CVSS: 5.0EPSS: 11%CPEs: 10EXPL: 0CVE-2008-0596 – cups: memory leak handling IPP browse requests
https://notcve.org/view.php?id=CVE-2008-0596
Memory leak in CUPS before 1.1.22, and possibly other versions, allows remote attackers to cause a denial of service (memory consumption and daemon crash) via a large number of requests to add and remove shared printers. Fuga de memoria en CUPS versiones anteriores a 1.1.22 y posiblemente otras versiones, permite a atacantes remotos provocar una denegación de servicio (consumo de memoria y caída del demonio) a través de un gran número de peticiones para añadir y eliminar impresoras compartidas. • http://docs.info.apple.com/article.html?artnum=307562 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00000.html http://secunia.com/advisories/29087 http://secunia.com/advisories/29189 http://secunia.com/advisories/29251 http://secunia.com/advisories/29420 http://support.avaya.com/elmodocs2/security/ASA-2008-084.htm http://support.avaya.com/elmodocs2/security/ASA-2008-098.htm http://wiki.rpath • CWE-399: Resource Management Errors CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.0EPSS: 10%CPEs: 10EXPL: 0CVE-2008-0597 – cups: dereference of free'd memory handling IPP browse requests
https://notcve.org/view.php?id=CVE-2008-0597
Use-after-free vulnerability in CUPS before 1.1.22, and possibly other versions, allows remote attackers to cause a denial of service (crash) via crafted IPP packets. Vulnerabilidad de uso después de liberación (use-after-free) en CUPS antes de 1.1.22 y posiblemente otras versiones, permite a atacantes remotos provocar una denegación de servicio (caída) a través de paquetes IPP manipulados. • http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00000.html http://secunia.com/advisories/29087 http://secunia.com/advisories/29189 http://secunia.com/advisories/29251 http://support.avaya.com/elmodocs2/security/ASA-2008-084.htm http://support.avaya.com/elmodocs2/security/ASA-2008-098.htm http://wiki.rpath.com/Advisories:rPSA-2008-0091 http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0091 http://www.mandriva.com/security/advisories?name=MDVSA-2008:050 http://www. • CWE-399: Resource Management Errors •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 1CVE-2007-4130 – panic caused by set_mempolicy with MPOL_BIND
https://notcve.org/view.php?id=CVE-2007-4130
The Linux kernel 2.6.9 before 2.6.9-67 in Red Hat Enterprise Linux (RHEL) 4 on Itanium (ia64) does not properly handle page faults during NUMA memory access, which allows local users to cause a denial of service (panic) via invalid arguments to set_mempolicy in an MPOL_BIND operation. El kernel de Linux 2.6.9 antes de 2.6.9-67 en Red Hat Enterprise Linux (RHEL) 4 de Itanium (ia64). No maneja correctamente fallos de página durante el acceso a memoria de NUMA, lo que permite a usuarios locales causar una denegación de servicio (panic) por medio de argumentos no válidos a set_mempolicy en una operación MPOL_BIND • http://rhn.redhat.com/errata/RHSA-2008-0055.html http://secunia.com/advisories/28748 http://www.securityfocus.com/bid/27556 https://bugzilla.redhat.com/show_bug.cgi?id=179665 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11437 https://access.redhat.com/security/cve/CVE-2007-4130 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 16%CPEs: 8EXPL: 0CVE-2008-0003 – tog-pegasus pam authentication buffer overflow
https://notcve.org/view.php?id=CVE-2008-0003
Stack-based buffer overflow in the PAMBasicAuthenticator::PAMCallback function in OpenPegasus CIM management server (tog-pegasus), when compiled to use PAM and without PEGASUS_USE_PAM_STANDALONE_PROC defined, might allow remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2007-5360. Un desbordamiento del búfer en la región stack de la memoria en la función PAMBasicAuthenticator::PAMCallback en el servidor de administración de OpenPegasus CIM (tog-pegasus), cuando es compilado para usar PAM y sin PEGASUS_USE_PAM_STANDALONE_PROC definida, podría permitir a atacantes remotos ejecutar código arbitrario por medio de vectores desconocidos, una vulnerabilidad diferente de CVE -2007-5360. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01438409 http://lists.vmware.com/pipermail/security-announce/2008/000014.html http://osvdb.org/40082 http://secunia.com/advisories/28338 http://secunia.com/advisories/28462 http://secunia.com/advisories/29056 http://secunia.com/advisories/29785 http://secunia.com/advisories/29986 http://securitytracker.com/id?1019159 http://www.attrition.org/pipermail/vim/2008-January/001879.html http://www.redhat.com/support/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 2.1EPSS: 0%CPEs: 22EXPL: 0CVE-2007-6206 – Issue with core dump owner
https://notcve.org/view.php?id=CVE-2007-6206
The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2.6.24-rc3, and possibly other versions, does not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which might allow local users to obtain sensitive information. La función do_coredump en el archivo fs/exec.c en el kernel de Linux versiones 2.4.x y versiones 2.6.x hasta 2.6.24-rc3, y posiblemente otras versiones, no cambia el UID de un archivo de volcado de núcleo si éste existe antes de una creación de proceso root en un volcado de núcleo en la misma ubicación, lo que podría permitir a los usuarios locales obtener información confidencial. • http://bugzilla.kernel.org/show_bug.cgi?id=3043 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=c46f739dd39db3b07ab5deb4e3ec81e1c04a91af http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00002.html http://lists.vmware.com/pipermail/security-announce/2008/000023.html http://rhn.redhat.com/errata/RHSA-2008 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •