CVSS: 9.8EPSS: 0%CPEs: 12EXPL: 0CVE-2018-6797 – perl: heap write overflow in regcomp.c
https://notcve.org/view.php?id=CVE-2018-6797
An issue was discovered in Perl 5.18 through 5.26. A crafted regular expression can cause a heap-based buffer overflow, with control over the bytes written. Se ha descubierto un problema en Perl 5.26. Una expresión regular manipulada puede provocar un desbordamiento de búfer basado en memoria dinámica (heap), con control sobre los bytes que se escriben. A heap buffer write overflow, with control over the bytes written, was found in the way regular expressions employing Unicode rules are compiled. • http://www.securitytracker.com/id/1040681 http://www.securitytracker.com/id/1042004 https://access.redhat.com/errata/RHSA-2018:1192 https://rt.perl.org/Public/Bug/Display.html?id=132227 https://security.gentoo.org/glsa/201909-01 https://usn.ubuntu.com/3625-1 https://www.debian.org/security/2018/dsa-4172 https://www.oracle.com/security-alerts/cpujul2020.html https://access.redhat.com/security/cve/CVE-2018-6797 https://bugzilla.redhat.com/show_bug.cgi?id=1547783 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 14EXPL: 0CVE-2018-6798 – perl: heap read overflow in regexec.c
https://notcve.org/view.php?id=CVE-2018-6798
An issue was discovered in Perl 5.22 through 5.26. Matching a crafted locale dependent regular expression can cause a heap-based buffer over-read and potentially information disclosure. Se ha descubierto un problema en Perl, de la versión 5.22 a la 5.26. Si se hace que coincida una expresión regular dependiente de una locale manipulada, se puede provocar una sobrelectura de búfer basada en memoria dinámica (heap) y una potencial divulgación de información. A heap buffer over read flaw was found in the way Perl regular expression engine handled inputs with invalid UTF-8 characters. • http://www.securitytracker.com/id/1040681 https://access.redhat.com/errata/RHSA-2018:1192 https://rt.perl.org/Public/Bug/Display.html?id=132063 https://security.gentoo.org/glsa/201909-01 https://usn.ubuntu.com/3625-1 https://www.debian.org/security/2018/dsa-4172 https://www.oracle.com/security-alerts/cpujul2020.html https://access.redhat.com/security/cve/CVE-2018-6798 https://bugzilla.redhat.com/show_bug.cgi?id=1547779 • CWE-125: Out-of-bounds Read •
CVSS: 5.9EPSS: 0%CPEs: 5EXPL: 0CVE-2015-1777
https://notcve.org/view.php?id=CVE-2015-1777
rhnreg_ks in Red Hat Network Client Tools (aka rhn-client-tools) on Red Hat Gluster Storage 2.1 and Enterprise Linux (RHEL) 5, 6, and 7 does not properly validate hostnames in X.509 certificates from SSL servers, which allows remote attackers to prevent system registration via a man-in-the-middle attack. rhnreg_ks en Red Hat Network Client Tools (también conocido como rhn-client-tools) en Red Hat Gluster Storage 2.1 y Enterprise Linux (RHEL) 5, 6 y 7 no valida correctamente los nombres de host en los certificados X.509 de los servidores SSL. Esto puede permitir que atacantes remotos eviten el registro en el sistema mediante un ataque Man-in-the-Middle (MitM). • http://www.openwall.com/lists/oss-security/2015/03/04/7 http://www.securityfocus.com/bid/72943 https://bugzilla.redhat.com/show_bug.cgi?id=1198740 • CWE-295: Improper Certificate Validation •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2018-1100 – zsh: buffer overflow in utils.c:checkmailpath() can lead to local arbitrary code execution
https://notcve.org/view.php?id=CVE-2018-1100
zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the utils.c:checkmailpath function. A local attacker could exploit this to execute arbitrary code in the context of another user. zsh hasta la versión 5.4.2 es vulnerable a un desbordamiento de búfer basado en pila en la función utils.c:checkmailpath. Un atacante local podría explotarlo para ejecutar código arbitrario en el contexto de otro usuario. A buffer overflow flaw was found in the zsh shell check path functionality. A local, unprivileged user can create a specially crafted message file, which, if used to set a custom "you have new mail" message, leads to code execution in the context of the user who receives the message. • https://access.redhat.com/errata/RHSA-2018:1932 https://access.redhat.com/errata/RHSA-2018:3073 https://bugzilla.redhat.com/show_bug.cgi?id=1563395 https://lists.debian.org/debian-lts-announce/2020/12/msg00000.html https://security.gentoo.org/glsa/201805-10 https://sourceforge.net/p/zsh/code/ci/31f72205630687c1cef89347863aab355296a27f https://usn.ubuntu.com/3764-1 https://access.redhat.com/security/cve/CVE-2018-1100 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 1%CPEs: 29EXPL: 0CVE-2018-1000156 – patch: Malicious patch files cause ed to execute arbitrary commands
https://notcve.org/view.php?id=CVE-2018-1000156
GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITOR_PROGRAM invocation (using ed) can result in code execution. This attack appear to be exploitable via a patch file processed via the patch utility. This is similar to FreeBSD's CVE-2015-1418 however although they share a common ancestry the code bases have diverged over time. La versión 2.7.6 de GNU Patch contiene una vulnerabilidad de validación de entradas al procesar archivos patch; específicamente la invocación EDITOR_PROGRAM (usando ed) puede resultar en la ejecución de código. el ataque parece ser explotable mediante un archivo patch procesado mediante la utilidad patch. Esto es similar al CVE-2015-1418 de FreeBSD: aunque comparten un ancestro común, las bases de código han divergido con el tiempo. • http://packetstormsecurity.com/files/154124/GNU-patch-Command-Injection-Directory-Traversal.html http://rachelbythebay.com/w/2018/04/05/bangpatch https://access.redhat.com/errata/RHSA-2018:1199 https://access.redhat.com/errata/RHSA-2018:1200 https://access.redhat.com/errata/RHSA-2018:2091 https://access.redhat.com/errata/RHSA-2018:2092 https://access.redhat.com/errata/RHSA-2018:2093 https://access.redhat.com/errata/RHSA-2018:2094 https://access.redhat.com/errata/RHSA-2018:2095 ht • CWE-20: Improper Input Validation CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •