dtsa adapted to new DTSA templates

Ported over data from kismet DTSA to the new format


git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@1698 e39458fd-73e7-0310-bf30-c45bca0a0e42

2 files changed, 38 insertions, 0 deletions

diff --git a/data/DTSA/advs/0-hotzenplotz.adv b/data/DTSA/advs/0-hotzenplotz.adv
new file mode 100644
index 0000000000..a821992d91
--- /dev/null
+++ b/data/DTSA/advs/0-hotzenplotz.adv
@@ -0,0 +1,15 @@
+dtsa: DTSA-0-1
+source: hotzenplotz
+date: 2005-11-12
+author: Wachtmeister Dimpfelmoser
+vuln-type: buffer overflows
+problem-scope: remote
+debian-specifc: 
+cve: CAN-1978-0019
+vendor-advisory: http://www.hotzenplotz.org/sec/buffer-overflow.html
+testing-fix: 3.14-1ts1
+sid-fix: 3.14-2
+
+User authentication in hotzenplotz does not verify the user name properly.
+A buffer overflow can be exploited to execute arbitrary code with elevated
+privileges.
diff --git a/data/DTSA/advs/1-kismet.adv b/data/DTSA/advs/1-kismet.adv
new file mode 100644
index 0000000000..24691ef93d
--- /dev/null
+++ b/data/DTSA/advs/1-kismet.adv
@@ -0,0 +1,23 @@
+dtsa: DTSA-1-1
+source: kismet
+date: August 26th, 2005
+author: Joey Hess
+vuln-type: various
+problem-scope: remote
+debian-specific: no
+cve: CAN-2005-2626 CAN-2005-2627
+testing-fix: 2005.08.R1-0.1etch1
+sid-fix: 2005.08.R1-1
+
+Multiple security holes have been discovered in kismet:
+
+  CAN-2005-2627
+
+  Multiple integer underflows in Kismet allow remote attackers to execute
+  arbitrary code via (1) kernel headers in a pcap file or (2) data frame
+  dissection, which leads to heap-based buffer overflows.
+
+  CAN-2005-2626
+
+  Unspecified vulnerability in Kismet allows remote attackers to have an
+  unknown impact via unprintable characters in the SSID.