Page 146 of 880 results (0.014 seconds)

CVSS: 5.0EPSS: 37%CPEs: 5EXPL: 1

CVE-2010-3609 – OpenSLP 1.2.1 / < 1647 trunk - Denial of Service

https://notcve.org/view.php?id=CVE-2010-3609

The extension parser in slp_v2message.c in OpenSLP 1.2.1, and other versions before SVN revision 1647, as used in Service Location Protocol daemon (SLPD) in VMware ESX 4.0 and 4.1 and ESXi 4.0 and 4.1, allows remote attackers to cause a denial of service (infinite loop) via a packet with a "next extension offset" that references this extension or a previous extension. NOTE: some of these details are obtained from third party information. El analizador de extensiones en el archivo slp_v2message.c en OpenSLP versión 1.2.1 y otras versiones anteriores a la revisión SVN 1647, como es usado en demonio de Service Location Protocol (SLPD) en ESX versiones 4.0 y 4.1 y ESXi versiones 4.0 y 4.1 de VMware, permite a los atacantes remotos causar una denegación de servicio (bucle infinito) por medio de un paquete con un "next extension offset" que hace referencia a esta extensión o una extensión previa. NOTA: algunos de estos detalles son obtenidos a partir de información de terceros. • https://www.exploit-db.com/exploits/17610 http://lists.vmware.com/pipermail/security-announce/2011/000126.html http://secunia.com/advisories/43601 http://secunia.com/advisories/43742 http://securityreason.com/securityalert/8127 http://securitytracker.com/id?1025168 http://www.kb.cert.org/vuls/id/393783 http://www.mandriva.com/security/advisories?name=MDVSA-2012:141 http://www.mandriva.com/security/advisories?name=MDVSA-2013:111 http://www.osvdb.org/71019 http://www.securityfoc •

CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2010-2928

https://notcve.org/view.php?id=CVE-2010-2928

The vCenter Tomcat Management Application in VMware vCenter Server 4.1 before Update 1 stores log-on credentials in a configuration file, which allows local users to gain privileges by reading this file. La aplicación vCenter Tomcat Management en VMware vCenter Server v4.1 anterior a Update 1, almacena credenciales de inicio de sesión en un archivo de configuración, que permite a usuarios locales obtener privilegios mediante la lectura de este archivo. • http://osvdb.org/70859 http://secunia.com/advisories/43307 http://securityreason.com/securityalert/8079 http://www.securityfocus.com/archive/1/516397/100/0/threaded http://www.vmware.com/security/advisories/VMSA-2011-0003.html http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html • CWE-255: Credentials Management Errors •

CVSS: 7.8EPSS: 1%CPEs: 9EXPL: 0

CVE-2011-0355

https://notcve.org/view.php?id=CVE-2011-0355

Cisco Nexus 1000V Virtual Ethernet Module (VEM) 4.0(4) SV1(1) through SV1(3b), as used in VMware ESX 4.0 and 4.1 and ESXi 4.0 and 4.1, does not properly handle dropped packets, which allows guest OS users to cause a denial of service (ESX or ESXi host OS crash) by sending an 802.1Q tagged packet over an access vEthernet port, aka Cisco Bug ID CSCtj17451. Cisco Nexus 1000V Virtual Ethernet Module (VEM) v4.0 (4) SV1 (1) hasta SV1 (3b), tal como se utiliza en VMware ESX v4.0 y v4.1 ESXi v4.0 y v4.1, no maneja adecuadamente paquetes eliminados, permitiendo a usuarios invitado del sistema operativo causar una denegación de servicio (caída del host ESX o ESXi) mediante el envío de un paquete 802.1Q etiquetado sobre un puerto vEthernet de acceso, también conocido como error de Cisco ID CSCtj17451. • http://lists.vmware.com/pipermail/security-announce/2011/000118.html http://secunia.com/advisories/43084 http://securityreason.com/securityalert/8090 http://securitytracker.com/id?1025030 http://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_0_4_s_v_1_3_c/release/notes/n1000v_rn.html http://www.osvdb.org/70837 http://www.securityfocus.com/archive/1/516259/100/0/threaded http://www.securityfocus.com/bid/46247 http://www.vmware.com/security/advisories/VMSA • CWE-399: Resource Management Errors •

CVSS: 7.9EPSS: 0%CPEs: 24EXPL: 4

CVE-2010-4263 – kernel: igb panics when receiving tag vlan packet

https://notcve.org/view.php?id=CVE-2010-4263

The igb_receive_skb function in drivers/net/igb/igb_main.c in the Intel Gigabit Ethernet (aka igb) subsystem in the Linux kernel before 2.6.34, when Single Root I/O Virtualization (SR-IOV) and promiscuous mode are enabled but no VLANs are registered, allows remote attackers to cause a denial of service (NULL pointer dereference and panic) and possibly have unspecified other impact via a VLAN tagged frame. La función igb_receive_skb de drivers/net/igb/igb_main.c en el subsistema Intel Gigabit Ethernet (igb) del kernel de Linux en versiones anteriores a la 2.6.34, cuando la virtualización Single Root I/O (SR-IOV) y el modo promiscuo están habilitados pero ninguna VLANs está registrada, permite a atacantes remotos provocar una denegación de servicio (resolución de puntero a NULL y excepción) y posiblemente causar otros impactos a través de un frame etiquetado como VLAN. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=31b24b955c3ebbb6f3008a6374e61cf7c05a193c http://openwall.com/lists/oss-security/2010/12/06/3 http://openwall.com/lists/oss-security/2010/12/06/9 http://secunia.com/advisories/42884 http://secunia.com/advisories/42890 http://secunia.com/advisories/46397 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34 http://www.redhat.com/support/errata/RHSA-2011-0007.html http://www.redha • CWE-476: NULL Pointer Dereference •

CVSS: 7.1EPSS: 6%CPEs: 8EXPL: 0

CVE-2010-4526 – kernel: sctp: a race between ICMP protocol unreachable and connect()

https://notcve.org/view.php?id=CVE-2010-4526

Race condition in the sctp_icmp_proto_unreachable function in net/sctp/input.c in Linux kernel 2.6.11-rc2 through 2.6.33 allows remote attackers to cause a denial of service (panic) via an ICMP unreachable message to a socket that is already locked by a user, which causes the socket to be freed and triggers list corruption, related to the sctp_wait_for_connect function. Condición de carrera en el kernel de Linux 2.6.11-rc2 hasta 2.6.33. Permite a atacantes remotos provocar una denegación de servicio (kernel panic) a través de un mensaje no enrutable ICMP a un socket que ya se encuentra bloqueado por un usuario, lo que provoca que el socket sea liberado y una corrupción de lista. Relacionado con la función sctp_wait_for_connect. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=50b5d6ad63821cea324a5a7a19854d4de1a0a819 http://secunia.com/advisories/42964 http://secunia.com/advisories/46397 http://www.openwall.com/lists/oss-security/2011/01/04/13 http://www.openwall.com/lists/oss-security/2011/01/04/3 http://www.redhat.com/support/errata/RHSA-2011-0163.html http://www.securityfocus.com/archive/1/520102/100/0/threaded http://www.securityfocus.com/bid/45661 http:/&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •