diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2019-11-26 21:38:14 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2019-11-26 21:38:14 +0100 |
commit | 817b3d9e4446afb36e1334e8724cddbd412a68fb (patch) | |
tree | 4be114e2003e20bed2e2c855b60c81bbb56a6275 | |
parent | 56fbac14fe30c45df737ca07b4aa61e92a5b0afd (diff) |
Replace occurences of NFU for Centreon web UI with the ITP entry
-rw-r--r-- | data/CVE/2007.list | 2 | ||||
-rw-r--r-- | data/CVE/2008.list | 6 | ||||
-rw-r--r-- | data/CVE/2009.list | 2 | ||||
-rw-r--r-- | data/CVE/2010.list | 2 | ||||
-rw-r--r-- | data/CVE/2012.list | 2 | ||||
-rw-r--r-- | data/CVE/2014.list | 4 | ||||
-rw-r--r-- | data/CVE/2015.list | 6 | ||||
-rw-r--r-- | data/CVE/2018.list | 28 | ||||
-rw-r--r-- | data/CVE/2019.list | 20 |
9 files changed, 36 insertions, 36 deletions
diff --git a/data/CVE/2007.list b/data/CVE/2007.list index 2ca5e51f44..5aa7361057 100644 --- a/data/CVE/2007.list +++ b/data/CVE/2007.list @@ -667,7 +667,7 @@ CVE-2007-6487 (Unspecified vulnerability in Plain Black WebGUI 7.4.0 through 7.4 CVE-2007-6486 (Multiple cross-site scripting (XSS) vulnerabilities in shout.php (aka ...) NOT-FOR-US: LineShout CVE-2007-6485 (Multiple PHP remote file inclusion vulnerabilities in Centreon 1.4.1 ( ...) - NOT-FOR-US: Centreon web UI (not packaged in Debian) + - centreon-web <itp> (bug #913903) CVE-2007-6484 (SQL injection vulnerability in index.php in phpRPG 0.8 allows remote a ...) NOT-FOR-US: phpRPG CVE-2007-6483 (Directory traversal vulnerability in SafeNet Sentinel Protection Serve ...) diff --git a/data/CVE/2008.list b/data/CVE/2008.list index 931efa05de..612361a8c0 100644 --- a/data/CVE/2008.list +++ b/data/CVE/2008.list @@ -14445,9 +14445,9 @@ CVE-2008-1181 (Juniper Networks Secure Access 2000 5.5 R1 (build 11711) allows r CVE-2008-1180 (Cross-site scripting (XSS) vulnerability in dana-na/auth/rdremediate.c ...) NOT-FOR-US: Juniper CVE-2008-1179 (Multiple cross-site scripting (XSS) vulnerabilities in include/common/ ...) - NOT-FOR-US: Centreon web UI (not packaged in Debian) + - centreon-web <itp> (bug #913903) CVE-2008-1178 (Directory traversal vulnerability in include/doc/index.php in Centreon ...) - NOT-FOR-US: Centreon web UI (not packaged in Debian) + - centreon-web <itp> (bug #913903) CVE-2008-1177 (SQL injection vulnerability in shop/detail.php in Affiliate Market (af ...) NOT-FOR-US: Affiliate Market CVE-2008-1176 (Cross-site scripting (XSS) vulnerability in function/sideblock.php in ...) @@ -14596,7 +14596,7 @@ CVE-2008-1121 (SQL injection vulnerability in index.php in eazyPortal 1.0 and ea CVE-2008-1120 (Format string vulnerability in the embedded Internet Explorer componen ...) NOT-FOR-US: ICQ CVE-2008-1119 (Directory traversal vulnerability in include/doc/get_image.php in Cent ...) - NOT-FOR-US: Centreon web UI (not packaged in Debian) + - centreon-web <itp> (bug #913903) CVE-2008-1118 (Timbuktu Pro 8.6.5 for Windows, and possibly 8.7 for Mac OS X, does no ...) NOT-FOR-US: Timbuktu Pro CVE-2008-1117 (Directory traversal vulnerability in the Notes (aka Flash Notes or ins ...) diff --git a/data/CVE/2009.list b/data/CVE/2009.list index aec1b3f1e7..aae1f43f58 100644 --- a/data/CVE/2009.list +++ b/data/CVE/2009.list @@ -1802,7 +1802,7 @@ CVE-2009-4369 (Cross-site scripting (XSS) vulnerability in the Contact module (m - drupal5 5.21-1 (low) [lenny] - drupal5 <no-dsa> (Minor issue, requires auth) CVE-2009-4368 (Multiple unspecified vulnerabilities in Centreon before 2.1.4 have unk ...) - NOT-FOR-US: Centreon web UI (not packaged in Debian) + - centreon-web <itp> (bug #913903) CVE-2009-4367 (The Staging Webservice ("sitecore modules/staging/service/api.asmx") i ...) NOT-FOR-US: Sitecore Staging Module CVE-2009-4366 (Cross-site scripting (XSS) vulnerability in index.php in ScriptsEz Ez ...) diff --git a/data/CVE/2010.list b/data/CVE/2010.list index d0191780c2..34c1d56b70 100644 --- a/data/CVE/2010.list +++ b/data/CVE/2010.list @@ -10339,7 +10339,7 @@ CVE-2010-1303 (Multiple cross-site scripting (XSS) vulnerabilities in the Taxono CVE-2010-1302 (Directory traversal vulnerability in dwgraphs.php in the DecryptWeb DW ...) NOT-FOR-US: Joomla! CVE-2010-1301 (SQL injection vulnerability in main.php in Centreon 2.1.5 allows remot ...) - NOT-FOR-US: Centreon web UI (not packaged in Debian) + - centreon-web <itp> (bug #913903) CVE-2010-1300 (SQL injection vulnerability in index.php in Yamamah (aka Dove Photo Al ...) NOT-FOR-US: Yamamah CVE-2010-1299 (Multiple PHP remote file inclusion vulnerabilities in DynPG CMS 4.1.0, ...) diff --git a/data/CVE/2012.list b/data/CVE/2012.list index 3f90cbf024..d20d279123 100644 --- a/data/CVE/2012.list +++ b/data/CVE/2012.list @@ -1929,7 +1929,7 @@ CVE-2012-5969 (Multiple directory traversal vulnerabilities on the Huawei E585 d CVE-2012-5968 (The Huawei E585 device does not validate the status of admin sessions, ...) NOT-FOR-US: Huawei device CVE-2012-5967 (SQL injection vulnerability in menuXML.php in Centreon 2.3.3 through 2 ...) - NOT-FOR-US: Centreon web UI (not packaged in Debian) + - centreon-web <itp> (bug #913903) CVE-2012-5966 (The restricted telnet shell on the D-Link DSL2730U router allows remot ...) NOT-FOR-US: D-Link DSL2730U router CVE-2012-5965 (Stack-based buffer overflow in the unique_service_name function in ssd ...) diff --git a/data/CVE/2014.list b/data/CVE/2014.list index 18c7cd2ab0..4072aa6510 100644 --- a/data/CVE/2014.list +++ b/data/CVE/2014.list @@ -16895,9 +16895,9 @@ CVE-2014-3831 CVE-2014-3830 (Cross-site scripting (XSS) vulnerability in info.php in TomatoCart 1.1 ...) NOT-FOR-US: TomatoCart CVE-2014-3829 (displayServiceStatus.php in Centreon 2.5.1 and Centreon Enterprise Ser ...) - NOT-FOR-US: Centreon web UI (not packaged in Debian) + - centreon-web <itp> (bug #913903) CVE-2014-3828 (Multiple SQL injection vulnerabilities in Centreon 2.5.1 and Centreon ...) - NOT-FOR-US: Centreon web UI (not packaged in Debian) + - centreon-web <itp> (bug #913903) CVE-2014-3827 RESERVED CVE-2014-3826 diff --git a/data/CVE/2015.list b/data/CVE/2015.list index a8d66d7e26..3d4a78c5c9 100644 --- a/data/CVE/2015.list +++ b/data/CVE/2015.list @@ -5787,7 +5787,7 @@ CVE-2015-7676 (Ipswitch MOVEit File Transfer (formerly DMZ) 8.1 and earlier, whe CVE-2015-7675 (The "Send as attachment" feature in Ipswitch MOVEit DMZ before 8.2 and ...) NOT-FOR-US: MOVEit File Transfer web- and mobile application CVE-2015-7672 (Cross-site scripting (XSS) vulnerability in Centreon 2.6.1 (fixed in C ...) - NOT-FOR-US: Centreon web UI (not packaged in Debian) + - centreon-web <itp> (bug #913903) CVE-2015-7713 (OpenStack Compute (Nova) before 2014.2.4 (juno) and 2015.1.x before 20 ...) - nova 1:12.0.0-2 [jessie] - nova <no-dsa> (Minor issue) @@ -22830,9 +22830,9 @@ CVE-2015-1564 (Cross-site scripting (XSS) vulnerability in style-underground/sea CVE-2015-1562 (Multiple cross-site scripting (XSS) vulnerabilities in Saurus CMS 4.7. ...) NOT-FOR-US: Saurus CMS CVE-2015-1561 (The escape_command function in include/Administration/corePerformance/ ...) - NOT-FOR-US: Centreon web UI (not packaged in Debian) + - centreon-web <itp> (bug #913903) CVE-2015-1560 (SQL injection vulnerability in the isUserAdmin function in include/com ...) - NOT-FOR-US: Centreon web UI (not packaged in Debian) + - centreon-web <itp> (bug #913903) CVE-2015-1559 (Multiple cross-site request forgery (CSRF) vulnerabilities in administ ...) NOT-FOR-US: Epignosis eFront CVE-2015-1557 diff --git a/data/CVE/2018.list b/data/CVE/2018.list index 4a263ef53d..c8f184bcb0 100644 --- a/data/CVE/2018.list +++ b/data/CVE/2018.list @@ -16,17 +16,17 @@ CVE-2018-21027 (Boa through 0.94.14rc21 allows remote attackers to trigger an ou CVE-2018-21026 (A vulnerability in Hitachi Command Suite 7.x and 8.x before 8.6.5-00 a ...) NOT-FOR-US: Hitachi CVE-2018-21025 (In Centreon VM through 19.04.3, centreon-backup.pl allows attackers to ...) - NOT-FOR-US: Centreon web UI (not packaged in Debian) + - centreon-web <itp> (bug #913903) CVE-2018-21024 (licenseUpload.php in Centreon Web before 2.8.27 allows attackers to up ...) - NOT-FOR-US: Centreon web UI (not packaged in Debian) + - centreon-web <itp> (bug #913903) CVE-2018-21023 (getStats.php in Centreon Web before 2.8.28 allows authenticated attack ...) - NOT-FOR-US: Centreon web UI (not packaged in Debian) + - centreon-web <itp> (bug #913903) CVE-2018-21022 (makeXML_ListServices.php in Centreon Web before 2.8.28 allows attacker ...) - NOT-FOR-US: Centreon web UI (not packaged in Debian) + - centreon-web <itp> (bug #913903) CVE-2018-21021 (img_gantt.php in Centreon Web before 2.8.27 allows attackers to perfor ...) - NOT-FOR-US: Centreon web UI (not packaged in Debian) + - centreon-web <itp> (bug #913903) CVE-2018-21020 (In very rare cases, a PHP type juggling vulnerability in centreonAuth. ...) - NOT-FOR-US: Centreon web UI (not packaged in Debian) + - centreon-web <itp> (bug #913903) CVE-2018-21019 (Home Assistant before 0.67.0 was vulnerable to an information disclosu ...) NOT-FOR-US: Home Assistant CVE-2018-21018 (Mastodon before 2.6.3 mishandles timeouts of incompletely established ...) @@ -5121,9 +5121,9 @@ CVE-2018-19314 CVE-2018-19313 RESERVED CVE-2018-19312 (Centreon 3.4.x (fixed in Centreon 18.10.0 and Centreon web 2.8.24) all ...) - NOT-FOR-US: Centreon web UI (not packaged in Debian) + - centreon-web <itp> (bug #913903) CVE-2018-19311 (Centreon 3.4.x (fixed in Centreon 18.10.0) allows XSS via the Service ...) - NOT-FOR-US: Centreon web UI (not packaged in Debian) + - centreon-web <itp> (bug #913903) CVE-2018-19310 RESERVED CVE-2018-19309 @@ -5187,9 +5187,9 @@ CVE-2018-19283 CVE-2018-19282 (Rockwell Automation PowerFlex 525 AC Drives 5.001 and earlier allow re ...) NOT-FOR-US: Rockwell Automation CVE-2018-19281 (Centreon 3.4.x (fixed in Centreon 18.10.0 and Centreon web 2.8.27) all ...) - NOT-FOR-US: Centreon web UI (not packaged in Debian) + - centreon-web <itp> (bug #913903) CVE-2018-19280 (Centreon 3.4.x (fixed in Centreon 18.10.0) has XSS via the resource na ...) - NOT-FOR-US: Centreon web UI (not packaged in Debian) + - centreon-web <itp> (bug #913903) CVE-2018-19279 (PRIMX ZoneCentral before 6.1.2236 on Windows sometimes leaks the plain ...) NOT-FOR-US: PRIMX ZoneCentral CVE-2018-19278 (Buffer overflow in DNS SRV and NAPTR lookups in Digium Asterisk 15.x b ...) @@ -5212,7 +5212,7 @@ CVE-2018-19273 CVE-2018-19272 RESERVED CVE-2018-19271 (Centreon 3.4.x (fixed in Centreon 18.10.0 and Centreon web 2.8.28) all ...) - NOT-FOR-US: Centreon web UI (not packaged in Debian) + - centreon-web <itp> (bug #913903) CVE-2018-19270 REJECTED CVE-2018-19269 @@ -25104,11 +25104,11 @@ CVE-2018-11591 (Espruino before 1.98 allows attackers to cause a denial of servi CVE-2018-11590 (Espruino before 1.99 allows attackers to cause a denial of service (ap ...) NOT-FOR-US: Espruino CVE-2018-11589 (Multiple SQL injection vulnerabilities in Centreon 3.4.6 including Cen ...) - NOT-FOR-US: Centreon web UI (not packaged in Debian) + - centreon-web <itp> (bug #913903) CVE-2018-11588 (Centreon 3.4.6 including Centreon Web 2.8.23 is vulnerable to an authe ...) - NOT-FOR-US: Centreon web UI (not packaged in Debian) + - centreon-web <itp> (bug #913903) CVE-2018-11587 (There is Remote Code Execution in Centreon 3.4.6 including Centreon We ...) - NOT-FOR-US: Centreon web UI (not packaged in Debian) + - centreon-web <itp> (bug #913903) CVE-2018-11586 (XML external entity (XXE) vulnerability in api/rest/status in SearchBl ...) NOT-FOR-US: SearchBlox CVE-2018-11585 diff --git a/data/CVE/2019.list b/data/CVE/2019.list index 88fbfa2f92..24e17021d3 100644 --- a/data/CVE/2019.list +++ b/data/CVE/2019.list @@ -4028,7 +4028,7 @@ CVE-2019-17503 (An issue was discovered in Kirona Dynamic Resource Scheduling (D CVE-2019-17502 (Hydra through 0.1.8 has a NULL pointer dereference and daemon crash wh ...) NOT-FOR-US: Hydra (different from src:hydra) CVE-2019-17501 (Centreon 19.04 allows attackers to execute arbitrary OS commands via t ...) - NOT-FOR-US: Centreon web UI (not packaged in Debian) + - centreon-web <itp> (bug #913903) CVE-2019-17500 RESERVED CVE-2019-17499 (The setter.xml component of the Common Gateway Interface on Compal CH7 ...) @@ -4872,15 +4872,15 @@ CVE-2019-17109 (Koji through 1.18.0 allows remote Directory Traversal, with resu NOTE: https://docs.pagure.org/koji/CVE-2019-17109/ NOTE: https://pagure.io/koji/issue/1634 CVE-2019-17108 (Local file inclusion in brokerPerformance.php in Centreon Web before 2 ...) - NOT-FOR-US: Centreon web UI (not packaged in Debian) + - centreon-web <itp> (bug #913903) CVE-2019-17107 (minPlayCommand.php in Centreon Web before 2.8.27 allows authenticated ...) - NOT-FOR-US: Centreon web UI (not packaged in Debian) + - centreon-web <itp> (bug #913903) CVE-2019-17106 (In Centreon Web through 2.8.29, disclosure of external components' pas ...) - NOT-FOR-US: Centreon web UI (not packaged in Debian) + - centreon-web <itp> (bug #913903) CVE-2019-17105 (The token generator in index.php in Centreon Web before 2.8.27 is pred ...) - NOT-FOR-US: Centreon web UI (not packaged in Debian) + - centreon-web <itp> (bug #913903) CVE-2019-17104 (In Centreon VM through 19.04.3, the cookie configuration within the Ap ...) - NOT-FOR-US: Centreon web UI (not packaged in Debian) + - centreon-web <itp> (bug #913903) CVE-2019-17103 RESERVED CVE-2019-17102 @@ -6440,9 +6440,9 @@ CVE-2019-16408 CVE-2019-16407 (JetBrains ReSharper installers for versions before 2019.2 had a DLL Hi ...) NOT-FOR-US: JetBrains ReSharper installer CVE-2019-16406 (Centreon Web 19.04.4 has weak permissions within the OVA (aka VMware v ...) - NOT-FOR-US: Centreon web UI (not packaged in Debian) + - centreon-web <itp> (bug #913903) CVE-2019-16405 (Centreon Web 19.04.4 allows Remote Code Execution by an administrator ...) - NOT-FOR-US: Centreon web UI (not packaged in Debian) + - centreon-web <itp> (bug #913903) CVE-2019-16404 (Authenticated SQL Injection in interface/forms/eye_mag/js/eye_base.php ...) NOT-FOR-US: OpenEMR CVE-2019-16403 (In Webkul Bagisto before 0.1.5, the functionalities for customers to c ...) @@ -7006,7 +7006,7 @@ CVE-2019-16196 CVE-2019-16195 (Centreon before 2.8.30, 18.x before 18.10.8, and 19.x before 19.04.5 a ...) - centreon-web <itp> (bug #913903) CVE-2019-16194 (SQL injection vulnerabilities in Centreon through 19.04 allow attacks ...) - NOT-FOR-US: Centreon web UI (not packaged in Debian) + - centreon-web <itp> (bug #913903) CVE-2019-16193 (In ArcGIS Enterprise 10.6.1, a crafted IFRAME element can be used to t ...) NOT-FOR-US: ArcGIS Enterprise CVE-2019-16192 (upload_model() in /admini/controllers/system/managemodel.php in DocCms ...) @@ -15043,7 +15043,7 @@ CVE-2019-13026 (OXID eShop 6.0.x before 6.0.5 and 6.1.x before 6.1.4 allows SQL CVE-2019-13025 (Compal CH7465LG CH7465LG-NCIP-6.12.18.24-5p8-NOSH devices have Incorre ...) NOT-FOR-US: Compal CH7465LG CH7465LG-NCIP-6.12.18.24-5p8-NOSH devices CVE-2019-13024 (Centreon 18.x before 18.10.6, 19.x before 19.04.3, and Centreon web be ...) - NOT-FOR-US: Centreon web UI (not packaged in Debian) + - centreon-web <itp> (bug #913903) CVE-2019-13023 RESERVED CVE-2019-13022 |