Page 10 of 125 results (0.020 seconds)

CVSS: 5.0EPSS: 97%CPEs: 147EXPL: 1

CVE-2014-3566 – SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack

https://notcve.org/view.php?id=CVE-2014-3566

The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. El protocolo SSL 3.0, utilizado en OpenSSL hasta 1.0.1i y otros productos, utiliza relleno (padding) CBC no determinístico, lo que facilita a los atacantes man-in-the-middle obtener datos de texto plano a través de un ataque de relleno (padding) oracle, también conocido como el problema "POODLE". A flaw was found in the way SSL 3.0 handled padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. This flaw allows a man-in-the-middle (MITM) attacker to decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. • https://github.com/mikesplain/CVE-2014-3566-poodle-cookbook ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc http://advisories.mageia.org/MGASA-2014-0416.html http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html http://askubuntu.com/questions/537196/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566 http& • CWE-310: Cryptographic Issues CWE-757: Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') •

CVSS: 7.5EPSS: 2%CPEs: 8EXPL: 1

CVE-2014-6394

https://notcve.org/view.php?id=CVE-2014-6394

visionmedia send before 0.8.4 for Node.js uses a partial comparison for verifying whether a directory is within the document root, which allows remote attackers to access restricted directories, as demonstrated using "public-restricted" under a "public" directory. visionmedia send anterior a 0.8.4 para Node.js utiliza una comparación parcial para verificar si un directorio está dentro del root del documento, lo que permite a atacantes remotos acceder a directorios restringidos, tal y como fue demostrado mediante el uso de 'público restringido' bajo un directorio 'publico'. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139938.html http://lists.fedoraproject.org/pipermail/package-announce/2014-October/140020.html http://lists.fedoraproject.org/pipermail/package-announce/2014-September/139415.html http://secunia.com/advisories/62170 http://www-01.ibm.com/support/docview.wss?uid=swg21687263 http://www.openwall.com/lists/oss-security/2014/09/24/1 http://www.openwall.com • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 5.0EPSS: 1%CPEs: 207EXPL: 0

CVE-2014-1572

https://notcve.org/view.php?id=CVE-2014-1572

The confirm_create_account function in the account-creation feature in token.cgi in Bugzilla 2.x through 4.0.x before 4.0.15, 4.1.x and 4.2.x before 4.2.11, 4.3.x and 4.4.x before 4.4.6, and 4.5.x before 4.5.6 does not specify a scalar context for the realname parameter, which allows remote attackers to create accounts with unverified e-mail addresses by sending three realname values with realname=login_name as the second, as demonstrated by selecting an e-mail address with a domain name for which group privileges are automatically granted. La función confirm_create_account en la caracteristica account-creation en token.cgi en Bugzilla 2.x hasta 4.0.x anterior a 4.0.15, 4.1.x y 4.2.x anterior a 4.2.11, 4.3.x y 4.4.x anterior a 4.4.6, y 4.5.x anterior a 4.5.6 no especifica un contexto escalar para el parámetro realname, lo que permite a atacantes remotos crear cuentas con direcciones de e-mail no verificadas mediante el envío de tres valores realname con realname=login_name como el segundo, tal y como fue demostrado mediante la selección de una dirección de e-mail con un nombre de dominio para el cual privilegios de grupo se ceden automáticamente. • http://advisories.mageia.org/MGASA-2014-0412.html http://blog.gerv.net/2014/10/new-class-of-vulnerability-in-perl-web-applications http://lists.fedoraproject.org/pipermail/package-announce/2014-November/142524.html http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141309.html http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141321.html http://openwall.com/lists/oss-security/2014/10/07/20 http://packetstormsecurity.com/files/128578/Bugzilla-Account-Creation-XSS-I • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 4.0EPSS: 0%CPEs: 207EXPL: 0

CVE-2014-1571

https://notcve.org/view.php?id=CVE-2014-1571

Bugzilla 2.x through 4.0.x before 4.0.15, 4.1.x and 4.2.x before 4.2.11, 4.3.x and 4.4.x before 4.4.6, and 4.5.x before 4.5.6 allows remote authenticated users to obtain sensitive private-comment information by leveraging a role as a flag recipient, related to Bug.pm, Flag.pm, and a mail template. Bugzilla 2.x hasta 4.0.x anterior a 4.0.15, 4.1.x y 4.2.x anterior a 4.2.11, 4.3.x y 4.4.x anterior a 4.4.6, y 4.5.x anterior a 4.5.6 permite a usuarios remotos autenticados obtener información sensible de comentarios privados mediante el aprovechamiento de un rol como un recipiente de indicadores, relacionado con Bug.pm, Flag.pm, y una plantilla de correo. • http://advisories.mageia.org/MGASA-2014-0412.html http://lists.fedoraproject.org/pipermail/package-announce/2014-November/142524.html http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141309.html http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141321.html http://packetstormsecurity.com/files/128578/Bugzilla-Account-Creation-XSS-Information-Leak.html http://www.bugzilla.org/security/4.0.14 http://www.mandriva.com/security/advisories?name=MDVSA-2014:200 http://www&# • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.3EPSS: 0%CPEs: 207EXPL: 0

CVE-2014-1573

https://notcve.org/view.php?id=CVE-2014-1573

Bugzilla 2.x through 4.0.x before 4.0.15, 4.1.x and 4.2.x before 4.2.11, 4.3.x and 4.4.x before 4.4.6, and 4.5.x before 4.5.6 does not ensure that a scalar context is used for certain CGI parameters, which allows remote attackers to conduct cross-site scripting (XSS) attacks by sending three values for a single parameter name. Bugzilla 2.x hasta 4.0.x anterior a 4.0.15, 4.1.x y 4.2.x anterior a 4.2.11, 4.3.x y 4.4.x anterior a 4.4.6, y 4.5.x anterior a 4.5.6 no asegura que se utilice un contexto escalar para ciertos parámetro CGI, lo que permite a atacantes remotos realizar ataques de XSS mediante el envío de tres valores para un único nombre de parámetro. • http://advisories.mageia.org/MGASA-2014-0412.html http://blog.gerv.net/2014/10/new-class-of-vulnerability-in-perl-web-applications http://lists.fedoraproject.org/pipermail/package-announce/2014-November/142524.html http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141309.html http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141321.html http://openwall.com/lists/oss-security/2014/10/07/20 http://packetstormsecurity.com/files/128578/Bugzilla-Account-Creation-XSS-I • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •