CVSS: 4.3EPSS: 93%CPEs: 6EXPL: 0CVE-2013-1418 – krb5: multi-realm KDC null dereference leads to crash
https://notcve.org/view.php?id=CVE-2013-1418
The setup_server_realm function in main.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.7, when multiple realms are configured, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request. La función setup_server_realm en main.c en Key Distribution Center (KDC) de MIT Kerberos 5 (también conocido como krb5) anterior a la versión 1.10.7, cuando se configuran varios campos, permite a atacantes remotos provocar una denegación de servicio (referencia a un puntero NULL y cierre del demonio) a través de una petición manipulada. It was found that if a KDC served multiple realms, certain requests could cause the setup_server_realm() function to dereference a NULL pointer. A remote, unauthenticated attacker could use this flaw to crash the KDC using a specially crafted request. • http://advisories.mageia.org/MGASA-2013-0335.html http://krbdev.mit.edu/rt/Ticket/Display.html?id=7757 http://lists.opensuse.org/opensuse-updates/2013-11/msg00082.html http://lists.opensuse.org/opensuse-updates/2013-11/msg00086.html http://lists.opensuse.org/opensuse-updates/2013-12/msg00026.html http://web.mit.edu/kerberos/krb5-1.10/README-1.10.7.txt http://web.mit.edu/kerberos/krb5-1.11/README-1.11.4.txt http://www.securityfocus.com/bid/63555 https://bugzilla • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 2%CPEs: 49EXPL: 1CVE-2013-6621
https://notcve.org/view.php?id=CVE-2013-6621
Use-after-free vulnerability in Google Chrome before 31.0.1650.48 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the x-webkit-speech attribute in a text INPUT element. Vulnerabilidad de uso después de liberación en Google Chrome anterior a la versión 31.0.1650.48 permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto sin especificar a través de vectores relacionados con el atributo x-webkit-speech en un elemento INPUT. • http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00025.html http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html http://www.debian.org/security/2013/dsa-2799 https://code.google.com/p/chromium/issues/detail?id=268565 https://oval.cisecurity.org/ • CWE-399: Resource Management Errors •
CVSS: 5.0EPSS: 2%CPEs: 7EXPL: 0CVE-2013-4560
https://notcve.org/view.php?id=CVE-2013-4560
Use-after-free vulnerability in lighttpd before 1.4.33 allows remote attackers to cause a denial of service (segmentation fault and crash) via unspecified vectors that trigger FAMMonitorDirectory failures. Vulnerabilidad de uso después de liberación en lighttpd anterior a la versión 1.4.33 permite a atacantes remotos provocar una denegación de servicio (fallo de segmentación y caída) a través de vectores que desencadenen fallos FAMMonitorDirectory. • http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2013_03.txt http://jvn.jp/en/jp/JVN37417423/index.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00049.html http://marc.info/?l=bugtraq&m=141576815022399&w=2 http://secunia.com/advisories/55682 http://www.openwall.com/lists/oss-security/2013/11/12/4 https://www.debian.org/security/2013/dsa-2795 • CWE-416: Use After Free •
CVSS: 7.6EPSS: 1%CPEs: 7EXPL: 0CVE-2013-4559
https://notcve.org/view.php?id=CVE-2013-4559
lighttpd before 1.4.33 does not check the return value of the (1) setuid, (2) setgid, or (3) setgroups functions, which might cause lighttpd to run as root if it is restarted and allows remote attackers to gain privileges, as demonstrated by multiple calls to the clone function that cause setuid to fail when the user process limit is reached. lighttpd anterior a la versión 1.4.33 no comprueba el valor de vuelta de (1) setuid, (2) setgid, o (3) setgroups, lo que podría causar que lighttpd se ejecute bajo administrador si es reiniciado y permitir a atacantes remotos obtener privilegios, tal y como se demostró con múltiples llamadas a la función de clonado que provocó que setuid fallara cuando el límite de proceso de usuario era alcanzado. • http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2013_02.txt http://jvn.jp/en/jp/JVN37417423/index.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00049.html http://marc.info/?l=bugtraq&m=141576815022399&w=2 http://secunia.com/advisories/55682 http://www.openwall.com/lists/oss-security/2013/11/12/4 https://kc.mcafee.com/corporate/index?page=content&id=SB10310 https://www.debian.org/security/2013/dsa-2795 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.0EPSS: 0%CPEs: 21EXPL: 0CVE-2013-6629 – libjpeg: information leak (read of uninitialized memory)
https://notcve.org/view.php?id=CVE-2013-6629
The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan (SOS) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image. La función get_sos de jdmarker.c en libjpeg 6b y libjpeg-turbo hasta la versión 1.3.0, tal y como se usa en Google Chrome anterior a la versión 31.0.1650.48, Ghostscript y otros productos, no comprueba ciertas duplicaciones de datos de componentes durante la lectura de segmentos que siguen marcadores Start Of Scan (SOS), lo que permite a atacantes remotos obtener información sensible desde localizaciones de memoria sin inicializar a través de una imagen JPEG manipulada. • http://advisories.mageia.org/MGASA-2013-0333.html http://archives.neohapsis.com/archives/fulldisclosure/2013-11/0080.html http://bugs.ghostscript.com/show_bug.cgi?id=686980 http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html http://lists.fedoraproject.org&# • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-456: Missing Initialization of a Variable •