summaryrefslogtreecommitdiffstats
path: root/data/CVE/list.2019
diff options
context:
space:
mode:
authorSalvatore Bonaccorso <carnil@debian.org>2021-09-05 08:40:22 +0200
committerSalvatore Bonaccorso <carnil@debian.org>2021-09-05 08:40:22 +0200
commit85652660ffd9ea43faec722a28f1aaec828acd6e (patch)
treea252d7f491eef1413c3de00a7fa8ae7020bada81 /data/CVE/list.2019
parentf466095497d0afec357d7d80f94dd067eb37beac (diff)
Add noe for CVE-2019-0053/inetutils
There was a followup fix for inetutils not directly covered by the CVE which fixed a following infitinte loop causing stack exhaustion, as noted by Adrian Bunk. Link: https://bugs.debian.org/945861#30
Diffstat (limited to 'data/CVE/list.2019')
-rw-r--r--data/CVE/list.20193
1 files changed, 3 insertions, 0 deletions
diff --git a/data/CVE/list.2019 b/data/CVE/list.2019
index c01584dab5..1709087252 100644
--- a/data/CVE/list.2019
+++ b/data/CVE/list.2019
@@ -53762,6 +53762,9 @@ CVE-2019-0053 (Insufficient validation of environment variables in the telnet cl
NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-19:12.telnet.asc
NOTE: https://raw.githubusercontent.com/hackerhouse-opensource/exploits/master/inetutils-telnet.txt
NOTE: https://www.openwall.com/lists/oss-security/2018/12/14/8
+ NOTE: Additional patch to fix infinite loop causing stack exhaustion (but not
+ NOTE: directly covered by this CVE applied in inetutils/2:2.2-2):
+ NOTE: https://git.hadrons.org/cgit/debian/pkgs/inetutils.git/diff/?id=0d246b17e51060daac8a26848a8d9e5722fcca24
CVE-2019-0052 (The srxpfe process may crash on SRX Series services gateways when the ...)
NOT-FOR-US: Juniper
CVE-2019-0051 (SSL-Proxy feature on SRX devices fails to handle a hardware resource l ...)

© 2014-2024 Faster IT GmbH | imprint | privacy policy