38834"
}, },
{ {
"name": "SUSE-SA:2009:061", "url": "http://www.vupen.com/english/advisories/2010/0528",
"refsource": "SUSE", "refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00002.html" "name": "http://www.vupen.com/english/advisories/2010/0528"
}, },
{ {
"name": "USN-864-1", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00002.html",
"refsource": "UBUNTU", "refsource": "MISC",
"url": "http://www.ubuntu.com/usn/usn-864-1" "name": "http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00002.html"
}, },
{ {
"name": "38794", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.html",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/38794" "name": "http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.html"
}, },
{ {
"name": "[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates", "url": "http://secunia.com/advisories/37909",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html" "name": "http://secunia.com/advisories/37909"
}, },
{ {
"name": "36936", "url": "http://www.debian.org/security/2010/dsa-2005",
"refsource": "BID", "refsource": "MISC",
"url": "http://www.securityfocus.com/bid/36936" "name": "http://www.debian.org/security/2010/dsa-2005"
}, },
{ {
"name": "MDVSA-2009:329", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:051",
"refsource": "MANDRIVA", "refsource": "MISC",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:329" "name": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:051"
}, },
{ {
"name": "oval:org.mitre.oval:def:6636", "url": "http://www.ubuntu.com/usn/usn-864-1",
"refsource": "OVAL", "refsource": "MISC",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6636" "name": "http://www.ubuntu.com/usn/usn-864-1"
}, },
{ {
"name": "SUSE-SA:2009:056", "url": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html",
"refsource": "SUSE", "refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.html" "name": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html"
}, },
{ {
"name": "SUSE-SA:2010:012", "url": "http://secunia.com/advisories/40218",
"refsource": "SUSE", "refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html" "name": "http://secunia.com/advisories/40218"
}, },
{ {
"name": "37909", "url": "http://www.redhat.com/support/errata/RHSA-2010-0474.html",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/37909" "name": "http://www.redhat.com/support/errata/RHSA-2010-0474.html"
}, },
{ {
"name": "RHSA-2010:0474", "url": "https://access.redhat.com/errata/RHSA-2010:0474",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0474.html" "name": "https://access.redhat.com/errata/RHSA-2010:0474"
}, },
{ {
"name": "RHSA-2009:1670", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.html",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1670.html" "name": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.html"
}, },
{ {
"name": "MDVSA-2011:051", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:329",
"refsource": "MANDRIVA", "refsource": "MISC",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:051" "name": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:329"
}, },
{ {
"name": "SUSE-SA:2009:064", "url": "http://www.redhat.com/support/errata/RHSA-2009-1670.html",
"refsource": "SUSE", "refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.html" "name": "http://www.redhat.com/support/errata/RHSA-2009-1670.html"
}, },
{ {
"name": "38834", "url": "https://access.redhat.com/errata/RHSA-2009:1670",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/38834" "name": "https://access.redhat.com/errata/RHSA-2009:1670"
}, },
{ {
"name": "40218", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d953126a28f97ec965d23c69fd5795854c048f30",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/40218" "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d953126a28f97ec965d23c69fd5795854c048f30"
}, },
{ {
"name": "[linux-nfs] 20081022 kernel oops in nfs4_proc_lock", "url": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/v2.6.31/ChangeLog-2.6.31-rc4",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://www.spinics.net/linux/lists/linux-nfs/msg03357.html" "name": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/v2.6.31/ChangeLog-2.6.31-rc4"
}, },
{ {
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/v2.6.31/ChangeLog-2.6.31-rc4", "url": "http://www.openwall.com/lists/oss-security/2009/11/05/1",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/v2.6.31/ChangeLog-2.6.31-rc4" "name": "http://www.openwall.com/lists/oss-security/2009/11/05/1"
}, },
{ {
"name": "[oss-security] 20091105 CVE request: kernel: NULL pointer dereference in nfs4_proc_lock()", "url": "http://www.openwall.com/lists/oss-security/2009/11/05/4",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2009/11/05/1" "name": "http://www.openwall.com/lists/oss-security/2009/11/05/4"
}, },
{ {
"name": "[oss-security] 20091105 Re: CVE request: kernel: NULL pointer dereference in nfs4_proc_lock()", "url": "http://www.securityfocus.com/bid/36936",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2009/11/05/4" "name": "http://www.securityfocus.com/bid/36936"
}, },
{ {
"name": "DSA-2005", "url": "http://www.spinics.net/linux/lists/linux-nfs/msg03357.html",
"refsource": "DEBIAN", "refsource": "MISC",
"url": "http://www.debian.org/security/2010/dsa-2005" "name": "http://www.spinics.net/linux/lists/linux-nfs/msg03357.html"
}, },
{ {
"name": "ADV-2010-0528", "url": "https://access.redhat.com/errata/RHSA-2009:1635",
"refsource": "VUPEN", "refsource": "MISC",
"url": "http://www.vupen.com/english/advisories/2010/0528" "name": "https://access.redhat.com/errata/RHSA-2009:1635"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2009-3726",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2009-3726"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=529227",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=529227"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6636",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6636"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9734",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9734"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.2,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
} }
] ]
} }

100
2009/3xxx/CVE-2009-3892.json
View File

@ -1,40 +1,17 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-3892", "ID": "CVE-2009-3892",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Best Practical Solutions RT 3.6.x before 3.6.9, 3.8.x before 3.8.5, and other 3.4.6 through 3.8.4 versions allows remote attackers to inject arbitrary web script or HTML via certain Custom Fields." "value": "CVE-2009-3892 Request Tracker XSS flaw"
} }
] ]
}, },
@ -44,38 +21,73 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "n/a" "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
} }
] ]
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "[oss-security] 20091116 Re: CVE Id request: request-tracker", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=546778",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2009/11/16/4" "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=546778"
}, },
{ {
"name": "[rt-announce] 20090914 RT 3.8.5 Released", "url": "http://lists.bestpractical.com/pipermail/rt-announce/2009-September/000172.html",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://lists.bestpractical.com/pipermail/rt-announce/2009-September/000173.html" "name": "http://lists.bestpractical.com/pipermail/rt-announce/2009-September/000172.html"
}, },
{ {
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=546778", "url": "http://lists.bestpractical.com/pipermail/rt-announce/2009-September/000173.html",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=546778" "name": "http://lists.bestpractical.com/pipermail/rt-announce/2009-September/000173.html"
}, },
{ {
"name": "[rt-announce] 20090914 RT 3.6.9 Released", "url": "http://www.openwall.com/lists/oss-security/2009/11/15/1",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://lists.bestpractical.com/pipermail/rt-announce/2009-September/000172.html" "name": "http://www.openwall.com/lists/oss-security/2009/11/15/1"
}, },
{ {
"name": "[oss-security] 20091115 CVE Id request: request-tracker", "url": "http://www.openwall.com/lists/oss-security/2009/11/16/4",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2009/11/15/1" "name": "http://www.openwall.com/lists/oss-security/2009/11/16/4"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2009-3892",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2009-3892"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=538173",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=538173"
} }
] ]
} }

138
2009/4xxx/CVE-2009-4026.json
View File

@ -1,40 +1,17 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-4026", "ID": "CVE-2009-4026",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "The mac80211 subsystem in the Linux kernel before 2.6.32-rc8-next-20091201 allows remote attackers to cause a denial of service (panic) via a crafted Delete Block ACK (aka DELBA) packet, related to an erroneous \"code shuffling patch.\"" "value": "CVE-2009-4026 CVE-2009-4027 kernel: mac80211: fix spurious delBA handling"
} }
] ]
}, },
@ -44,53 +21,108 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "n/a" "value": "Reachable Assertion",
"cweId": "CWE-617"
} }
] ]
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "37170", "url": "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html",
"refsource": "BID", "refsource": "MISC",
"url": "http://www.securityfocus.com/bid/37170" "name": "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html"
}, },
{ {
"name": "USN-864-1", "url": "http://secunia.com/advisories/38017",
"refsource": "UBUNTU", "refsource": "MISC",
"url": "http://www.ubuntu.com/usn/usn-864-1" "name": "http://secunia.com/advisories/38017"
}, },
{ {
"name": "SUSE-SA:2010:001", "url": "http://www.ubuntu.com/usn/usn-864-1",
"refsource": "SUSE", "refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html" "name": "http://www.ubuntu.com/usn/usn-864-1"
}, },
{ {
"name": "[oss-security] 20091201 CVE request: kernel: mac80211: fix two remote exploits", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=827d42c9ac91ddd728e4f4a31fefb906ef2ceff7",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2009/12/01/2" "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=827d42c9ac91ddd728e4f4a31fefb906ef2ceff7"
}, },
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=541149", "url": "http://www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.32-rc8-next-20091201.gz",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=541149" "name": "http://www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.32-rc8-next-20091201.gz"
}, },
{ {
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.32-rc8-next-20091201.gz", "url": "http://www.openwall.com/lists/oss-security/2009/12/01/2",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.32-rc8-next-20091201.gz" "name": "http://www.openwall.com/lists/oss-security/2009/12/01/2"
}, },
{ {
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=827d42c9ac91ddd728e4f4a31fefb906ef2ceff7", "url": "http://www.securityfocus.com/bid/37170",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=827d42c9ac91ddd728e4f4a31fefb906ef2ceff7" "name": "http://www.securityfocus.com/bid/37170"
}, },
{ {
"name": "38017", "url": "https://access.redhat.com/security/cve/CVE-2009-4026",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/38017" "name": "https://access.redhat.com/security/cve/CVE-2009-4026"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=541149",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=541149"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
} }
] ]
} }

161
2010/3xxx/CVE-2010-3084.json
View File

@ -1,40 +1,17 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-3084", "ID": "CVE-2010-3084",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "Buffer overflow in the niu_get_ethtool_tcam_all function in drivers/net/niu.c in the Linux kernel before 2.6.36-rc4 allows local users to cause a denial of service or possibly have unspecified other impact via the ETHTOOL_GRXCLSRLALL ethtool command." "value": "CVE-2010-3084 kernel: niu: buffer overflow for ETHTOOL_GRXCLSRLALL"
} }
] ]
}, },
@ -44,68 +21,128 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "n/a" "value": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"cweId": "CWE-119"
} }
] ]
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-71.7.1.el6",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "USN-1000-1", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html",
"refsource": "UBUNTU", "refsource": "MISC",
"url": "http://www.ubuntu.com/usn/USN-1000-1" "name": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html"
}, },
{ {
"name": "43098", "url": "http://www.ubuntu.com/usn/USN-1000-1",
"refsource": "BID", "refsource": "MISC",
"url": "http://www.securityfocus.com/bid/43098" "name": "http://www.ubuntu.com/usn/USN-1000-1"
}, },
{ {
"name": "[oss-security] 20100910 Re: CVE request: kernel: niu buffer overflow for ETHTOOL_GRXCLSRLALL", "url": "http://www.vupen.com/english/advisories/2011/0298",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2010/09/11/1" "name": "http://www.vupen.com/english/advisories/2011/0298"
}, },
{ {
"name": "[oss-security] 20100909 CVE request: kernel: niu buffer overflow for ETHTOOL_GRXCLSRLALL", "url": "http://www.redhat.com/support/errata/RHSA-2010-0842.html",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2010/09/09/1" "name": "http://www.redhat.com/support/errata/RHSA-2010-0842.html"
}, },
{ {
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ee9c5cfad29c8a13199962614b9b16f1c4137ac9", "url": "https://access.redhat.com/errata/RHSA-2010:0842",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ee9c5cfad29c8a13199962614b9b16f1c4137ac9" "name": "https://access.redhat.com/errata/RHSA-2010:0842"
}, },
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=632069", "url": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.36-rc4",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=632069" "name": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.36-rc4"
}, },
{ {
"name": "SUSE-SA:2011:007", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ee9c5cfad29c8a13199962614b9b16f1c4137ac9",
"refsource": "SUSE", "refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html" "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ee9c5cfad29c8a13199962614b9b16f1c4137ac9"
}, },
{ {
"name": "RHSA-2010:0842", "url": "http://www.openwall.com/lists/oss-security/2010/09/09/1",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0842.html" "name": "http://www.openwall.com/lists/oss-security/2010/09/09/1"
}, },
{ {
"name": "ADV-2011-0298", "url": "http://www.openwall.com/lists/oss-security/2010/09/11/1",
"refsource": "VUPEN", "refsource": "MISC",
"url": "http://www.vupen.com/english/advisories/2011/0298" "name": "http://www.openwall.com/lists/oss-security/2010/09/11/1"
}, },
{ {
"name": "[netdev] 20100907 [PATCH net-2.6] niu: Fix kernel buffer overflow for ETHTOOL_GRXCLSRLALL", "url": "http://www.securityfocus.com/bid/43098",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://www.spinics.net/lists/netdev/msg140133.html" "name": "http://www.securityfocus.com/bid/43098"
}, },
{ {
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.36-rc4", "url": "http://www.spinics.net/lists/netdev/msg140133.html",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.36-rc4" "name": "http://www.spinics.net/lists/netdev/msg140133.html"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2010-3084",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2010-3084"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=632069",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=632069"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.2,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
} }
] ]
} }

302
2010/3xxx/CVE-2010-3089.json
View File

@ -1,40 +1,17 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-3089", "ID": "CVE-2010-3089",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in GNU Mailman before 2.1.14rc1 allow remote authenticated users to inject arbitrary web script or HTML via vectors involving (1) the list information field or (2) the list description field." "value": "CVE-2010-3089 mailman: Multiple security flaws leading to cross-site scripting (XSS) attacks"
} }
] ]
}, },
@ -44,163 +21,250 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "n/a" "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
} }
] ]
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 4",
"version": {
"version_data": [
{
"version_value": "3:2.1.5.1-34.rhel4.7",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "3:2.1.9-6.el5_6.1",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "3:2.1.12-14.el6_0.2",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "[oss-security] 20100913 CVE Request: mailman", "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://marc.info/?l=oss-security&m=128438736513097&w=2" "name": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
}, },
{ {
"name": "RHSA-2011:0307", "url": "http://support.apple.com/kb/HT4581",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0307.html" "name": "http://support.apple.com/kb/HT4581"
}, },
{ {
"name": "[oss-security] 20100913 Re: CVE Request: mailman", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://marc.info/?l=oss-security&m=128441369020123&w=2" "name": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
}, },
{ {
"name": "FEDORA-2010-14877", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052297.html",
"refsource": "FEDORA", "refsource": "MISC",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052297.html" "name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052297.html"
}, },
{ {
"name": "43294", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052312.html",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/43294" "name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052312.html"
}, },
{ {
"name": "SUSE-SR:2011:009", "url": "http://lists.opensuse.org/opensuse-updates/2011-05/msg00000.html",
"refsource": "SUSE", "refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html" "name": "http://lists.opensuse.org/opensuse-updates/2011-05/msg00000.html"
}, },
{ {
"name": "ADV-2011-0460", "url": "http://mail.python.org/pipermail/mailman-announce/2010-September/000150.html",
"refsource": "VUPEN", "refsource": "MISC",
"url": "http://www.vupen.com/english/advisories/2011/0460" "name": "http://mail.python.org/pipermail/mailman-announce/2010-September/000150.html"
}, },
{ {
"name": "openSUSE-SU-2011:0424", "url": "http://mail.python.org/pipermail/mailman-announce/2010-September/000151.html",
"refsource": "SUSE", "refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-updates/2011-05/msg00000.html" "name": "http://mail.python.org/pipermail/mailman-announce/2010-September/000151.html"
}, },
{ {
"name": "DSA-2170", "url": "http://marc.info/?l=oss-security&m=128438736513097&w=2",
"refsource": "DEBIAN", "refsource": "MISC",
"url": "http://www.debian.org/security/2011/dsa-2170" "name": "http://marc.info/?l=oss-security&m=128438736513097&w=2"
}, },
{ {
"name": "FEDORA-2010-14834", "url": "http://marc.info/?l=oss-security&m=128440851513718&w=2",
"refsource": "FEDORA", "refsource": "MISC",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052312.html" "name": "http://marc.info/?l=oss-security&m=128440851513718&w=2"
}, },
{ {
"name": "42502", "url": "http://marc.info/?l=oss-security&m=128441135117819&w=2",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/42502" "name": "http://marc.info/?l=oss-security&m=128441135117819&w=2"
}, },
{ {
"name": "[oss-security] 20100913 Re: CVE Request: mailman", "url": "http://marc.info/?l=oss-security&m=128441237618793&w=2",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://marc.info/?l=oss-security&m=128441135117819&w=2" "name": "http://marc.info/?l=oss-security&m=128441237618793&w=2"
}, },
{ {
"name": "https://launchpad.net/mailman/+milestone/2.1.14rc1", "url": "http://marc.info/?l=oss-security&m=128441369020123&w=2",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://launchpad.net/mailman/+milestone/2.1.14rc1" "name": "http://marc.info/?l=oss-security&m=128441369020123&w=2"
}, },
{ {
"name": "USN-1069-1", "url": "http://secunia.com/advisories/41265",
"refsource": "UBUNTU", "refsource": "MISC",
"url": "http://www.ubuntu.com/usn/USN-1069-1" "name": "http://secunia.com/advisories/41265"
}, },
{ {
"name": "RHSA-2011:0308", "url": "http://secunia.com/advisories/42502",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0308.html" "name": "http://secunia.com/advisories/42502"
}, },
{ {
"name": "APPLE-SA-2011-03-21-1", "url": "http://secunia.com/advisories/43294",
"refsource": "APPLE", "refsource": "MISC",
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html" "name": "http://secunia.com/advisories/43294"
}, },
{ {
"name": "[oss-security] 20100913 Re: CVE Request: mailman", "url": "http://secunia.com/advisories/43425",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://marc.info/?l=oss-security&m=128440851513718&w=2" "name": "http://secunia.com/advisories/43425"
}, },
{ {
"name": "41265", "url": "http://secunia.com/advisories/43549",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/41265" "name": "http://secunia.com/advisories/43549"
}, },
{ {
"name": "ADV-2011-0436", "url": "http://secunia.com/advisories/43580",
"refsource": "VUPEN", "refsource": "MISC",
"url": "http://www.vupen.com/english/advisories/2011/0436" "name": "http://secunia.com/advisories/43580"
}, },
{ {
"name": "[mailman-announce] 20100909 Mailman security patch.", "url": "http://www.debian.org/security/2011/dsa-2170",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://mail.python.org/pipermail/mailman-announce/2010-September/000151.html" "name": "http://www.debian.org/security/2011/dsa-2170"
}, },
{ {
"name": "ADV-2010-3271", "url": "http://www.redhat.com/support/errata/RHSA-2011-0307.html",
"refsource": "VUPEN", "refsource": "MISC",
"url": "http://www.vupen.com/english/advisories/2010/3271" "name": "http://www.redhat.com/support/errata/RHSA-2011-0307.html"
}, },
{ {
"name": "[oss-security] 20100913 Re: CVE Request: mailman", "url": "http://www.redhat.com/support/errata/RHSA-2011-0308.html",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://marc.info/?l=oss-security&m=128441237618793&w=2" "name": "http://www.redhat.com/support/errata/RHSA-2011-0308.html"
}, },
{ {
"name": "43425", "url": "http://www.ubuntu.com/usn/USN-1069-1",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/43425" "name": "http://www.ubuntu.com/usn/USN-1069-1"
}, },
{ {
"name": "ADV-2011-0542", "url": "http://www.vupen.com/english/advisories/2010/3271",
"refsource": "VUPEN", "refsource": "MISC",
"url": "http://www.vupen.com/english/advisories/2011/0542" "name": "http://www.vupen.com/english/advisories/2010/3271"
}, },
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=631881", "url": "http://www.vupen.com/english/advisories/2011/0436",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=631881" "name": "http://www.vupen.com/english/advisories/2011/0436"
}, },
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=631859", "url": "http://www.vupen.com/english/advisories/2011/0460",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=631859" "name": "http://www.vupen.com/english/advisories/2011/0460"
}, },
{ {
"name": "43580", "url": "http://www.vupen.com/english/advisories/2011/0542",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/43580" "name": "http://www.vupen.com/english/advisories/2011/0542"
}, },
{ {
"name": "[mailman-announce] 20100905 Mailman security patch.", "url": "https://access.redhat.com/errata/RHSA-2011:0307",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://mail.python.org/pipermail/mailman-announce/2010-September/000150.html" "name": "https://access.redhat.com/errata/RHSA-2011:0307"
}, },
{ {
"name": "43549", "url": "https://access.redhat.com/errata/RHSA-2011:0308",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/43549" "name": "https://access.redhat.com/errata/RHSA-2011:0308"
}, },
{ {
"name": "http://support.apple.com/kb/HT4581", "url": "https://access.redhat.com/security/cve/CVE-2010-3089",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://support.apple.com/kb/HT4581" "name": "https://access.redhat.com/security/cve/CVE-2010-3089"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=631859",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=631859"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=631881",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=631881"
},
{
"url": "https://launchpad.net/mailman/+milestone/2.1.14rc1",
"refsource": "MISC",
"name": "https://launchpad.net/mailman/+milestone/2.1.14rc1"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
} }
] ]
} }

