CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2017-15042 – golang: smtp.PlainAuth susceptible to man-in-the-middle password harvesting
https://notcve.org/view.php?id=CVE-2017-15042
05 Oct 2017 — An unintended cleartext issue exists in Go before 1.8.4 and 1.9.x before 1.9.1. RFC 4954 requires that, during SMTP, the PLAIN auth scheme must only be used on network connections secured with TLS. The original implementation of smtp.PlainAuth in Go 1.0 enforced this requirement, and it was documented to do so. In 2013, upstream issue #5184, this was changed so that the server may decide whether PLAIN is acceptable. The result is that if you set up a man-in-the-middle SMTP server that doesn't advertise STAR... • http://www.securityfocus.com/bid/101197 • CWE-300: Channel Accessible by Non-Endpoint CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-1000097
https://notcve.org/view.php?id=CVE-2017-1000097
04 Oct 2017 — On Darwin, user's trust preferences for root certificates were not honored. If the user had a root certificate loaded in their Keychain that was explicitly not trusted, a Go program would still verify a connection using that root certificate. En Darwin, no se verifican las preferencias de confianza del usuario para certificados root. Si el usuario tiene un certificado root cargado en su Keychain que se ha definido explícitamente como no fiable, un programa Go podría aun verificar una conexión utilizando ese... • https://github.com/golang/go/issues/18141 • CWE-295: Improper Certificate Validation •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-1000098 – golang: net/http: multipart ReadForm close file after copy
https://notcve.org/view.php?id=CVE-2017-1000098
04 Oct 2017 — The net/http package's Request.ParseMultipartForm method starts writing to temporary files once the request body size surpasses the given "maxMemory" limit. It was possible for an attacker to generate a multipart request crafted such that the server ran out of file descriptors. El método Request.ParseMultipartForm del paquete net/http empieza a escribir en archivos temporales una vez que el tamaño del cuerpo de la petición sobrepase el límite "maxMemory" establecido. Un atacante podría generar un petición m... • https://golang.org/cl/30410 • CWE-769: DEPRECATED: Uncontrolled File Descriptor Consumption •
CVSS: 5.9EPSS: 0%CPEs: 6EXPL: 0CVE-2017-8932 – golang: Elliptic curves carry propagation issue in x86-64 P-256
https://notcve.org/view.php?id=CVE-2017-8932
06 Jul 2017 — A bug in the standard library ScalarMult implementation of curve P-256 for amd64 architectures in Go before 1.7.6 and 1.8.x before 1.8.2 causes incorrect results to be generated for specific input points. An adaptive attack can be mounted to progressively extract the scalar input to ScalarMult by submitting crafted points and observing failures to the derive correct output. This leads to a full key recovery attack against static ECDH, as used in popular JWT libraries. Un error en la implementación de la bib... • http://lists.opensuse.org/opensuse-updates/2017-06/msg00079.html • CWE-682: Incorrect Calculation •
CVSS: 8.1EPSS: 17%CPEs: 8EXPL: 0CVE-2016-5386 – Go: sets environmental variable based on user supplied Proxy request header
https://notcve.org/view.php?id=CVE-2016-5386
19 Jul 2016 — The net/http package in Go through 1.6 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect a CGI application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. El paquete net/http en Go hasta la versión 1.6 no intenta abordar los conflictos ... • http://rhn.redhat.com/errata/RHSA-2016-1538.html • CWE-20: Improper Input Validation CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2016-3958
https://notcve.org/view.php?id=CVE-2016-3958
23 May 2016 — Untrusted search path vulnerability in Go before 1.5.4 and 1.6.x before 1.6.1 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, related to use of the LoadLibrary function. Vulnerabilidad de búsqueda de ruta no confiable en Go en versiones anteriores a 1.5.4 y 1.6.x en versiones anteriores a 1.6.1 en Windows permite a usuarios locales obtener privilegios a través de un troyano DLL en el directorio de trabajo actual, relacionado con el uso de la función ... • http://www.openwall.com/lists/oss-security/2016/04/05/1 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 2%CPEs: 6EXPL: 1CVE-2016-3959 – golang: infinite loop in several big integer routines
https://notcve.org/view.php?id=CVE-2016-3959
23 May 2016 — The Verify function in crypto/dsa/dsa.go in Go before 1.5.4 and 1.6.x before 1.6.1 does not properly check parameters passed to the big integer library, which might allow remote attackers to cause a denial of service (infinite loop) via a crafted public key to a program that uses HTTPS client certificates or SSH server libraries. La función Verify en crypto/dsa/dsa.go en Go en versiones anteriores a 1.5.4 y 1.6.x en versiones anteriores a 1.6.1 no comprueba correctamente los parámetros pasados a la gran lib... • https://github.com/alexmullins/dsa • CWE-20: Improper Input Validation CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2015-8618
https://notcve.org/view.php?id=CVE-2015-8618
27 Jan 2016 — The Int.Exp Montgomery code in the math/big library in Go 1.5.x before 1.5.3 mishandles carry propagation and produces incorrect output, which makes it easier for attackers to obtain private RSA keys via unspecified vectors. El código Montgomery de Int.Exp en la librería math/big en Go 1.5.x en versiones anteriores a 1.5.3 no maneja correctamente la propagación acarreo y produce una salida incorrecta, lo que facilita a atacantes obtener claves privadas RSA a través de vectores no especificados. • http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175642.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.9EPSS: 0%CPEs: 8EXPL: 0CVE-2014-7189
https://notcve.org/view.php?id=CVE-2014-7189
07 Oct 2014 — crpyto/tls in Go 1.1 before 1.3.2, when SessionTicketsDisabled is enabled, allows man-in-the-middle attackers to spoof clients via unspecified vectors. crpyto/tls en Go 1.1 anterior a 1.3.2, cuando SessionTicketsDisabled está habilitado, permite a atacantes man-in-the-middle falsificar clientes através de vectores no especificados. • http://www.openwall.com/lists/oss-security/2014/09/26/28 • CWE-264: Permissions, Privileges, and Access Controls •