CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2019-15523
https://notcve.org/view.php?id=CVE-2019-15523
An issue was discovered in LINBIT csync2 through 2.0. It does not correctly check for the return value GNUTLS_E_WARNING_ALERT_RECEIVED of the gnutls_handshake() function. It neglects to call this function again, as required by the design of the API. Se detectó un problema en LINBIT csync 2 versiones hasta 2.0. No comprueba correctamente el valor de retorno GNUTLS_E_WARNING_ALERT_RECEIVED de la función gnutls_handshake(). • https://github.com/LINBIT/csync2/pull/13/commits/92742544a56bcbcd9ec99ca15f898b31797e39e2 https://lists.debian.org/debian-lts-announce/2021/01/msg00003.html • CWE-252: Unchecked Return Value •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-15522
https://notcve.org/view.php?id=CVE-2019-15522
An issue was discovered in LINBIT csync2 through 2.0. csync_daemon_session in daemon.c neglects to force a failure of a hello command when the configuration requires use of SSL. Se detectó un problema en LINBIT csync2 versiones hasta 2.0. La función csync_daemon_session en el archivo daemon.c olvida forzar un fallo de un comando hello cuando la configuración requiere un uso de SSL. • https://github.com/LINBIT/csync2/commit/416f1de878ef97e27e27508914f7ba8599a0be22 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2010-0747
https://notcve.org/view.php?id=CVE-2010-0747
drbd8 allows local users to bypass intended restrictions for certain actions via netlink packets, similar to CVE-2009-3725. drbd8 permite a usuarios locales omitir las restricciones previstas para determinadas acciones por medio de paquetes de netlink, similar a CVE-2009-3725. • https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=573531 https://security-tracker.debian.org/tracker/CVE-2010-0747 https://www.debian.org/security/2010/dsa-2015 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 4CVE-2004-1878 – LinBit Technologies LINBOX Officeserver - Remote Authentication Bypass
https://notcve.org/view.php?id=CVE-2004-1878
LINBOX LIN:BOX allows remote attackers to bypass authentication, obtain sensitive information, or gain access via a direct request to admin/user.pl preceded by // (double leading slash). • https://www.exploit-db.com/exploits/23897 http://marc.info/?l=bugtraq&m=108067245401673&w=2 http://secunia.com/advisories/11264 http://www.securityfocus.com/bid/10010 http://www.websec.org/adv/linbit.txt.html https://exchange.xforce.ibmcloud.com/vulnerabilities/15677 •