Skip to content
Commits on Source (2)
Show whitespace changes
Inline Side-by-side
data/CVE/list
View file @ dfd15f50
......@@ -171326,23 +171326,26 @@ CVE-2014-3771 (TeamPass before 2.1.20 allows remote attackers to bypass access .
- teampass <itp> (bug #730180)
NOTE: https://github.com/nilsteampassnet/TeamPass/commit/fd549b245c0f639a8d47bf4f74f92c37c053706f
CVE-2014-4703 (lib/parse_ini.c in Nagios Plugins 2.0.2 allows local users to obtain ...)
- nagios-plugins <removed> (unimportant)
- nagios-plugins <not-affected> (incomplete fix for CVE-2014-4701 not applied)
NOTE: check_dhcp is not installed with root suid permissions in Debian
NOTE: http://seclists.org/fulldisclosure/2014/Jun/141
- monitoring-plugins <undetermined> (unimportant)
[jessie] - monitoring-plugins <no-dsa> (Minor issue, setuid bit not set by default.)
NOTE: Introduced due to incomplete fix for CVE-2014-4701 in 2.0.2.
- monitoring-plugins <not-affected> (Vulnerable code not present, fix for CVE-2014-4701 adressed differently directly by dropping privileges)
CVE-2014-4702 (The check_icmp plugin in Nagios Plugins before 2.0.2 allows local ...)
- nagios-plugins <removed> (unimportant)
NOTE: http://seclists.org/fulldisclosure/2014/May/74
NOTE: Fixed in nagios-plugins 2.0.2
NOTE: check_imcp is not installed with root suid permissions in Debian
- monitoring-plugins <undetermined> (unimportant)
[jessie] - monitoring-plugins <no-dsa> (Minor issue, setuid bit not set by default.)
- monitoring-plugins <not-affected> (Fixed with initial upload to Debian)
NOTE: https://github.com/monitoring-plugins/monitoring-plugins/commit/48025ff39c3a78b7805bf803ac96730cef53e15c
CVE-2014-4701 (The check_dhcp plugin in Nagios Plugins before 2.0.2 allows local ...)
- nagios-plugins <removed> (unimportant)
NOTE: check_dhcp is not installed with root suid permissions in Debian
NOTE: http://seclists.org/fulldisclosure/2014/May/74
- monitoring-plugins <undetermined> (unimportant)
[jessie] - monitoring-plugins <no-dsa> (Minor issue, setuid bit not set by default.)
NOTE: fixed in nagios-plugins 2.0.2 (but needs to be made complete to not open
NOTE: CVE-2014-4703) and thus include the fix from 2.0.3 upstream.
- monitoring-plugins <not-affected> (Fixed with initial upload to Debian)
NOTE: https://github.com/monitoring-plugins/monitoring-plugins/commit/48025ff39c3a78b7805bf803ac96730cef53e15c
CVE-2014-3776 (Buffer overflow in the &quot;read-u8vector!&quot; procedure in the srfi-4 unit ...)
- chicken 4.9.0-1 (bug #748904)
[squeeze] - chicken <no-dsa> (Minor issue)