CVE-2023-44487 – HTTP/2 Rapid Reset Attack Vulnerability
https://notcve.org/view.php?id=CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. El protocolo HTTP/2 permite una denegación de servicio (consumo de recursos del servidor) porque la cancelación de solicitudes puede restablecer muchas transmisiones rápidamente, como se explotó en la naturaleza entre agosto y octubre de 2023. A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. • https://github.com/imabee101/CVE-2023-44487 https://github.com/studiogangster/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/sigridou/CVE-2023-44487- https://github.com/ByteHackr/CVE-2023-44487 https://github.com/ReToCode/golang-CVE-2023-44487 http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www. • CWE-400: Uncontrolled Resource Consumption •
CVE-2009-0244 – HTC / Android OBEX FTP Service Directory Traversal
https://notcve.org/view.php?id=CVE-2009-0244
Directory traversal vulnerability in the OBEX FTP Service in the Microsoft Bluetooth stack in Windows Mobile 6 Professional, and probably Windows Mobile 5.0 for Pocket PC and 5.0 for Pocket PC Phone Edition, allows remote authenticated users to list arbitrary directories, and create or read arbitrary files, via a .. (dot dot) in a pathname. NOTE: this can be leveraged for code execution by writing to a Startup folder. Vulnerabilidad de salto de directorio en el Servicio OBEX FTP en la pila de Microsoft Bluetooth en Windows Mobile 6 Professional, y probablemente Windows Mobile 5.0 para Pocket PC y 5.0 para Pocket PC Phone Edition, permite a usuarios remotamente autentificados listar directorios de su elección y crear o leer archivos de su elección mediante .. (punto punto) en un nombre de ruta. • http://secunia.com/advisories/33598 http://securityreason.com/securityalert/4938 http://www.securityfocus.com/archive/1/500199/100/0/threaded http://www.securityfocus.com/bid/33359 http://www.seguridadmobile.com/windows-mobile/windows-mobile-security/Microsoft-Bluetooth-Stack-Directory-Traversal.html https://exchange.xforce.ibmcloud.com/vulnerabilities/48124 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2007-5460
https://notcve.org/view.php?id=CVE-2007-5460
Microsoft ActiveSync 4.1, as used in Windows Mobile 5.0, uses weak encryption (XOR obfuscation with a fixed key) when sending the user's PIN/Password over the USB connection from the host to the device, which might make it easier for attackers to decode a PIN/Password obtained by (1) sniffing or (2) spoofing the docking process. Microsoft ActiveSync versión 4.1, como es usado en Windows Mobile versión 5.0, utiliza un cifrado débil (ofuscación XOR con una clave fija) cuando se envía el PIN y Contraseña del usuario por medio de la conexión USB desde el host hacia el dispositivo, lo que podría facilitar a atacantes decodificar un PIN y Contraseña obtenida al (1) espiar o (2) falsificar el proceso de acoplamiento. • http://osvdb.org/38499 http://securityreason.com/securityalert/3232 http://www.securityfocus.com/archive/1/482299/100/0/threaded http://www.securityfocus.com/bid/25976 https://exchange.xforce.ibmcloud.com/vulnerabilities/37223 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVE-2007-3362
https://notcve.org/view.php?id=CVE-2007-3362
ageet AGEphone before 1.6.2, running on Windows Mobile 5 on the HTC HyTN Pocket PC device, allows remote attackers to (1) cause a denial of service (call disruption and device hang) via a SIP message with a malformed header and (2) cause a denial of service (call disruption, false ring indication, and device outage) via a SIP message with a malformed SDP delimiter. ageet AGEphone versiones anteriores a 1.6.2, corriendo en Windows Mobile 5 en dispositivo HTC HyTN Pocket PC, permite a atacantes remotos (1) provocar una denegación de servicio (interrupción de llamada y cuelgue de dispositivo) mediante un mensaje SIP con cabecera malformada y (2) provocar una denegación de servicio (interrupción de llamada, indicación de llamada falsa, y apagado de dispositivo) mediante un menaje SIP con delimitador SDP malformado. • http://osvdb.org/37729 http://secunia.com/advisories/25781 http://www.ageet.com/us/agephone/help/index.htm#vers http://www.securityfocus.com/bid/24540 http://www.securityfocus.com/bid/24543 http://www.sipera.com/index.php?action=resources%2Cthreat_advisory&tid=214& http://www.sipera.com/index.php?action=resources%2Cthreat_advisory&tid=215& https://exchange.xforce.ibmcloud.com/vulnerabilities/35067 •
CVE-2007-0878
https://notcve.org/view.php?id=CVE-2007-0878
Unspecified vulnerability in Microsoft Internet Explorer on Windows Mobile 5.0 allows remote attackers to cause a denial of service (loss of browser and other device functionality) via a malformed WML page, related to an "overflow state." NOTE: it is possible that this issue is related to CVE-2007-0685. Vulnerabilidad no especificada en Microsoft Internet Explorer en Windows Mobile 5.0 permite a atacantes remotos provocar una denegación de servicio (pérdida del navegador y otras funcionalidades del dispositivo) mediante una página WML mal formada, relacionado con un "estado de desbordamiento". NOTA: es posible que este problema esté relacionado con CVE-2007-0685. • http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052293.html http://osvdb.org/32629 http://www.securityfocus.com/archive/1/459571/100/0/threaded http://www.securityfocus.com/archive/1/459584/100/0/threaded http://www.securityfocus.com/archive/1/459591/100/0/threaded http://www.securityfocus.com/bid/22500 https://exchange.xforce.ibmcloud.com/vulnerabilities/32394 •