CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2019-0757 – dotnet: NuGet Tampering Vulnerability
https://notcve.org/view.php?id=CVE-2019-0757
A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify a NuGet package's folder structure, aka 'NuGet Package Manager Tampering Vulnerability'. Existe una vulnerabilidad de manipulación en NuGet Package Manager para Linux y Mac que podría permitir que un atacante autenticado modifique la estructura de carpetas de un paquete de NuGet, también conocida como 'NuGet Package Manager Tampering Vulnerability'. A flaw was found in dotnet. A tampering vulnerability exists in NuGet software when executed in a Linux or Mac environment. An attacker who successfully exploits the vulnerability could run arbitrary code in the context of the current user. • https://access.redhat.com/errata/RHSA-2019:1259 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0757 https://access.redhat.com/security/cve/CVE-2019-0757 https://bugzilla.redhat.com/show_bug.cgi?id=1685475 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.8EPSS: 78%CPEs: 127EXPL: 0CVE-2018-5390 – Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service
https://notcve.org/view.php?id=CVE-2018-5390
Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service. El kernel de Linux en versiones 4.9 y siguientes pueden forzarse a realizar llamadas muy caras a tcp_collapse_ofo_queue() y tcp_prune_ofo_queue() para cada paquete entrante, lo que puede conducir a una denegación de servicio. A flaw named SegmentSmack was found in the way the Linux kernel handled specially crafted TCP packets. A remote attacker could use this flaw to trigger time and calculation expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() functions by sending specially modified packets within ongoing TCP sessions which could lead to a CPU saturation and hence a denial of service on the system. Maintaining the denial of service condition requires continuous two-way TCP sessions to a reachable open port, thus the attacks cannot be performed using spoofed IP addresses. • http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181031-02-linux-en http://www.openwall.com/lists/oss-security/2019/06/28/2 http://www.openwall.com/lists/oss-security/2019/07/06/3 http://www.openwall.com/lists/oss-security/2019/07/06/4 http://www.securityfocus.com/bid/104976 http://www.securitytracker.com/id/1041424 http://www.securitytracker.com/id/1041434 https://access.redhat.co • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.9EPSS: 0%CPEs: 5EXPL: 0CVE-2015-1777
https://notcve.org/view.php?id=CVE-2015-1777
rhnreg_ks in Red Hat Network Client Tools (aka rhn-client-tools) on Red Hat Gluster Storage 2.1 and Enterprise Linux (RHEL) 5, 6, and 7 does not properly validate hostnames in X.509 certificates from SSL servers, which allows remote attackers to prevent system registration via a man-in-the-middle attack. rhnreg_ks en Red Hat Network Client Tools (también conocido como rhn-client-tools) en Red Hat Gluster Storage 2.1 y Enterprise Linux (RHEL) 5, 6 y 7 no valida correctamente los nombres de host en los certificados X.509 de los servidores SSL. Esto puede permitir que atacantes remotos eviten el registro en el sistema mediante un ataque Man-in-the-Middle (MitM). • http://www.openwall.com/lists/oss-security/2015/03/04/7 http://www.securityfocus.com/bid/72943 https://bugzilla.redhat.com/show_bug.cgi?id=1198740 • CWE-295: Improper Certificate Validation •
CVSS: 6.8EPSS: 0%CPEs: 85EXPL: 0CVE-2017-13084
https://notcve.org/view.php?id=CVE-2017-13084
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. Wi-Fi Protected Access (WPA y WPA2) permite la reinstalación de la clave STK (Transient Key) STSL (Station-To-Station-Link) durante la negociación PeerKey, haciendo que un atacante que se sitúe dentro del radio reproduzca, descifre o suplante frames. • http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt http://www.kb.cert.org/vuls/id/228519 http://www.securityfocus.com/bid/101274 http://www.securitytracker.com/id/1039576 http://www.securitytracker.com/id/1039577 http://www.securitytracker.com/id/1039581 https://access.redhat.com/security/vulnerabilities/kracks https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf https://security.gentoo.org/glsa/201711-03 https://support.lenovo.com/us/en/product_secur • CWE-323: Reusing a Nonce, Key Pair in Encryption CWE-330: Use of Insufficiently Random Values •
CVSS: 8.1EPSS: 0%CPEs: 85EXPL: 0CVE-2017-13077 – wpa_supplicant: Reinstallation of the pairwise key in the 4-way handshake
https://notcve.org/view.php?id=CVE-2017-13077
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. Wi-Fi Protected Access (WPA y WPA2) permite la reinstalación de la clave temporal (TK) PTK (Pairwise Transient Key) durante la negociación en cuatro pasos, haciendo que un atacante que se sitúe entro del radio responda, descifre o suplante frames. A new exploitation technique called key reinstallation attacks (KRACKs) affecting WPA2 has been discovered. A remote attacker within Wi-Fi range could exploit this attack to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by reinstalling a previously used pairwise key (PTK-TK) during a 4-way handshake. • http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt http://www.debian.org/security/2017/dsa-3999 http://www.kb.cert.org/vuls/id/228519 http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html http://www.securityfocus.com/bid/101274 http://www.securitytracker.com/id/1039573 http://www.securitytracker.com/id/1039576 http://www.securitytracker.com/id/1039577 http://www.security • CWE-323: Reusing a Nonce, Key Pair in Encryption CWE-330: Use of Insufficiently Random Values •