Page 19 of 197 results (0.007 seconds)

CVSS: 7.8EPSS: 96%CPEs: 91EXPL: 1

17 Jun 2019 — Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff. Jonathan Looney detectó que el valor TCP_SKB_CB(skb)-mayor que tcp_gso_segs estuvo sujeto a un desbordamiento de ... • • CWE-190: Integer Overflow or Wraparound CWE-400: Uncontrolled Resource Consumption •

CVSS: 7.5EPSS: 0%CPEs: 84EXPL: 0

23 May 2019 — In Wireshark 3.0.0 to 3.0.1, 2.6.0 to 2.6.8, and 2.4.0 to 2.4.14, the dissection engine could crash. This was addressed in epan/packet.c by restricting the number of layers and consequently limiting recursion. En Wireshark versión 3.0.0 a 3.0.1, versión 2.6.0 a 2.6.8 y versión 2.4.0 a 2.4.14, el motor de disección podría fallar. Esto fue direccionado en epan/packet.c por la restricción del número de capas y por consiguiente limitando la recursión. It was discovered that Wireshark improperly handled certain ... • • CWE-674: Uncontrolled Recursion •

CVSS: 4.9EPSS: 0%CPEs: 65EXPL: 0

03 May 2019 — On BIG-IP 14.0.0-, 13.0.0-, 12.1.0-12.1.4, 11.6.1-, and 11.5.2-11.5.8, users with the Resource Administrator role can modify sensitive portions of the filesystem if provided Advanced Shell Access, such as editing /etc/passwd. This allows modifications to user objects and is contrary to our definition for the Resource Administrator (RA) role restrictions. En BIG-IP versiones desde la hasta la, desde la 13.0.0 hasta la, desde la 12.1.0 hasta la 12.1.4, desd... • •

CVSS: 6.5EPSS: 0%CPEs: 65EXPL: 0

03 May 2019 — On BIG-IP 14.0.0-, 13.0.0-, 12.1.0-12.1.4, 11.6.1-, and 11.5.2-11.5.8, a user with the Resource Administrator role is able to overwrite sensitive low-level files (such as /etc/passwd) using SFTP to modify user permissions, without Advanced Shell access. This is contrary to our definition for the Resource Administrator (RA) role restrictions. En BIG-IP 14.0.0-, 13.0.0-, 12.1.0-12.1.4, 11.6.1-, y 11.5.2-11.5.8, un usuario con el rol de " Resource Administrator" ... • • CWE-269: Improper Privilege Management •

CVSS: 7.2EPSS: 0%CPEs: 65EXPL: 0

03 May 2019 — On BIG-IP 14.0.0-, 13.0.0-, 12.1.0-12.1.4, 11.6.1-, and 11.5.2-11.5.8, administrative users with TMSH access can overwrite critical system files on BIG-IP which can result in bypass of whitelist / blacklist restrictions enforced by appliance mode. En BIG-IP 14.0.0-, 13.0.0-, 12.1.0-12.1.4, 11.6.1-, y 11.5.2-11.5.8, usuarios administrativos con acceso TMSH pueden sobrescribir archivos críticos del sistema BIG-IP, esto puede resultar en omisión de las restriccio... • •

CVSS: 6.5EPSS: 0%CPEs: 39EXPL: 0

03 May 2019 — On BIG-IP 14.0.0-, 13.0.0-, and 12.1.0-12.1.4, internal methods used to prevent arbitrary file overwrites in Appliance Mode were not fully effective. An authenticated attacker with a high privilege level may be able to bypass protections implemented in appliance mode to overwrite arbitrary system files. En BIG-IP 14.0.0-, 13.0.0-, y 12.1.0-12.1.4, métodos internos empleados para evitar la sobrescritura arbitraria en el "Appliance Mode" no fueron completamente efectivos. Un at... • •

CVSS: 4.9EPSS: 0%CPEs: 65EXPL: 0

03 May 2019 — On BIG-IP 14.0.0-, 13.0.0-, 12.1.0-12.1.4, 11.6.1-, and 11.5.2-11.5.8, Administrator and Resource Administrator roles might exploit TMSH access to bypass Appliance Mode restrictions on BIG-IP systems. En BIG-IP 14.0.0-, 13.0.0-, 12.1.0-12.1.4, 11.6.1-, y 11.5.2-11.5.8, los roles de Administrador y "Resource Administrator" podrían explotar el acceso TMSH saltandose las restricciones del "Appliance Mode" en sistemas BIG-IP. • •

CVSS: 7.5EPSS: 0%CPEs: 45EXPL: 0

03 May 2019 — On BIG-IP 14.0.0-, 13.0.0-, 12.1.0-12.1.4, 11.6.1-, and 11.5.2-11.5.8, DNS query TCP connections that are aborted before receiving a response from a DNS cache may cause TMM to restart. En BIG-IP, versiones desde la hasta la, versiones desde la 13.0.0 hasta la, versiones desde la 12.1.0 hasta la 12.1.4, versiones desde la 11.6.1 hasta la, y versiones desde la 11.5.2 hasta la 11.5.8, las conexiones TCP de consulta DNS que se abortan antes de re... • •

CVSS: 7.5EPSS: 0%CPEs: 65EXPL: 0

03 May 2019 — When BIG-IP 14.0.0-, 13.0.0-, 12.1.0-12.1.4, 11.6.1-, and 11.5.2-11.5.8 are processing certain rare data sequences occurring in PPTP VPN traffic, the BIG-IP system may execute incorrect logic. The TMM may restart and produce a core file as a result of this condition. The BIG-IP system provisioned with the CGNAT module and configured with a virtual server using a PPTP profile is exposed to this vulnerability. Cuando BIG-IP versión 14.0.0- versión,versión 13.0.0-versión 13.1.1... • •

CVSS: 8.6EPSS: 0%CPEs: 78EXPL: 0

25 Apr 2019 — By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conservative value for most servers. Unfortunately, the code which was intended to limit the number of simultaneous connections contained an error which could be exploited to grow the number of simultaneous connections beyond this limit. Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.6, 9.12.0 -> 9.12.4, 9.... • • CWE-770: Allocation of Resources Without Limits or Throttling •