/
vuln.pm
88 lines (88 loc) · 12.1 KB
/
vuln.pm
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
# page, first vulnerable version, last vulnerable version, name, CVE,
# announce date (YYYYMMDD), report to the project date, CWE
#
# List of CWEs => https://cwe.mitre.org/data/definitions/658.html
@vuln = (
"CVE-2018-14618.html|7.15.4|7.61.0|NTLM password overflow via integer overflow|CVE-2018-14618|20180905|20180718|CWE-131: Incorrect Calculation of Buffer Size",
"CVE-2018-0500.html|7.54.1|7.60.0|SMTP send heap buffer overflow|CVE-2018-0500|20180711|20180611|CWE-122: Heap-based Buffer Overflow",
"CVE-2018-1000300.html|7.54.1|7.59.0|FTP shutdown response buffer overflow|CVE-2018-1000300|20180516|20180322|CWE-122: Heap-based Buffer Overflow",
"CVE-2018-1000301.html|7.20.0|7.59.0|RTSP bad headers buffer over-read|CVE-2018-1000301|20180516|20180324|CWE-126: Buffer Over-read",
"CVE-2018-1000122.html|7.20.0|7.58.0|RTSP RTP buffer over-read|CVE-2018-1000122|20180314|20180220|CWE-126: Buffer Over-read",
"CVE-2018-1000121.html|7.21.0|7.58.0|LDAP NULL pointer dereference|CVE-2018-1000121|20180314|20180306|CWE-476: NULL Pointer Dereference",
"CVE-2018-1000120.html|7.12.3|7.58.0|FTP path trickery leads to NIL byte out of bounds write|CVE-2018-1000120|20180314|20180129|CWE-122: Heap-based Buffer Overflow",
"CVE-2018-1000007.html|6.0|7.57.0|HTTP authentication leak in redirects|CVE-2018-1000007|20180124|20180118
|CWE-522: Insufficiently Protected Credentials",
"CVE-2018-1000005.html|7.49.0|7.57.0|HTTP/2 trailer out-of-bounds read|CVE-2018-1000005|20180124|20180110|CWE-126: Buffer Over-read",
"CVE-2017-8818.html|7.56.0|7.56.1|SSL out of buffer access|CVE-2017-8818|20171129|20171118|CWE-125: Out-of-bounds Read",
"CVE-2017-8817.html|7.21.0|7.56.1|FTP wildcard out of bounds read|CVE-2017-8817|20171129|20171110|CWE-126: Buffer Over-read",
"CVE-2017-8816.html|7.36.0|7.56.1|NTLM buffer overflow via integer overflow|CVE-2017-8816|20171129|20171106|CWE-131: Incorrect Calculation of Buffer Size",
"CVE-2017-1000257.html|7.20.0|7.56.0|IMAP FETCH response out of bounds read|CVE-2017-1000257|20171012|20171006|CWE-126: Buffer Over-read",
"CVE-2017-1000254.html|7.7|7.55.1|FTP PWD response parser out of bounds read|CVE-2017-1000254|20171004|20170924|CWE-126: Buffer Over-read",
"CVE-2017-1000101.html|7.34.0|7.54.1|URL globbing out of bounds read|CVE-2017-1000101|20170809|20170614|CWE-126: Buffer Over-read",
"CVE-2017-1000100.html|7.15.0|7.54.1|TFTP sends more than buffer size|CVE-2017-1000100|20170809|20170711|CWE-126: Buffer Over-read",
"CVE-2017-1000099.html|7.54.1|7.54.1|FILE buffer read out of bounds|CVE-2017-1000099|20170809|20170715|CWE-170: Improper Null Termination",
"CVE-2017-9502.html|7.53.0|7.54.0|URL file scheme drive letter buffer overflow|CVE-2017-9502|20170614|20170604|CWE-122: Heap-based Buffer Overflow",
"CVE-2017-7468.html|7.52.0|7.53.1|TLS session resumption client cert bypass (again)|CVE-2017-7468|20170419|20170321|CWE-305: Authentication Bypass by Primary Weakness",
"CVE-2017-7407.html|6.5|7.53.1|--write-out out of buffer read|CVE-2017-7407|20170403|20170310|CWE-126: Buffer Over-read",
"CVE-2017-2629.html|7.52.0|7.52.1|SSL_VERIFYSTATUS ignored|CVE-2017-2629|20170222|20170112|CWE-304: Missing Critical Step in Authentication",
"CVE-2016-9594.html|7.52.0|7.52.0|uninitialized random|CVE-2016-9594|20161223|20161221|CWE-330: Use of Insufficiently Random Values",
"CVE-2016-9586.html|7.1|7.51.0|printf floating point buffer overflow|CVE-2016-9586|20161221|20161108|CWE-121: Stack-based Buffer Overflow",
"CVE-2016-9952.html|7.30.0|7.51.0|Win CE schannel cert wildcard matches too much|CVE-2016-9952|20161221|20161129|CWE-295: Improper Certificate Validation",
"CVE-2016-9953.html|7.30.0|7.51.0|Win CE schannel cert name out of buffer read|CVE-2016-9953|20161221|20161129|CWE-126: Buffer Over-read",
"CVE-2016-8615.html|7.1|7.50.3|cookie injection for other servers|CVE-2016-8615|20161102|20160923|CWE-187: Partial Comparison",
"CVE-2016-8616.html|7.7|7.50.3|case insensitive password comparison|CVE-2016-8616|20161102|20160923|CWE-178: Improper Handling of Case Sensitivity",
"CVE-2016-8617.html|7.1|7.50.3|OOB write via unchecked multiplication|CVE-2016-8617|20161102|20160923|CWE-131: Incorrect Calculation of Buffer Size",
"CVE-2016-8618.html|7.1|7.50.3|double-free in curl_maprintf|CVE-2016-8618|20161102|20160923|CWE-415: Double Free",
"CVE-2016-8619.html|7.3|7.50.3|double-free in krb5 code|CVE-2016-8619|20161102|20160923|CWE-415: Double Free",
"CVE-2016-8620.html|7.34.0|7.50.3|glob parser write/read out of bounds|CVE-2016-8620|20161102|20161002|CWE-122: Heap-based Buffer Overflow",
"CVE-2016-8621.html|7.12.2|7.50.3|curl_getdate read out of bounds|CVE-2016-8621|20161102|20161003|CWE-126: Buffer Over-read",
"CVE-2016-8622.html|7.24.0|7.50.3|URL unescape heap overflow via integer truncation|CVE-2016-8622|20161102|20160923|CWE-122: Heap-based Buffer Overflow",
"CVE-2016-8623.html|7.10.7|7.50.3|Use-after-free via shared cookies|CVE-2016-8623|20161102|20160923|CWE-416: Use After Free",
"CVE-2016-8624.html|7.1|7.50.3|invalid URL parsing with '#'|CVE-2016-8624|20161102|20161010|CWE-172: Encoding Error",
"CVE-2016-8625.html|7.12.0|7.50.3|IDNA 2003 makes curl use wrong host|CVE-2016-8625|20161102|20161011|CWE-838: Inappropriate Encoding for Output Context",
"CVE-2016-7167.html|7.11.1|7.50.2|curl escape and unescape integer overflows|CVE-2016-7167|20160914|20160908|CWE-131: Incorrect Calculation of Buffer Size",
"CVE-2016-7141.html|7.19.6|7.50.1|Incorrect reuse of client certificates|CVE-2016-7141|20160907|20160822|CWE-305: Authentication Bypass by Primary Weakness",
"CVE-2016-5419.html|7.1|7.50.0|TLS session resumption client cert bypass|CVE-2016-5419|20160803|20160415|CWE-305: Authentication Bypass by Primary Weakness",
"CVE-2016-5420.html|7.1|7.50.0|Re-using connections with wrong client cert|CVE-2016-5420|20160803|20160615|CWE-305: Authentication Bypass by Primary Weakness",
"CVE-2016-5421.html|7.32.0|7.50.0|use of connection struct after free|CVE-2016-5421|20160803|20160703|CWE-416: Use After Free",
"CVE-2016-4802.html|7.11.1|7.49.0|Windows DLL hijacking|CVE-2016-4802|20160530|20160507|CWE-94: Improper Control of Generation of Code ('Code Injection')",
"CVE-2016-3739.html|7.21.0|7.48.0|TLS certificate check bypass with mbedTLS/PolarSSL|CVE-2016-3739|20160518|20160421|CWE-297: Improper Validation of Certificate with Host Mismatch",
"CVE-2016-0754.html|7.20.0|7.46.0|remote file name path traversal in curl tool for Windows|CVE-2016-0754|20160127|20151130|CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
"CVE-2016-0755.html|7.10.7|7.46.0|NTLM credentials not-checked for proxy connection re-use|CVE-2016-0755|20160127|20160113|CWE-305: Authentication Bypass by Primary Weakness",
"CVE-2015-3237.html|7.40.0|7.42.1|SMB send off unrelated memory contents|CVE-2015-3237|20150617|20150522|CWE-126: Buffer Over-read",
"CVE-2015-3236.html|7.40.0|7.42.1|lingering HTTP credentials in connection re-use|CVE-2015-3236|20150617|20150519|CWE-305: Authentication Bypass by Primary Weakness",
"CVE-2015-3153.html|7.1|7.42.0|sensitive HTTP server headers also sent to proxies|CVE-2015-3153|20150429|20150312|CWE-201: Information Exposure Through Sent Data",
"CVE-2015-3144.html|7.37.0|7.41.0|host name out of boundary memory access|CVE-2015-3144|20150422|20150416|CWE-124: Buffer Underwrite ('Buffer Underflow')",
"CVE-2015-3145.html|7.31.0|7.41.0|cookie parser out of boundary memory access|CVE-2015-3145|20150422|20150416|CWE-124: Buffer Underwrite ('Buffer Underflow')",
"CVE-2015-3148.html|7.10.6|7.41.0|Negotiate not treated as connection-oriented|CVE-2015-3148|20150422|20150331|CWE-305: Authentication Bypass by Primary Weakness",
"CVE-2015-3143.html|7.10.6|7.41.0|Re-using authenticated connection when unauthenticated|CVE-2015-3143|20150422|20150224|CWE-305: Authentication Bypass by Primary Weakness",
"CVE-2014-8151.html|7.31.0|7.39.0|darwinssl certificate check bypass|CVE-2014-8151|20150108|20141126|CWE-297: Improper Validation of Certificate with Host Mismatch",
"CVE-2014-8150.html|6.0|7.39.0|URL request injection|CVE-2014-8150|20150108|20141225|CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')",
"CVE-2014-3707.html|7.17.1|7.38.0|duphandle read out of bounds|CVE-2014-3707|20141105|20140916|CWE-126: Buffer Over-read",
"CVE-2014-3620.html|7.31.0|7.37.1|cookie leak for TLDs|CVE-2014-3620|20140910|20140815|CWE-201: Information Exposure Through Sent Data",
"CVE-2014-3613.html|7.1|7.37.1|cookie leak with IP address as domain|CVE-2014-3613|20140910|20140815|CWE-201: Information Exposure Through Sent Data",
"CVE-2014-2522.html|7.26.0|7.35.0|not verifying certs for TLS to IP address / Winssl|CVE-2014-2522|20140326|20140227|CWE-297: Improper Validation of Certificate with Host Mismatch",
"CVE-2014-1263.html|7.26.0|7.35.0|not verifying certs for TLS to IP address / Darwinssl|CVE-2014-1263|20140326|20140227|CWE-297: Improper Validation of Certificate with Host Mismatch",
"CVE-2014-0139.html|7.1|7.35.0|IP address wildcard certificate validation|CVE-2014-0139|20140326|20140222|CWE-297: Improper Validation of Certificate with Host Mismatch",
"CVE-2014-0138.html|7.10.7|7.35.0|wrong re-use of connections|CVE-2014-0138|20140326|20140215|CWE-305: Authentication Bypass by Primary Weakness",
"CVE-2014-0015.html|7.10.6|7.34.0|re-use of wrong HTTP NTLM connection|CVE-2014-0015|20140129|20140107|CWE-305: Authentication Bypass by Primary Weakness",
"CVE-2013-6422.html|7.21.4|7.33.0|cert name check ignore GnuTLS|CVE-2013-6422|20131217|20131129|CWE-297: Improper Validation of Certificate with Host Mismatch",
"CVE-2013-4545.html|7.18.0|7.32.0|cert name check ignore OpenSSL|CVE-2013-4545|20131115|20131106|CWE-297: Improper Validation of Certificate with Host Mismatch",
"CVE-2013-2174.html|7.7|7.30.0|URL decode buffer boundary flaw|CVE-2013-2174|20130622|20130519|CWE-126: Buffer Over-read",
"CVE-2013-1944.html|6.0|7.29.0|cookie domain tailmatch|CVE-2013-1944|20130412|20130409|CWE-201: Information Exposure Through Sent Data",
"CVE-2013-0249.html|7.26.0|7.28.1|SASL buffer overflow|CVE-2013-0249|20130206|20130130|CWE-121: Stack-based Buffer Overflow",
"CVE-2011-3389.html|7.10.6|7.23.1|SSL CBC IV vulnerability|CVE-2011-3389|20120124|20120119|CWE-924: Improper Enforcement of Message Integrity",
"CVE-2012-0036.html|7.20.0|7.23.1|URL sanitization vulnerability|CVE-2012-0036|20120124|20111222|CWE-93: Improper Neutralization of CRLF Sequences ('CRLF Injection')",
"CVE-2011-2192.html|7.10.6|7.21.6|inappropriate GSSAPI delegation|CVE-2011-2192|20110623|20110606|CWE-281: Improper Preservation of Permissions",
"CVE-2010-3842.html|7.20.0|7.21.1|local file overwrite|CVE-2010-3842|20101013|20100903|CWE-30: Path Traversal",
"CVE-2010-0734.html|7.10.5|7.19.7|data callback excessive length|CVE-2010-0734|20100209|20100109|CWE-628: Function Call with Incorrectly Specified Arguments",
"CVE-2009-2417.html|7.4|7.19.5|embedded zero in cert name|CVE-2009-2417|20090812|20090730|CWE-170: Improper Null Termination",
"CVE-2009-0037.html|6.0|7.19.3|Arbitrary File Access|CVE-2009-0037|20090303|20090206|CWE-142: Improper Neutralization of Value Delimiters",
"CVE-2007-3564.html|7.14.0|7.16.3|GnuTLS insufficient cert verification|CVE-2007-3564|20070710|20070627|CWE-298: Improper Validation of Certificate Expiration",
"CVE-2006-1061.html|7.15.0|7.15.2|TFTP Packet Buffer Overflow|CVE-2006-1061|20060320|20060310|CWE-122: Heap-based Buffer Overflow",
"CVE-2005-4077.html|7.11.2|7.15.0|URL Buffer Overflow|CVE-2005-4077|20051207|20051129|CWE-122: Heap-based Buffer Overflow",
"CVE-2005-3185.html|7.10.6|7.14.1|NTLM Buffer Overflow|CVE-2005-3185|20051013|20051012|CWE-121: Stack-based Buffer Overflow",
"CVE-2005-0490.html|7.3|7.13.0|Authentication Buffer Overflows|CVE-2005-0490|20050221|-|CWE-121: Stack-based Buffer Overflow",
"CVE-2003-1605.html|7.1|7.10.6|Proxy Authentication Header Information Leakage|CVE-2003-1605|20030803|-|CWE-201: Information Exposure Through Sent Data",
"CVE-2000-0973.html|6.0|7.4|FTP Server Response Buffer Overflow|CVE-2000-0973|20001013|-|CWE-121: Stack-based Buffer Overflow",
);