215
2010/3xxx/CVE-2010-3301.json
View File

@ -1,40 +1,17 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-3301", "ID": "CVE-2010-3301",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "The IA32 system call emulation functionality in arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.36-rc4-git2 on the x86_64 platform does not zero extend the %eax register after the 32-bit entry path to ptrace is used, which allows local users to gain privileges by triggering an out-of-bounds access to the system call table using the %rax register. NOTE: this vulnerability exists because of a CVE-2007-4573 regression." "value": "CVE-2010-3301 kernel: IA32 System Call Entry Point Vulnerability"
} }
] ]
}, },
@ -44,98 +21,158 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "n/a" "value": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"cweId": "CWE-119"
} }
] ]
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-71.7.1.el6",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "[oss-security] 20100916 Re: CVE-2010-3301 kernel: IA32 System Call Entry Point Vulnerability", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:198",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/09/16/3"
},
{
"name": "[oss-security] 20100916 CVE-2010-3301 kernel: IA32 System Call Entry Point Vulnerability",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/09/16/1"
},
{
"name": "ADV-2010-3117",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3117"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=634449",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=634449"
},
{
"name": "MDVSA-2010:198",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:198"
},
{
"name": "http://sota.gen.nz/compat2/",
"refsource": "MISC", "refsource": "MISC",
"url": "http://sota.gen.nz/compat2/" "name": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:198"
}, },
{ {
"name": "USN-1041-1", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html",
"refsource": "UBUNTU", "refsource": "MISC",
"url": "http://www.ubuntu.com/usn/USN-1041-1" "name": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html"
}, },
{ {
"name": "SUSE-SA:2011:007", "url": "http://www.vupen.com/english/advisories/2011/0298",
"refsource": "SUSE", "refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html" "name": "http://www.vupen.com/english/advisories/2011/0298"
}, },
{ {
"name": "RHSA-2010:0842", "url": "http://secunia.com/advisories/42758",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0842.html" "name": "http://secunia.com/advisories/42758"
}, },
{ {
"name": "MDVSA-2010:247", "url": "http://www.redhat.com/support/errata/RHSA-2010-0842.html",
"refsource": "MANDRIVA", "refsource": "MISC",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:247" "name": "http://www.redhat.com/support/errata/RHSA-2010-0842.html"
}, },
{ {
"name": "ADV-2011-0298", "url": "http://www.ubuntu.com/usn/USN-1041-1",
"refsource": "VUPEN", "refsource": "MISC",
"url": "http://www.vupen.com/english/advisories/2011/0298" "name": "http://www.ubuntu.com/usn/USN-1041-1"
}, },
{ {
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.36-rc4-git2.log", "url": "http://www.vupen.com/english/advisories/2011/0070",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.36-rc4-git2.log" "name": "http://www.vupen.com/english/advisories/2011/0070"
}, },
{ {
"name": "42758", "url": "https://access.redhat.com/errata/RHSA-2010:0842",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/42758" "name": "https://access.redhat.com/errata/RHSA-2010:0842"
}, },
{ {
"name": "SUSE-SR:2010:017", "url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html",
"refsource": "SUSE", "refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html" "name": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
}, },
{ {
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=eefdca043e8391dcd719711716492063030b55ac", "url": "http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.36-rc4-git2.log",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=eefdca043e8391dcd719711716492063030b55ac" "name": "http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.36-rc4-git2.log"
}, },
{ {
"name": "ADV-2011-0070", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:247",
"refsource": "VUPEN", "refsource": "MISC",
"url": "http://www.vupen.com/english/advisories/2011/0070" "name": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:247"
}, },
{ {
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=36d001c70d8a0144ac1d038f6876c484849a74de", "url": "http://www.vupen.com/english/advisories/2010/3117",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=36d001c70d8a0144ac1d038f6876c484849a74de" "name": "http://www.vupen.com/english/advisories/2010/3117"
},
{
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=36d001c70d8a0144ac1d038f6876c484849a74de",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=36d001c70d8a0144ac1d038f6876c484849a74de"
},
{
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=eefdca043e8391dcd719711716492063030b55ac",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=eefdca043e8391dcd719711716492063030b55ac"
},
{
"url": "http://sota.gen.nz/compat2/",
"refsource": "MISC",
"name": "http://sota.gen.nz/compat2/"
},
{
"url": "http://www.openwall.com/lists/oss-security/2010/09/16/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2010/09/16/1"
},
{
"url": "http://www.openwall.com/lists/oss-security/2010/09/16/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2010/09/16/3"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2010-3301",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2010-3301"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=634449",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=634449"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.2,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
} }
] ]
} }

