
CVE-2018-7225 – libvncserver: Improper input sanitization in rfbProcessClientNormalMessage in rfbserver.c
https://notcve.org/view.php?id=CVE-2018-7225
19 Feb 2018 — An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage() in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact (e.g., an integer overflow) via specially crafted VNC packets. Se ha descubierto un problema en LibVNCServer hasta la versión 0.9.11. rfbProcessClientNormalMessage() en rfbserver.c no sanea msg.cct.length, lo que conduce a un acceso a datos no inicializados y potencialmen... • http://www.openwall.com/lists/oss-security/2018/02/18/1 • CWE-190: Integer Overflow or Wraparound CWE-805: Buffer Access with Incorrect Length Value •

CVE-2017-18190 – cups: DNS rebinding attacks via incorrect whitelist
https://notcve.org/view.php?id=CVE-2017-18190
16 Feb 2018 — A localhost.localdomain whitelist entry in valid_host() in scheduler/client.c in CUPS before 2.2.2 allows remote attackers to execute arbitrary IPP commands by sending POST requests to the CUPS daemon in conjunction with DNS rebinding. The localhost.localdomain name is often resolved via a DNS server (neither the OS nor the web browser is responsible for ensuring that localhost.localdomain is 127.0.0.1). Una entrada en la lista blanca localhost.localdomain en valid_host() en scheduler/client.c en CUPS, en v... • https://bugs.chromium.org/p/project-zero/issues/detail?id=1048 • CWE-284: Improper Access Control CWE-290: Authentication Bypass by Spoofing •

CVE-2018-7054 – Slackware Security Advisory - irssi Updates
https://notcve.org/view.php?id=CVE-2018-7054
15 Feb 2018 — An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. There is a use-after-free when a server is disconnected during netsplits. NOTE: this issue exists because of an incomplete fix for CVE-2017-7191. Se ha descubierto un problema en Irssi, en versiones anteriores a la 1.0.7 y versiones 1.1.x anteriores a la 1.1.1. Hay un uso de memoria previamente liberada cuando un servidor se desconecta durante los netsplits. • http://openwall.com/lists/oss-security/2018/02/15/1 • CWE-416: Use After Free •

CVE-2018-7053 – Slackware Security Advisory - irssi Updates
https://notcve.org/view.php?id=CVE-2018-7053
15 Feb 2018 — An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. There is a use-after-free when SASL messages are received in an unexpected order. Se ha descubierto un problema en Irssi, en versiones anteriores a la 1.0.7 y versiones 1.1.x anteriores a la 1.1.1. Hay un uso de memoria previamente liberada cuando los mensajes SASL se reciben en un orden inesperado. It was discovered that Irssi incorrectly handled certain empty nick names. • http://openwall.com/lists/oss-security/2018/02/15/1 • CWE-416: Use After Free •

CVE-2018-7051 – Slackware Security Advisory - irssi Updates
https://notcve.org/view.php?id=CVE-2018-7051
15 Feb 2018 — An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. Certain nick names could result in out-of-bounds access when printing theme strings. Se ha descubierto un problema en Irssi, en versiones anteriores a la 1.0.7 y versiones 1.1.x anteriores a la 1.1.1. Ciertos sobrenombres podrían resultar en un acceso fuera de límites al imprimir cadenas de tema. It was discovered that Irssi incorrectly handled certain empty nick names. • http://openwall.com/lists/oss-security/2018/02/15/1 • CWE-125: Out-of-bounds Read •

CVE-2018-7052 – Slackware Security Advisory - irssi Updates
https://notcve.org/view.php?id=CVE-2018-7052
15 Feb 2018 — An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. When the number of windows exceeds the available space, a crash due to a NULL pointer dereference would occur. Se ha descubierto un problema en Irssi, en versiones anteriores a la 1.0.7 y versiones 1.1.x anteriores a la 1.1.1. Cuando el número de ventanas sobrepasa el espacio disponible, ocurriría un cierre inesperado debido a una desreferencia de puntero NULL. It was discovered that Irssi incorrectly handled certain empty nick names. • http://openwall.com/lists/oss-security/2018/02/15/1 • CWE-476: NULL Pointer Dereference •

CVE-2018-7050 – Slackware Security Advisory - irssi Updates
https://notcve.org/view.php?id=CVE-2018-7050
15 Feb 2018 — An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. A NULL pointer dereference occurs for an "empty" nick. Se ha descubierto un problema en Irssi, en versiones anteriores a la 1.0.7 y versiones 1.1.x anteriores a la 1.1.1. Ocurre una desreferencia de puntero NULL en un nick "vacío". It was discovered that Irssi incorrectly handled certain empty nick names. • http://openwall.com/lists/oss-security/2018/02/15/1 • CWE-476: NULL Pointer Dereference •

CVE-2018-5380 – Gentoo Linux Security Advisory 201804-17
https://notcve.org/view.php?id=CVE-2018-5380
15 Feb 2018 — The Quagga BGP daemon (bgpd) prior to version 1.2.3 can overrun internal BGP code-to-string conversion tables used for debug by 1 pointer value, based on input. El demonio Quagga BGP (bgpd), en versiones anteriores a la 1.2.3, puede saturar las tablas internas de conversión de código a cadena de BGP empleadas para depurar por un valor de puntero 1, basándose en las entradas. It was discovered that a double-free vulnerability existed in the Quagga BGP daemon when processing certain forms of UPDATE message. A... • http://savannah.nongnu.org/forum/forum.php?forum_id=9095 • CWE-125: Out-of-bounds Read •

CVE-2018-5379 – quagga: Double free vulnerability in bgpd when processing certain forms of UPDATE message allowing to crash or potentially execute arbitrary code
https://notcve.org/view.php?id=CVE-2018-5379
15 Feb 2018 — The Quagga BGP daemon (bgpd) prior to version 1.2.3 can double-free memory when processing certain forms of UPDATE message, containing cluster-list and/or unknown attributes. A successful attack could cause a denial of service or potentially allow an attacker to execute arbitrary code. El demonio Quagga BGP (bgpd), en versiones anteriores a la 1.2.3, puede realizar una doble liberación (double free) de memoria al procesar ciertos formularios de un mensaje UPDATE que contienen atributos cluster-list y/o desc... • http://savannah.nongnu.org/forum/forum.php?forum_id=9095 • CWE-415: Double Free CWE-416: Use After Free •

CVE-2018-5378 – Gentoo Linux Security Advisory 201804-17
https://notcve.org/view.php?id=CVE-2018-5378
15 Feb 2018 — The Quagga BGP daemon (bgpd) prior to version 1.2.3 does not properly bounds check the data sent with a NOTIFY to a peer, if an attribute length is invalid. Arbitrary data from the bgpd process may be sent over the network to a peer and/or bgpd may crash. El demonio Quagga BGP (bgpd), en versiones anteriores a la 1.2.3, no comprueba correctamente los límites de los datos enviados mediante NOTIFY a un peer, si una longitud de atributo es inválida. Los datos arbitrarios del proceso bgpd podrían enviarse a tra... • http://savannah.nongnu.org/forum/forum.php?forum_id=9095 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •