Page 2 of 15 results (0.008 seconds)

CVSS: 9.0EPSS: 0%CPEs: 69EXPL: 0

In BIG-IP 15.0.0, 14.0.0-14.1.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.2, and 11.5.2-11.6.4, BIG-IQ 6.0.0-6.1.0 and 5.1.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1, authenticated users with the ability to upload files (via scp, for example) can escalate their privileges to allow root shell access from within the TMOS Shell (tmsh) interface. The tmsh interface allows users to execute a secondary program via tools like sftp or scp. En BIG-IP versiones 15.0.0, 14.0.0-14.1.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.2, y 11.5.2-11.6.4, BIG-IQ versiones 6.0.0-6.1.0 y 5.1.0-5.4.0, iWorkflow versión 2.3.0, y Enterprise Manager versión 3.1.1, los usuarios autenticados con la capacidad de cargar archivos (por ejemplo, mediante scp) pueden escalar sus privilegios para permitir el acceso root al shell desde TMOS Interfaz de shell (tmsh). La interfaz tmsh permite a los usuarios ejecutar un programa secundario mediante las herramientas como sftp o scp. • https://support.f5.com/csp/article/K40378764 https://support.f5.com/csp/article/K40378764?utm_source=f5support&amp%3Butm_medium=RSS •

CVSS: 5.9EPSS: 0%CPEs: 109EXPL: 0

A race condition which may occur when discarding malformed packets can result in BIND exiting due to a REQUIRE assertion failure in dispatch.c. Versions affected: BIND 9.11.0 -> 9.11.7, 9.12.0 -> 9.12.4-P1, 9.14.0 -> 9.14.2. Also all releases of the BIND 9.13 development branch and version 9.15.0 of the BIND 9.15 development branch and BIND Supported Preview Edition versions 9.11.3-S1 -> 9.11.7-S1. Una condición de carrera que puede presentarse al descartar paquetes malformados puede provocar la salida de BIND debido a un fallo de aserción de REQUIRE en el archivo dispatch.c. Versiones afectadas: BIND 9.11.0 hasta 9.11.7, 9.12.0 hasta 9.12.4-P1, 9.14.0 hasta 9.14.2. • https://kb.isc.org/docs/cve-2019-6471 https://support.f5.com/csp/article/K10092301?utm_source=f5support&amp%3Butm_medium=RSS https://access.redhat.com/security/cve/CVE-2019-6471 https://bugzilla.redhat.com/show_bug.cgi?id=1721780 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-617: Reachable Assertion •

CVSS: 7.5EPSS: 97%CPEs: 96EXPL: 0

Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commits 967c05aee439e6e5d7d805e195b3a20ef5c433d6 and 5f3e2bf008c2221478101ee72f5cb4654b9fc363. Jonathan Looney descubrió que el tamaño máximo de segmento (MSS) por defecto del kernel de Linux está codificado a 48 bytes. • http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt http://www.openwall.com/lists/oss-security/2019/06/28/2 http://www.openwall.com/lists/oss-security/2019/07/06/3 http://www.openwall.com/lists/oss-security/2019/07/06/4 http://www.securityfocus.com/bid/108818 https://access.redhat.com/errata/RHSA-2019:1594 https://access.redhat.com/errata/RHSA-2019:1602 https://access.redhat.com/errata/RHSA-2019:1699 https://access.redhat.com/security/vulnerabili • CWE-400: Uncontrolled Resource Consumption CWE-405: Asymmetric Resource Consumption (Amplification) CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 8.6EPSS: 0%CPEs: 78EXPL: 0

By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conservative value for most servers. Unfortunately, the code which was intended to limit the number of simultaneous connections contained an error which could be exploited to grow the number of simultaneous connections beyond this limit. Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.6, 9.12.0 -> 9.12.4, 9.14.0. BIND 9 Supported Preview Edition versions 9.9.3-S1 -> 9.11.5-S3, and 9.11.5-S5. • https://kb.isc.org/docs/cve-2018-5743 https://support.f5.com/csp/article/K74009656?utm_source=f5support&amp%3Butm_medium=RSS https://www.synology.com/security/advisory/Synology_SA_19_20 https://access.redhat.com/security/cve/CVE-2018-5743 https://bugzilla.redhat.com/show_bug.cgi?id=1702541 • CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 7.5EPSS: 0%CPEs: 57EXPL: 0

On BIG-IP 14.0.x, 13.x, 12.x, and 11.x, Enterprise Manager 3.1.1, BIG-IQ 6.x, 5.x, and 4.x, and iWorkflow 2.x, the passphrases for SNMPv3 users and trap destinations that are used for authentication and privacy are not handled by the BIG-IP system Secure Vault feature; they are written in the clear to the various configuration files. En BIG-IP 14.0.x, 13.x, 12.x y 11.x, Enterprise Manager 3.1.1, BIG-IQ 6.x, 5.x y 4.x, e iWorkflow 2.x, las frases de contraseña para los usuarios SNMPv3 y destinos de captura que se emplean para la autenticación y la privacidad no son gestionados por la característica del sistema Secure Vault de BIG-IP; están escritos en claro en los diferentes archivos de configuración. • http://www.securityfocus.com/bid/106258 https://support.f5.com/csp/article/K42027747 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •