CVE-2013-7172
https://notcve.org/view.php?id=CVE-2013-7172
Slackware 13.1, 13.37, 14.0 and 14.1 contain world-writable permissions on the iodbctest and iodbctestw programs within the libiodbc package, which could allow local users to use RPATH information to execute arbitrary code with root privileges. Slackware versiones 13.1, 13.37, 14.0 y 14.1, contienen permisos de tipo world-writable en los programas iodbctest y iodbctestw dentro del paquete libiodbc, lo que podría permitir a usuarios locales usar información de RPATH para ejecutar código arbitrario con privilegios root. • http://www.openwall.com/lists/oss-security/2013/12/20/1 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7172 https://exchange.xforce.ibmcloud.com/vulnerabilities/89916 https://security-tracker.debian.org/tracker/CVE-2013-7172 • CWE-20: Improper Input Validation •
CVE-2013-7171
https://notcve.org/view.php?id=CVE-2013-7171
Slackware 14.0 and 14.1, and Slackware LLVM 3.0-i486-2 and 3.3-i486-2, contain world-writable permissions on the /tmp directory which could allow remote attackers to execute arbitrary code with root privileges. Slackware versiones 14.0 y 14.1, y Slackware LLVM versiones 3.0-i486-2 y 3.3-i486-2, contienen permisos de tipo world-writable en el directorio /tmp que podrían permitir a atacantes remotos ejecutar código arbitrario con privilegios de root. • http://www.openwall.com/lists/oss-security/2013/12/20/1 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7171 https://exchange.xforce.ibmcloud.com/vulnerabilities/89915 https://security-tracker.debian.org/tracker/CVE-2013-7171 • CWE-20: Improper Input Validation •
CVE-2019-11135 – hw: TSX Transaction Asynchronous Abort (TAA)
https://notcve.org/view.php?id=CVE-2019-11135
TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. Una condición de tipo TSX Asynchronous Abort en algunas CPU que utilizan ejecución especulativa puede habilitar a un usuario autenticado para permitir potencialmente una divulgación de información por medio de un canal lateral con acceso local. A flaw was found in the way Intel CPUs handle speculative execution of instructions when the TSX Asynchronous Abort (TAA) error occurs. A local authenticated attacker with the ability to monitor execution times could infer the TSX memory state by comparing abort execution times. This could allow information disclosure via this observed side-channel for any TSX transaction being executed while an attacker is able to observe abort timing. Intel's Transactional Synchronisation Extensions (TSX) are set of instructions which enable transactional memory support to improve performance of the multi-threaded applications, in the lock-protected critical sections. • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00045.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00046.html http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00042.html http://packetstormsecurity.com/files/155375/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html http://www.openwall.com/lists/oss-security/2019/12/10/3 http://www.openwall.com/lists/oss-security/2019/12/10/4 http://www.openwall.com/lists/oss-security/2019/12 • CWE-203: Observable Discrepancy •
CVE-2018-9336
https://notcve.org/view.php?id=CVE-2018-9336
openvpnserv.exe (aka the interactive service helper) in OpenVPN 2.4.x before 2.4.6 allows a local attacker to cause a double-free of memory by sending a malformed request to the interactive service. This could cause a denial-of-service through memory corruption or possibly have unspecified other impact including privilege escalation. openvpnserv.exe (también conocido como interactive service helper) en OpenVPN en versiones 2.4.x anteriores a la 2.4.6 permite que un atacante local provoque una doble liberación (double free) de memoria enviando una petición mal formada al servicio interactivo. Esto podría provocar una denegación de servicio (DoS) al corromper la memoria o, posiblemente, otro impacto no especificado, incluyendo el escalado de privilegios. • http://www.slackware.com/security/viewer.php?l=slackware-security&y=2018&m=slackware-security.568761 https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn24 https://github.com/OpenVPN/openvpn/commit/1394192b210cb3c6624a7419bcf3ff966742e79b https://github.com/OpenVPN/openvpn/releases/tag/v2.4.6 https://www.tenable.com/security/research/tra-2018-09 • CWE-415: Double Free •
CVE-2018-7184
https://notcve.org/view.php?id=CVE-2018-7184
ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating the "received" timestamp, which allows remote attackers to cause a denial of service (disruption) by sending a packet with a zero-origin timestamp causing the association to reset and setting the contents of the packet as the most recent timestamp. This issue is a result of an incomplete fix for CVE-2015-7704. ntpd en ntp, en versiones 4.2.8p4 anteriores a la 4.2.8p11, envía paquetes malos antes de actualizar la marca de tiempo "received". Esto permite que atacantes remotos provoquen una denegación de servicio (interrupción) mediante el envío de un paquete con una marca de tiempo zero-origin que provoca que la asociación se restablezca y establezca el contenido del paquete como la marca de tiempo más reciente. Este problema es el resultado de una solución incompleta para CVE-2015-7704. • http://packetstormsecurity.com/files/146631/Slackware-Security-Advisory-ntp-Updates.html http://support.ntp.org/bin/view/Main/NtpBug3453 http://www.securityfocus.com/archive/1/541824/100/0/threaded http://www.securityfocus.com/bid/103192 https://security.FreeBSD.org/advisories/FreeBSD-SA-18:02.ntp.asc https://security.gentoo.org/glsa/201805-12 https://security.netapp.com/advisory/ntap-20180626-0001 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en •