Page 107 of 1056 results (0.021 seconds)

CVSS: 7.4EPSS: 0%CPEs: 12EXPL: 0

A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB3. The connection could lose the requirement for signing and encrypting to any DFS redirects, allowing an attacker to read or alter the contents of the connection via a man-in-the-middle attack. Se ha encontrado un fallo en la forma en la que el cliente samba en versiones anteriores a samba 4.4.16, samba 4.5.14 y samba 4.6.8 utilizaba cifrado con el protocolo max establecido en SMB3. La conexión podía perder el requisito de firmar y cifrar con cualquier redirección DFS, lo que permitía a un atacante leer o alterar el contenido de la conexión mediante un ataque Man-in-the-Middle (MitM). A flaw was found in the way samba client used encryption with the max protocol set as SMB3. • http://www.securityfocus.com/bid/100917 http://www.securitytracker.com/id/1039401 https://access.redhat.com/errata/RHSA-2017:2790 https://access.redhat.com/errata/RHSA-2017:2858 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12151 https://security.netapp.com/advisory/ntap-20170921-0001 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03817en_us https://www.debian.org/security/2017/dsa-3983 https://www.samba.org/samba/security/CVE-20 • CWE-300: Channel Accessible by Non-Endpoint CWE-310: Cryptographic Issues •

CVSS: 8.0EPSS: 0%CPEs: 43EXPL: 5

The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space. La pila Bluetooth nativa en el Kernel Linux (BlueZ), comenzando por la versión 2.6.32 del kernel de Linux y hasta, e incluyendo, la versión 4.13.1, es vulnerable a un desbordamiento de pila durante el procesado de las respuestas de configuración L2CAP, lo que desemboca en la ejecución remota de código en el espacio del kernel. A stack buffer overflow flaw was found in the way the Bluetooth subsystem of the Linux kernel processed pending L2CAP configuration responses from a client. On systems with the stack protection feature enabled in the kernel (CONFIG_CC_STACKPROTECTOR=y, which is enabled on all architectures other than s390x and ppc64[le]), an unauthenticated attacker able to initiate a connection to a system via Bluetooth could use this flaw to crash the system. Due to the nature of the stack protection feature, code execution cannot be fully ruled out, although we believe it is unlikely. • https://www.exploit-db.com/exploits/42762 https://github.com/hayzamjs/Blueborne-CVE-2017-1000251 https://github.com/own2pwn/blueborne-CVE-2017-1000251-POC https://github.com/sgxgsx/blueborne-CVE-2017-1000251 https://github.com/tlatkdgus1/blueborne-CVE-2017-1000251 http://nvidia.custhelp.com/app/answers/detail/a_id/4561 http://www.debian.org/security/2017/dsa-3981 http://www.securityfocus.com/bid/100809 http://www.securitytracker.com/id/1039373 https://access.redhat.com/errata& • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 9.8EPSS: 1%CPEs: 7EXPL: 0

The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print(). El analizador sintáctico ISAKMP en tcpdump en versiones anteriores a la 4.9.2 tiene una vulnerabilidad de sobrelectura de búfer en print-isakmp.c:isakmp_rfc3948_print(). • http://www.debian.org/security/2017/dsa-3971 http://www.securitytracker.com/id/1039307 http://www.tcpdump.org/tcpdump-changes.txt https://access.redhat.com/errata/RHEA-2018:0705 https://github.com/the-tcpdump-group/tcpdump/commit/4e430c6b0d8b7e77c7abca7e7afb0c3e727502f2 https://github.com/the-tcpdump-group/tcpdump/commit/f76e7feb41a4327d2b0978449bbdafe98d4a3771 https://security.gentoo.org/glsa/201709-23 https://support.apple.com/HT208221 • CWE-125: Out-of-bounds Read •

CVSS: 9.8EPSS: 1%CPEs: 7EXPL: 0

The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several functions. El analizador sintáctico Zephyr en tcpdump en versiones anteriores a la 4.9.2 tiene una vulnerabilidad de sobrelectura de búfer en print-zephyr.c en varias funciones. • http://www.debian.org/security/2017/dsa-3971 http://www.securitytracker.com/id/1039307 http://www.tcpdump.org/tcpdump-changes.txt https://access.redhat.com/errata/RHEA-2018:0705 https://github.com/the-tcpdump-group/tcpdump/commit/6ec0c6fa63412c7a07a5bcb790a529c3563b4173 https://github.com/the-tcpdump-group/tcpdump/commit/d17507ffa3e9742199b02a66aa940e79ababfa30 https://security.gentoo.org/glsa/201709-23 https://support.apple.com/HT208221 • CWE-125: Out-of-bounds Read •

CVSS: 9.8EPSS: 1%CPEs: 7EXPL: 0

The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements(). El analizador sintáctico IEEE 802.11 en tcpdump en versiones anteriores a la 4.9.2 tiene una vulnerabilidad de sobrelectura de búfer en print-802_11.c:parse_elements(). • http://www.debian.org/security/2017/dsa-3971 http://www.securitytracker.com/id/1039307 http://www.tcpdump.org/tcpdump-changes.txt https://access.redhat.com/errata/RHEA-2018:0705 https://github.com/the-tcpdump-group/tcpdump/commit/2ecb9d2c67d9119250c54811a6ce4d0f2ddf44f1 https://github.com/the-tcpdump-group/tcpdump/commit/99798bd9a41bd3d03fdc1e949810a38967f20ed3 https://security.gentoo.org/glsa/201709-23 https://support.apple.com/HT208221 • CWE-125: Out-of-bounds Read •