clarify Centreon NFUs

author: Moritz Muehlenhoff <jmm@debian.org> 2019-09-11 14:51:18 +0200
committer: Moritz Muehlenhoff <jmm@debian.org> 2019-09-11 14:51:18 +0200
commit: 02bd2b07088f0e209aa6e22ba540f4f550050f9a (patch)
tree: f3362c4c40a236b0c008eefefe16c3f467d7713f /data/CVE
parent: 1d585322a750d844b7954c33f39b56c40e7bc037 (diff)
9 files changed, 21 insertions, 21 deletions
diff --git a/data/CVE/2007.list b/data/CVE/2007.list
index 5525d129a5..69e71a646a 100644
--- a/data/CVE/2007.list
+++ b/data/CVE/2007.list
@@ -668,7 +668,7 @@ CVE-2007-6487 (Unspecified vulnerability in Plain Black WebGUI 7.4.0 through 7.4
 CVE-2007-6486 (Multiple cross-site scripting (XSS) vulnerabilities in shout.php (aka  ...)
 	NOT-FOR-US: LineShout
 CVE-2007-6485 (Multiple PHP remote file inclusion vulnerabilities in Centreon 1.4.1 ( ...)
-	NOT-FOR-US: Centreon
+	NOT-FOR-US: Centreon web UI (not packaged in Debian)
 CVE-2007-6484 (SQL injection vulnerability in index.php in phpRPG 0.8 allows remote a ...)
 	NOT-FOR-US: phpRPG
 CVE-2007-6483 (Directory traversal vulnerability in SafeNet Sentinel Protection Serve ...)
diff --git a/data/CVE/2008.list b/data/CVE/2008.list
index f12b9fe439..47e60b69f8 100644
--- a/data/CVE/2008.list
+++ b/data/CVE/2008.list
@@ -14450,9 +14450,9 @@ CVE-2008-1181 (Juniper Networks Secure Access 2000 5.5 R1 (build 11711) allows r
 CVE-2008-1180 (Cross-site scripting (XSS) vulnerability in dana-na/auth/rdremediate.c ...)
 	NOT-FOR-US: Juniper
 CVE-2008-1179 (Multiple cross-site scripting (XSS) vulnerabilities in include/common/ ...)
-	NOT-FOR-US: Centreon
+	NOT-FOR-US: Centreon web UI (not packaged in Debian)
 CVE-2008-1178 (Directory traversal vulnerability in include/doc/index.php in Centreon ...)
-	NOT-FOR-US: Centreon
+	NOT-FOR-US: Centreon web UI (not packaged in Debian)
 CVE-2008-1177 (SQL injection vulnerability in shop/detail.php in Affiliate Market (af ...)
 	NOT-FOR-US: Affiliate Market
 CVE-2008-1176 (Cross-site scripting (XSS) vulnerability in function/sideblock.php in  ...)
@@ -14601,7 +14601,7 @@ CVE-2008-1121 (SQL injection vulnerability in index.php in eazyPortal 1.0 and ea
 CVE-2008-1120 (Format string vulnerability in the embedded Internet Explorer componen ...)
 	NOT-FOR-US: ICQ
 CVE-2008-1119 (Directory traversal vulnerability in include/doc/get_image.php in Cent ...)
-	NOT-FOR-US: Centreon
+	NOT-FOR-US: Centreon web UI (not packaged in Debian)
 CVE-2008-1118 (Timbuktu Pro 8.6.5 for Windows, and possibly 8.7 for Mac OS X, does no ...)
 	NOT-FOR-US: Timbuktu Pro
 CVE-2008-1117 (Directory traversal vulnerability in the Notes (aka Flash Notes or ins ...)
diff --git a/data/CVE/2009.list b/data/CVE/2009.list
index fc80446fd4..2d1fd468fd 100644
--- a/data/CVE/2009.list
+++ b/data/CVE/2009.list
@@ -1804,7 +1804,7 @@ CVE-2009-4369 (Cross-site scripting (XSS) vulnerability in the Contact module (m
 	- drupal5 5.21-1 (low)
 	[lenny] - drupal5 <no-dsa> (Minor issue, requires auth)
 CVE-2009-4368 (Multiple unspecified vulnerabilities in Centreon before 2.1.4 have unk ...)
-	NOT-FOR-US: Centreon
+	NOT-FOR-US: Centreon web UI (not packaged in Debian)
 CVE-2009-4367 (The Staging Webservice ("sitecore modules/staging/service/api.asmx") i ...)
 	NOT-FOR-US: Sitecore Staging Module
 CVE-2009-4366 (Cross-site scripting (XSS) vulnerability in index.php in ScriptsEz Ez  ...)
diff --git a/data/CVE/2010.list b/data/CVE/2010.list
index 500fc73204..8928f5acff 100644
--- a/data/CVE/2010.list
+++ b/data/CVE/2010.list
@@ -10383,7 +10383,7 @@ CVE-2010-1303 (Multiple cross-site scripting (XSS) vulnerabilities in the Taxono
 CVE-2010-1302 (Directory traversal vulnerability in dwgraphs.php in the DecryptWeb DW ...)
 	NOT-FOR-US: Joomla!
 CVE-2010-1301 (SQL injection vulnerability in main.php in Centreon 2.1.5 allows remot ...)
-	NOT-FOR-US: Centreon
+	NOT-FOR-US: Centreon web UI (not packaged in Debian)
 CVE-2010-1300 (SQL injection vulnerability in index.php in Yamamah (aka Dove Photo Al ...)
 	NOT-FOR-US: Yamamah
 CVE-2010-1299 (Multiple PHP remote file inclusion vulnerabilities in DynPG CMS 4.1.0, ...)
diff --git a/data/CVE/2012.list b/data/CVE/2012.list
index 118219b9bb..e6a6f67e04 100644
--- a/data/CVE/2012.list
+++ b/data/CVE/2012.list
@@ -1941,7 +1941,7 @@ CVE-2012-5969 (Multiple directory traversal vulnerabilities on the Huawei E585 d
 CVE-2012-5968 (The Huawei E585 device does not validate the status of admin sessions, ...)
 	NOT-FOR-US: Huawei device
 CVE-2012-5967 (SQL injection vulnerability in menuXML.php in Centreon 2.3.3 through 2 ...)
-	NOT-FOR-US: Centreon
+	NOT-FOR-US: Centreon web UI (not packaged in Debian)
 CVE-2012-5966 (The restricted telnet shell on the D-Link DSL2730U router allows remot ...)
 	NOT-FOR-US: D-Link DSL2730U router
 CVE-2012-5965 (Stack-based buffer overflow in the unique_service_name function in ssd ...)
diff --git a/data/CVE/2014.list b/data/CVE/2014.list
index 29b4d79655..2c292eaa63 100644
--- a/data/CVE/2014.list
+++ b/data/CVE/2014.list
@@ -16896,9 +16896,9 @@ CVE-2014-3831
 CVE-2014-3830 (Cross-site scripting (XSS) vulnerability in info.php in TomatoCart 1.1 ...)
 	NOT-FOR-US: TomatoCart
 CVE-2014-3829 (displayServiceStatus.php in Centreon 2.5.1 and Centreon Enterprise Ser ...)
-	NOT-FOR-US: Centreon
+	NOT-FOR-US: Centreon web UI (not packaged in Debian)
 CVE-2014-3828 (Multiple SQL injection vulnerabilities in Centreon 2.5.1 and Centreon  ...)
-	NOT-FOR-US: Centreon
+	NOT-FOR-US: Centreon web UI (not packaged in Debian)
 CVE-2014-3827
 	RESERVED
 CVE-2014-3826
diff --git a/data/CVE/2015.list b/data/CVE/2015.list
index a1ccd5d3bc..def73de704 100644
--- a/data/CVE/2015.list
+++ b/data/CVE/2015.list
@@ -5476,7 +5476,7 @@ CVE-2015-7676 (Ipswitch MOVEit File Transfer (formerly DMZ) 8.1 and earlier, whe
 CVE-2015-7675 (The "Send as attachment" feature in Ipswitch MOVEit DMZ before 8.2 and ...)
 	NOT-FOR-US: MOVEit File Transfer web- and mobile application
 CVE-2015-7672 (Cross-site scripting (XSS) vulnerability in Centreon 2.6.1 (fixed in C ...)
-	NOT-FOR-US: Centreon
+	NOT-FOR-US: Centreon web UI (not packaged in Debian)
 CVE-2015-7713 (OpenStack Compute (Nova) before 2014.2.4 (juno) and 2015.1.x before 20 ...)
 	- nova 1:12.0.0-2
 	[jessie] - nova <no-dsa> (Minor issue)
@@ -22526,9 +22526,9 @@ CVE-2015-1564 (Cross-site scripting (XSS) vulnerability in style-underground/sea
 CVE-2015-1562 (Multiple cross-site scripting (XSS) vulnerabilities in Saurus CMS 4.7. ...)
 	NOT-FOR-US: Saurus CMS
 CVE-2015-1561 (The escape_command function in include/Administration/corePerformance/ ...)
-	NOT-FOR-US: Centreon
+	NOT-FOR-US: Centreon web UI (not packaged in Debian)
 CVE-2015-1560 (SQL injection vulnerability in the isUserAdmin function in include/com ...)
-	NOT-FOR-US: Centreon
+	NOT-FOR-US: Centreon web UI (not packaged in Debian)
 CVE-2015-1559 (Multiple cross-site request forgery (CSRF) vulnerabilities in administ ...)
 	NOT-FOR-US: Epignosis eFront
 CVE-2015-1557
diff --git a/data/CVE/2018.list b/data/CVE/2018.list
index 9aa614daa7..c2e86ac25e 100644
--- a/data/CVE/2018.list
+++ b/data/CVE/2018.list
@@ -5039,9 +5039,9 @@ CVE-2018-19314
 CVE-2018-19313
 	RESERVED
 CVE-2018-19312 (Centreon 3.4.x (fixed in Centreon 18.10.0 and Centreon web 2.8.24) all ...)
-	NOT-FOR-US: Centreon
+	NOT-FOR-US: Centreon web UI (not packaged in Debian)
 CVE-2018-19311 (Centreon 3.4.x (fixed in Centreon 18.10.0) allows XSS via the Service  ...)
-	NOT-FOR-US: Centreon
+	NOT-FOR-US: Centreon web UI (not packaged in Debian)
 CVE-2018-19310
 	RESERVED
 CVE-2018-19309
@@ -5105,9 +5105,9 @@ CVE-2018-19283
 CVE-2018-19282 (Rockwell Automation PowerFlex 525 AC Drives 5.001 and earlier allow re ...)
 	NOT-FOR-US: Rockwell Automation
 CVE-2018-19281 (Centreon 3.4.x (fixed in Centreon 18.10.0 and Centreon web 2.8.27) all ...)
-	NOT-FOR-US: Centreon
+	NOT-FOR-US: Centreon web UI (not packaged in Debian)
 CVE-2018-19280 (Centreon 3.4.x (fixed in Centreon 18.10.0) has XSS via the resource na ...)
-	NOT-FOR-US: Centreon
+	NOT-FOR-US: Centreon web UI (not packaged in Debian)
 CVE-2018-19279 (PRIMX ZoneCentral before 6.1.2236 on Windows sometimes leaks the plain ...)
 	NOT-FOR-US: PRIMX ZoneCentral
 CVE-2018-19278 (Buffer overflow in DNS SRV and NAPTR lookups in Digium Asterisk 15.x b ...)
@@ -5130,7 +5130,7 @@ CVE-2018-19273
 CVE-2018-19272
 	RESERVED
 CVE-2018-19271 (Centreon 3.4.x (fixed in Centreon 18.10.0 and Centreon web 2.8.28) all ...)
-	NOT-FOR-US: Centreon
+	NOT-FOR-US: Centreon web UI (not packaged in Debian)
 CVE-2018-19270
 	REJECTED
 CVE-2018-19269
@@ -24926,11 +24926,11 @@ CVE-2018-11591 (Espruino before 1.98 allows attackers to cause a denial of servi
 CVE-2018-11590 (Espruino before 1.99 allows attackers to cause a denial of service (ap ...)
 	NOT-FOR-US: Espruino
 CVE-2018-11589 (Multiple SQL injection vulnerabilities in Centreon 3.4.6 including Cen ...)
-	NOT-FOR-US: Centreon
+	NOT-FOR-US: Centreon web UI (not packaged in Debian)
 CVE-2018-11588 (Centreon 3.4.6 including Centreon Web 2.8.23 is vulnerable to an authe ...)
-	NOT-FOR-US: Centreon
+	NOT-FOR-US: Centreon web UI (not packaged in Debian)
 CVE-2018-11587 (There is Remote Code Execution in Centreon 3.4.6 including Centreon We ...)
-	NOT-FOR-US: Centreon
+	NOT-FOR-US: Centreon web UI (not packaged in Debian)
 CVE-2018-11586 (XML external entity (XXE) vulnerability in api/rest/status in SearchBl ...)
 	NOT-FOR-US: SearchBlox
 CVE-2018-11585
diff --git a/data/CVE/2019.list b/data/CVE/2019.list
index 45e4456bbd..54eec7e422 100644
--- a/data/CVE/2019.list
+++ b/data/CVE/2019.list
@@ -7589,7 +7589,7 @@ CVE-2019-13026 (OXID eShop 6.0.x before 6.0.5 and 6.1.x before 6.1.4 allows SQL
 CVE-2019-13025
 	RESERVED
 CVE-2019-13024 (Centreon 18.x before 18.10.6, 19.x before 19.04.3, and Centreon web be ...)
-	NOT-FOR-US: Centreon
+	NOT-FOR-US: Centreon web UI (not packaged in Debian)
 CVE-2019-13023
 	RESERVED
 CVE-2019-13022
author	Moritz Muehlenhoff <jmm@debian.org>	2019-09-11 14:51:18 +0200
committer	Moritz Muehlenhoff <jmm@debian.org>	2019-09-11 14:51:18 +0200
commit	02bd2b07088f0e209aa6e22ba540f4f550050f9a (patch)
tree	f3362c4c40a236b0c008eefefe16c3f467d7713f /data/CVE
parent	1d585322a750d844b7954c33f39b56c40e7bc037 (diff)