166
2010/3xxx/CVE-2010-3302.json
View File

@ -1,40 +1,17 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-3302", "ID": "CVE-2010-3302",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "Buffer overflow in programs/pluto/xauth.c in the client in Openswan 2.6.25 through 2.6.28 might allow remote authenticated gateways to execute arbitrary code or cause a denial of service via long (1) cisco_dns_info or (2) cisco_domain_info data in a packet." "value": "CVE-2010-3302 openswan: buffer overflow vulnerability in XAUTH client-side support"
} }
] ]
}, },
@ -44,68 +21,133 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "n/a" "value": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"cweId": "CWE-119"
} }
] ]
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:2.6.24-8.el6_0.1",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "41769", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/048999.html",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/41769" "name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/048999.html"
}, },
{ {
"name": "ADV-2010-2526", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049053.html",
"refsource": "VUPEN", "refsource": "MISC",
"url": "http://www.vupen.com/english/advisories/2010/2526" "name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049053.html"
}, },
{ {
"name": "http://www.openswan.org/download/CVE-2010-3302/CVE-2010-3302.txt", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049073.html",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://www.openswan.org/download/CVE-2010-3302/CVE-2010-3302.txt" "name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049073.html"
}, },
{ {
"name": "43588", "url": "http://secunia.com/advisories/41769",
"refsource": "BID", "refsource": "MISC",
"url": "http://www.securityfocus.com/bid/43588" "name": "http://secunia.com/advisories/41769"
}, },
{ {
"name": "RHSA-2010:0892", "url": "http://www.openswan.org/download/CVE-2010-3308/openswan-2.6.26-2.6.28-CVE-2010-330x.patch",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0892.html" "name": "http://www.openswan.org/download/CVE-2010-3308/openswan-2.6.26-2.6.28-CVE-2010-330x.patch"
}, },
{ {
"name": "1024749", "url": "http://www.redhat.com/support/errata/RHSA-2010-0892.html",
"refsource": "SECTRACK", "refsource": "MISC",
"url": "http://www.securitytracker.com/id?1024749" "name": "http://www.redhat.com/support/errata/RHSA-2010-0892.html"
}, },
{ {
"name": "http://www.openswan.org/download/CVE-2010-3308/openswan-2.6.26-2.6.28-CVE-2010-330x.patch", "url": "http://www.securityfocus.com/bid/43588",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://www.openswan.org/download/CVE-2010-3308/openswan-2.6.26-2.6.28-CVE-2010-330x.patch" "name": "http://www.securityfocus.com/bid/43588"
}, },
{ {
"name": "http://www.openswan.org/download/CVE-2010-3302/openswan-2.6.25-CVE-2010-3302.patch", "url": "http://www.securitytracker.com/id?1024749",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://www.openswan.org/download/CVE-2010-3302/openswan-2.6.25-CVE-2010-3302.patch" "name": "http://www.securitytracker.com/id?1024749"
}, },
{ {
"name": "FEDORA-2010-15508", "url": "http://www.vupen.com/english/advisories/2010/2526",
"refsource": "FEDORA", "refsource": "MISC",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049053.html" "name": "http://www.vupen.com/english/advisories/2010/2526"
}, },
{ {
"name": "FEDORA-2010-15381", "url": "https://access.redhat.com/errata/RHSA-2010:0892",
"refsource": "FEDORA", "refsource": "MISC",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/048999.html" "name": "https://access.redhat.com/errata/RHSA-2010:0892"
}, },
{ {
"name": "FEDORA-2010-15516", "url": "http://www.openswan.org/download/CVE-2010-3302/CVE-2010-3302.txt",
"refsource": "FEDORA", "refsource": "MISC",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049073.html" "name": "http://www.openswan.org/download/CVE-2010-3302/CVE-2010-3302.txt"
},
{
"url": "http://www.openswan.org/download/CVE-2010-3302/openswan-2.6.25-CVE-2010-3302.patch",
"refsource": "MISC",
"name": "http://www.openswan.org/download/CVE-2010-3302/openswan-2.6.25-CVE-2010-3302.patch"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2010-3302",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2010-3302"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=634264",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=634264"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.1,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:H/Au:S/C:C/I:C/A:C",
"version": "2.0"
} }
] ]
} }

198
2010/3xxx/CVE-2010-3311.json
View File

@ -1,40 +1,17 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-3311", "ID": "CVE-2010-3311",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "Integer overflow in base/ftstream.c in libXft (aka the X FreeType library) in FreeType before 2.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Compact Font Format (CFF) font file that triggers a heap-based buffer overflow, related to an \"input stream position error\" issue, a different vulnerability than CVE-2010-1797." "value": "CVE-2010-3311 freetype: Input stream position error by processing Compact Font Format (CFF) font files"
} }
] ]
}, },
@ -44,63 +21,166 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "n/a" "value": "Heap-based Buffer Overflow",
"cweId": "CWE-122"
} }
] ]
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 3",
"version": {
"version_data": [
{
"version_value": "0:2.1.4-18.el3",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 4",
"version": {
"version_data": [
{
"version_value": "0:2.1.9-17.el4.8",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:2.2.1-28.el5_5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:2.3.11-6.el6_0.1",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "43700", "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html",
"refsource": "BID", "refsource": "MISC",
"url": "http://www.securityfocus.com/bid/43700" "name": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"
}, },
{ {
"name": "DSA-2116", "url": "http://secunia.com/advisories/48951",
"refsource": "DEBIAN", "refsource": "MISC",
"url": "http://www.debian.org/security/2010/dsa-2116" "name": "http://secunia.com/advisories/48951"
}, },
{ {
"name": "RHSA-2010:0737", "url": "http://www.ubuntu.com/usn/USN-1013-1",
"refsource": "REDHAT", "refsource": "MISC",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0737.html" "name": "http://www.ubuntu.com/usn/USN-1013-1"
}, },
{ {
"name": "MDVSA-2010:201", "url": "http://www.redhat.com/support/errata/RHSA-2010-0864.html",
"refsource": "MANDRIVA", "refsource": "MISC",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:201" "name": "http://www.redhat.com/support/errata/RHSA-2010-0864.html"
}, },
{ {
"name": "USN-1013-1", "url": "https://access.redhat.com/errata/RHSA-2010:0864",
"refsource": "UBUNTU", "refsource": "MISC",
"url": "http://www.ubuntu.com/usn/USN-1013-1" "name": "https://access.redhat.com/errata/RHSA-2010:0864"
}, },
{ {
"name": "RHSA-2010:0864", "url": "https://access.redhat.com/errata/RHSA-2010:0736",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0864.html" "name": "https://access.redhat.com/errata/RHSA-2010:0736"
}, },
{ {
"name": "48951", "url": "https://access.redhat.com/errata/RHSA-2010:0737",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/48951" "name": "https://access.redhat.com/errata/RHSA-2010:0737"
}, },
{ {
"name": "SUSE-SR:2010:019", "url": "https://rhn.redhat.com/errata/RHSA-2010-0736.html",
"refsource": "SUSE", "refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html" "name": "https://rhn.redhat.com/errata/RHSA-2010-0736.html"
}, },
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=623625", "url": "https://rhn.redhat.com/errata/RHSA-2010-0737.html",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=623625" "name": "https://rhn.redhat.com/errata/RHSA-2010-0737.html"
}, },
{ {
"name": "RHSA-2010:0736", "url": "http://www.debian.org/security/2010/dsa-2116",
"refsource": "REDHAT", "refsource": "MISC",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0736.html" "name": "http://www.debian.org/security/2010/dsa-2116"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:201",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:201"
},
{
"url": "http://www.securityfocus.com/bid/43700",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/43700"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2010-3311",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2010-3311"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=623625",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=623625"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
} }
] ]
} }

299
2010/3xxx/CVE-2010-3432.json
View File

@ -1,40 +1,17 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-3432", "ID": "CVE-2010-3432",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "The sctp_packet_config function in net/sctp/output.c in the Linux kernel before 2.6.35.6 performs extraneous initializations of packet data structures, which allows remote attackers to cause a denial of service (panic) via a certain sequence of SCTP traffic." "value": "CVE-2010-3432 kernel: sctp: do not reset the packet during sctp_packet_config"
} }
] ]
}, },
@ -44,138 +21,252 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "n/a" "value": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"cweId": "CWE-119"
} }
] ]
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "MRG for RHEL-5",
"version": {
"version_data": [
{
"version_value": "0:2.6.33.7-rt29.47.el5rt",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 4",
"version": {
"version_data": [
{
"version_value": "0:2.6.9-89.33.1.EL",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-194.32.1.el5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-71.7.1.el6",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "42789", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/42789" "name": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html"
}, },
{ {
"name": "ADV-2011-0024", "url": "http://www.ubuntu.com/usn/USN-1000-1",
"refsource": "VUPEN", "refsource": "MISC",
"url": "http://www.vupen.com/english/advisories/2011/0024" "name": "http://www.ubuntu.com/usn/USN-1000-1"
}, },
{ {
"name": "42778", "url": "http://www.vupen.com/english/advisories/2011/0298",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/42778" "name": "http://www.vupen.com/english/advisories/2011/0298"
}, },
{ {
"name": "[oss-security] 20100924 CVE Request -- Linux/SCTP DoS in sctp_packet_config()", "url": "http://www.redhat.com/support/errata/RHSA-2010-0842.html",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://marc.info/?l=oss-security&m=128534569803598&w=2" "name": "http://www.redhat.com/support/errata/RHSA-2010-0842.html"
}, },
{ {
"name": "RHSA-2011:0004", "url": "https://access.redhat.com/errata/RHSA-2010:0842",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0004.html" "name": "https://access.redhat.com/errata/RHSA-2010:0842"
}, },
{ {
"name": "USN-1000-1", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html",
"refsource": "UBUNTU", "refsource": "MISC",
"url": "http://www.ubuntu.com/usn/USN-1000-1" "name": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html"
}, },
{ {
"name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console", "url": "http://secunia.com/advisories/42778",
"refsource": "BUGTRAQ", "refsource": "MISC",
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded" "name": "http://secunia.com/advisories/42778"
}, },
{ {
"name": "46397", "url": "http://www.debian.org/security/2010/dsa-2126",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/46397" "name": "http://www.debian.org/security/2010/dsa-2126"
}, },
{ {
"name": "ADV-2010-3113", "url": "http://www.vupen.com/english/advisories/2011/0012",
"refsource": "VUPEN", "refsource": "MISC",
"url": "http://www.vupen.com/english/advisories/2010/3113" "name": "http://www.vupen.com/english/advisories/2011/0012"
}, },
{ {
"name": "SUSE-SA:2011:001", "url": "http://secunia.com/advisories/42400",
"refsource": "SUSE", "refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html" "name": "http://secunia.com/advisories/42400"
}, },
{ {
"name": "RHSA-2010:0936", "url": "http://secunia.com/advisories/42789",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0936.html" "name": "http://secunia.com/advisories/42789"
}, },
{ {
"name": "43480", "url": "http://secunia.com/advisories/46397",
"refsource": "BID", "refsource": "MISC",
"url": "http://www.securityfocus.com/bid/43480" "name": "http://secunia.com/advisories/46397"
}, },
{ {
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.6", "url": "http://www.redhat.com/support/errata/RHSA-2010-0936.html",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.6" "name": "http://www.redhat.com/support/errata/RHSA-2010-0936.html"
}, },
{ {
"name": "SUSE-SA:2011:007", "url": "http://www.redhat.com/support/errata/RHSA-2010-0958.html",
"refsource": "SUSE", "refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html" "name": "http://www.redhat.com/support/errata/RHSA-2010-0958.html"
}, },
{ {
"name": "RHSA-2010:0842", "url": "http://www.redhat.com/support/errata/RHSA-2011-0004.html",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0842.html" "name": "http://www.redhat.com/support/errata/RHSA-2011-0004.html"
}, },
{ {
"name": "ADV-2011-0298", "url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded",
"refsource": "VUPEN", "refsource": "MISC",
"url": "http://www.vupen.com/english/advisories/2011/0298" "name": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
}, },
{ {
"name": "RHSA-2010:0958", "url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0958.html" "name": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
}, },
{ {
"name": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html", "url": "http://www.vupen.com/english/advisories/2010/3113",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html" "name": "http://www.vupen.com/english/advisories/2010/3113"
}, },
{ {
"name": "[oss-security] 20100925 Re: CVE Request -- Linux/SCTP DoS in sctp_packet_config()", "url": "http://www.vupen.com/english/advisories/2011/0024",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://marc.info/?l=oss-security&m=128537701808336&w=2" "name": "http://www.vupen.com/english/advisories/2011/0024"
}, },
{ {
"name": "ADV-2011-0012", "url": "https://access.redhat.com/errata/RHSA-2010:0936",
"refsource": "VUPEN", "refsource": "MISC",
"url": "http://www.vupen.com/english/advisories/2011/0012" "name": "https://access.redhat.com/errata/RHSA-2010:0936"
}, },
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=637675", "url": "https://access.redhat.com/errata/RHSA-2010:0958",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=637675" "name": "https://access.redhat.com/errata/RHSA-2010:0958"
}, },
{ {
"name": "[netdev] 20100915 [PATCH] net: SCTP remote/local Denial of Service vulnerability description and fix", "url": "https://access.redhat.com/errata/RHSA-2011:0004",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://marc.info/?l=linux-netdev&m=128453869227715&w=3" "name": "https://access.redhat.com/errata/RHSA-2011:0004"
}, },
{ {
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=4bdab43323b459900578b200a4b8cf9713ac8fab", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4bdab43323b459900578b200a4b8cf9713ac8fab",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=4bdab43323b459900578b200a4b8cf9713ac8fab" "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4bdab43323b459900578b200a4b8cf9713ac8fab"
}, },
{ {
"name": "42400", "url": "http://marc.info/?l=linux-netdev&m=128453869227715&w=3",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/42400" "name": "http://marc.info/?l=linux-netdev&m=128453869227715&w=3"
}, },
{ {
"name": "DSA-2126", "url": "http://marc.info/?l=oss-security&m=128534569803598&w=2",
"refsource": "DEBIAN", "refsource": "MISC",
"url": "http://www.debian.org/security/2010/dsa-2126" "name": "http://marc.info/?l=oss-security&m=128534569803598&w=2"
},
{
"url": "http://marc.info/?l=oss-security&m=128537701808336&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=oss-security&m=128537701808336&w=2"
},
{
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.6",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.6"
},
{
"url": "http://www.securityfocus.com/bid/43480",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/43480"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2010-3432",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2010-3432"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=637675",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=637675"
}
]
},
"work_around": [
{
"lang": "en",
"value": "For users that do not run applications that use SCTP, you can prevent the sctp module from being loaded by adding the following entry to the end of the /etc/modprobe.d/blacklist file:\n\nblacklist sctp\n\nThis way, the sctp module cannot be loaded accidentally, which may occur if an application that requires SCTP is started. A reboot is not necessary for this change to take effect."
}
],
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
} }
] ]
} }

209
2011/1xxx/CVE-2011-1957.json
View File

@ -1,40 +1,17 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-1957", "ID": "CVE-2011-1957",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "The dissect_dcm_main function in epan/dissectors/packet-dcm.c in the DICOM dissector in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (infinite loop) via an invalid PDU length." "value": "CVE-2011-1957 wireshark: Infinite loop in the DICOM dissector"
} }
] ]
}, },
@ -44,108 +21,168 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "n/a" "value": "Loop with Unreachable Exit Condition ('Infinite Loop')",
"cweId": "CWE-835"
} }
] ]
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:1.2.15-2.el6_2.1",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "44958", "url": "http://secunia.com/advisories/44449",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/44958" "name": "http://secunia.com/advisories/44449"
}, },
{ {
"name": "FEDORA-2011-7846", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061290.html",
"refsource": "FEDORA", "refsource": "MISC",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061437.html" "name": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061290.html"
}, },
{ {
"name": "http://www.wireshark.org/security/wnpa-sec-2011-07.html", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061437.html",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://www.wireshark.org/security/wnpa-sec-2011-07.html" "name": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061437.html"
}, },
{ {
"name": "http://anonsvn.wireshark.org/viewvc?view=revision&revision=36958", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061477.html",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://anonsvn.wireshark.org/viewvc?view=revision&revision=36958" "name": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061477.html"
}, },
{ {
"name": "48947", "url": "http://openwall.com/lists/oss-security/2011/05/31/20",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/48947" "name": "http://openwall.com/lists/oss-security/2011/05/31/20"
}, },
{ {
"name": "48066", "url": "http://openwall.com/lists/oss-security/2011/06/01/1",
"refsource": "BID", "refsource": "MISC",
"url": "http://www.securityfocus.com/bid/48066" "name": "http://openwall.com/lists/oss-security/2011/06/01/1"
}, },
{ {
"name": "http://www.wireshark.org/security/wnpa-sec-2011-08.html", "url": "http://openwall.com/lists/oss-security/2011/06/01/11",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://www.wireshark.org/security/wnpa-sec-2011-08.html" "name": "http://openwall.com/lists/oss-security/2011/06/01/11"
}, },
{ {
"name": "DSA-2274", "url": "http://secunia.com/advisories/44958",
"refsource": "DEBIAN", "refsource": "MISC",
"url": "http://www.debian.org/security/2011/dsa-2274" "name": "http://secunia.com/advisories/44958"
}, },
{ {
"name": "44449", "url": "http://secunia.com/advisories/45149",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/44449" "name": "http://secunia.com/advisories/45149"
}, },
{ {
"name": "oval:org.mitre.oval:def:14325", "url": "http://secunia.com/advisories/48947",
"refsource": "OVAL", "refsource": "MISC",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14325" "name": "http://secunia.com/advisories/48947"
}, },
{ {
"name": "[oss-security] 20110601 Re: CVE request for Wireshark 1.4.6/1.2.16 Multiple DoS issues", "url": "http://www.debian.org/security/2011/dsa-2274",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://openwall.com/lists/oss-security/2011/06/01/11" "name": "http://www.debian.org/security/2011/dsa-2274"
}, },
{ {
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5876", "url": "http://www.securityfocus.com/bid/48066",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5876" "name": "http://www.securityfocus.com/bid/48066"
}, },
{ {
"name": "[oss-security] 20110601 Re: CVE request for Wireshark 1.4.6/1.2.16 Multiple DoS issues", "url": "http://www.wireshark.org/security/wnpa-sec-2011-07.html",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://openwall.com/lists/oss-security/2011/06/01/1" "name": "http://www.wireshark.org/security/wnpa-sec-2011-07.html"
}, },
{ {
"name": "FEDORA-2011-7821", "url": "http://www.wireshark.org/security/wnpa-sec-2011-08.html",
"refsource": "FEDORA", "refsource": "MISC",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061290.html" "name": "http://www.wireshark.org/security/wnpa-sec-2011-08.html"
}, },
{ {
"name": "wireshark-dicom-dos(67790)", "url": "https://access.redhat.com/errata/RHSA-2012:0509",
"refsource": "XF", "refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67790" "name": "https://access.redhat.com/errata/RHSA-2012:0509"
}, },
{ {
"name": "[oss-security] 20110531 CVE request for Wireshark 1.4.6/1.2.16 Multiple DoS issues", "url": "http://anonsvn.wireshark.org/viewvc?view=revision&revision=36958",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://openwall.com/lists/oss-security/2011/05/31/20" "name": "http://anonsvn.wireshark.org/viewvc?view=revision&revision=36958"
}, },
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=710021", "url": "https://access.redhat.com/security/cve/CVE-2011-1957",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=710021" "name": "https://access.redhat.com/security/cve/CVE-2011-1957"
}, },
{ {
"name": "FEDORA-2011-7858", "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5876",
"refsource": "FEDORA", "refsource": "MISC",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061477.html" "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5876"
}, },
{ {
"name": "45149", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=710021",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/45149" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=710021"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67790",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67790"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14325",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14325"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
} }
] ]
} }

219
2011/1xxx/CVE-2011-1958.json
View File

@ -1,40 +1,17 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-1958", "ID": "CVE-2011-1958",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows user-assisted remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Diameter dictionary file." "value": "CVE-2011-1958 wireshark (64bit): NULL pointer dereference by processing of a corrupted Diameter dictionary file"
} }
] ]
}, },
@ -44,103 +21,179 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "n/a" "value": "NULL Pointer Dereference",
"cweId": "CWE-476"
} }
] ]
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:1.0.15-5.el5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:1.2.15-2.el6_2.1",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "44958", "url": "http://secunia.com/advisories/44449",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/44958" "name": "http://secunia.com/advisories/44449"
}, },
{ {
"name": "FEDORA-2011-7846", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061290.html",
"refsource": "FEDORA", "refsource": "MISC",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061437.html" "name": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061290.html"
}, },
{ {
"name": "http://www.wireshark.org/security/wnpa-sec-2011-07.html", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061437.html",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://www.wireshark.org/security/wnpa-sec-2011-07.html" "name": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061437.html"
}, },
{ {
"name": "RHSA-2013:0125", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061477.html",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0125.html" "name": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061477.html"
}, },
{ {
"name": "48947", "url": "http://openwall.com/lists/oss-security/2011/05/31/20",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/48947" "name": "http://openwall.com/lists/oss-security/2011/05/31/20"
}, },
{ {
"name": "48066", "url": "http://openwall.com/lists/oss-security/2011/06/01/1",
"refsource": "BID", "refsource": "MISC",
"url": "http://www.securityfocus.com/bid/48066" "name": "http://openwall.com/lists/oss-security/2011/06/01/1"
}, },
{ {
"name": "http://www.wireshark.org/security/wnpa-sec-2011-08.html", "url": "http://openwall.com/lists/oss-security/2011/06/01/11",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://www.wireshark.org/security/wnpa-sec-2011-08.html" "name": "http://openwall.com/lists/oss-security/2011/06/01/11"
}, },
{ {
"name": "wireshark-diameter-dos(67791)", "url": "http://rhn.redhat.com/errata/RHSA-2013-0125.html",
"refsource": "XF", "refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67791" "name": "http://rhn.redhat.com/errata/RHSA-2013-0125.html"
}, },
{ {
"name": "DSA-2274", "url": "http://secunia.com/advisories/44958",
"refsource": "DEBIAN", "refsource": "MISC",
"url": "http://www.debian.org/security/2011/dsa-2274" "name": "http://secunia.com/advisories/44958"
}, },
{ {
"name": "44449", "url": "http://secunia.com/advisories/45149",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/44449" "name": "http://secunia.com/advisories/45149"
}, },
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=710184", "url": "http://secunia.com/advisories/48947",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=710184" "name": "http://secunia.com/advisories/48947"
}, },
{ {
"name": "[oss-security] 20110601 Re: CVE request for Wireshark 1.4.6/1.2.16 Multiple DoS issues", "url": "http://www.debian.org/security/2011/dsa-2274",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://openwall.com/lists/oss-security/2011/06/01/11" "name": "http://www.debian.org/security/2011/dsa-2274"
}, },
{ {
"name": "oval:org.mitre.oval:def:15045", "url": "http://www.securityfocus.com/bid/48066",
"refsource": "OVAL", "refsource": "MISC",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15045" "name": "http://www.securityfocus.com/bid/48066"
}, },
{ {
"name": "[oss-security] 20110601 Re: CVE request for Wireshark 1.4.6/1.2.16 Multiple DoS issues", "url": "http://www.wireshark.org/security/wnpa-sec-2011-07.html",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://openwall.com/lists/oss-security/2011/06/01/1" "name": "http://www.wireshark.org/security/wnpa-sec-2011-07.html"
}, },
{ {
"name": "FEDORA-2011-7821", "url": "http://www.wireshark.org/security/wnpa-sec-2011-08.html",
"refsource": "FEDORA", "refsource": "MISC",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061290.html" "name": "http://www.wireshark.org/security/wnpa-sec-2011-08.html"
}, },
{ {
"name": "[oss-security] 20110531 CVE request for Wireshark 1.4.6/1.2.16 Multiple DoS issues", "url": "https://access.redhat.com/errata/RHSA-2012:0509",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://openwall.com/lists/oss-security/2011/05/31/20" "name": "https://access.redhat.com/errata/RHSA-2012:0509"
}, },
{ {
"name": "FEDORA-2011-7858", "url": "https://access.redhat.com/errata/RHSA-2013:0125",
"refsource": "FEDORA", "refsource": "MISC",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061477.html" "name": "https://access.redhat.com/errata/RHSA-2013:0125"
}, },
{ {
"name": "45149", "url": "https://access.redhat.com/security/cve/CVE-2011-1958",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/45149" "name": "https://access.redhat.com/security/cve/CVE-2011-1958"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=710184",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=710184"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67791",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67791"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15045",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15045"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 2.6,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
} }
] ]
} }

143
2011/2xxx/CVE-2011-2203.json
View File

@ -1,40 +1,17 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-2203", "ID": "CVE-2011-2203",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "The hfs_find_init function in the Linux kernel 2.6 allows local users to cause a denial of service (NULL pointer dereference and Oops) by mounting an HFS file system with a malformed MDB extent record." "value": "CVE-2011-2203 kernel: hfs_find_init() sb->ext_tree NULL pointer dereference"
} }
] ]
}, },
@ -44,53 +21,113 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "n/a" "value": "NULL Pointer Dereference",
"cweId": "CWE-476"
} }
] ]
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-274.12.1.el5",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "[oss-security] 20110613 Re: CVE request: kernel: hfs_find_init() sb->ext_tree NULL pointer dereference", "url": "https://access.redhat.com/errata/RHSA-2011:1479",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2011/06/13/16" "name": "https://access.redhat.com/errata/RHSA-2011:1479"
}, },
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=712774", "url": "http://secunia.com/advisories/47754",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=712774" "name": "http://secunia.com/advisories/47754"
}, },
{ {
"name": "USN-1328-1", "url": "http://www.openwall.com/lists/oss-security/2011/06/13/16",
"refsource": "UBUNTU", "refsource": "MISC",
"url": "http://www.ubuntu.com/usn/USN-1328-1" "name": "http://www.openwall.com/lists/oss-security/2011/06/13/16"
}, },
{ {
"name": "USN-1344-1", "url": "http://www.securityfocus.com/bid/48236",
"refsource": "UBUNTU", "refsource": "MISC",
"url": "http://www.ubuntu.com/usn/USN-1344-1" "name": "http://www.securityfocus.com/bid/48236"
}, },
{ {
"name": "48236", "url": "http://www.ubuntu.com/usn/USN-1324-1",
"refsource": "BID", "refsource": "MISC",
"url": "http://www.securityfocus.com/bid/48236" "name": "http://www.ubuntu.com/usn/USN-1324-1"
}, },
{ {
"name": "USN-1324-1", "url": "http://www.ubuntu.com/usn/USN-1328-1",
"refsource": "UBUNTU", "refsource": "MISC",
"url": "http://www.ubuntu.com/usn/USN-1324-1" "name": "http://www.ubuntu.com/usn/USN-1328-1"
}, },
{ {
"name": "47754", "url": "http://www.ubuntu.com/usn/USN-1344-1",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/47754" "name": "http://www.ubuntu.com/usn/USN-1344-1"
}, },
{ {
"name": "[linux-kernel] 20110608 [BUG] hfs_find_init() sb->ext_tree NULL pointer dereference", "url": "https://access.redhat.com/security/cve/CVE-2011-2203",
"refsource": "MLIST", "refsource": "MISC",
"url": "https://lkml.org/lkml/2011/6/8/154" "name": "https://access.redhat.com/security/cve/CVE-2011-2203"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=712774",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=712774"
},
{
"url": "https://lkml.org/lkml/2011/6/8/154",
"refsource": "MISC",
"name": "https://lkml.org/lkml/2011/6/8/154"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:C",
"version": "2.0"
} }
] ]
} }