CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2016-7039 – kernel: remotely triggerable unbounded recursion in the vlan gro code leading to a kernel crash
https://notcve.org/view.php?id=CVE-2016-7039
12 Oct 2016 — The IP stack in the Linux kernel through 4.8.2 allows remote attackers to cause a denial of service (stack consumption and panic) or possibly have unspecified other impact by triggering use of the GRO path for large crafted packets, as demonstrated by packets that contain only VLAN headers, a related issue to CVE-2016-8666. La pila IP en el kernel de Linux hasta la versión 4.8.2 permite a atacantes remotos provocar una denegación de servicio (consumo de pila y pánico) o tener otro posible impacto no especif... • http://rhn.redhat.com/errata/RHSA-2016-2047.html • CWE-399: Resource Management Errors CWE-674: Uncontrolled Recursion •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-0617
https://notcve.org/view.php?id=CVE-2016-0617
30 Sep 2016 — Unspecified vulnerability in the kernel-uek component in Oracle Linux 6 allows local users to affect availability via unknown vectors. Vulnerabilidad no especificada en el componente kernel-uek en Oracle Linux 6 permite a usuarios locales afectar la disponibilidad a través de vectores no especificados. • http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html •
CVSS: 7.8EPSS: 97%CPEs: 49EXPL: 2CVE-2016-2776 – ISC BIND 9 - Denial of Service
https://notcve.org/view.php?id=CVE-2016-2776
28 Sep 2016 — buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query. buffer.c en named en ISC BIND 9 en versiones anteriores a 9.9.9-P3, 9.10.x en versiones anteriores a 9.10.4-P3 y 9.11.x en versiones anteriores a 9.11.0rc3 no construye respuestas adecuadamente, lo que permite a atacantes remotos provocar una denegación d... • https://www.exploit-db.com/exploits/40453 • CWE-20: Improper Input Validation CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 46%CPEs: 32EXPL: 0CVE-2016-2181 – openssl: DTLS replay protection bypass allows DoS against DTLS connection
https://notcve.org/view.php?id=CVE-2016-2181
16 Sep 2016 — The Anti-Replay feature in the DTLS implementation in OpenSSL before 1.1.0 mishandles early use of a new epoch number in conjunction with a large sequence number, which allows remote attackers to cause a denial of service (false-positive packet drops) via spoofed DTLS records, related to rec_layer_d1.c and ssl3_record.c. La funcionalidad Anti-Replay en la implementación DTLS en OpenSSL en versiones anteriores a 1.1.0 no maneja adecuadamente el uso temprano de un número de época nuevo en conjunción con un nú... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759 • CWE-20: Improper Input Validation CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 32%CPEs: 38EXPL: 0CVE-2016-2182 – openssl: Out-of-bounds write caused by unchecked errors in BN_bn2dec()
https://notcve.org/view.php?id=CVE-2016-2182
16 Sep 2016 — The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 does not properly validate division results, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors. La función BN_bn2dec en crypto/bn/bn_print.c en OpenSSL en versiones anteriores a 1.1.0 no valida adecuadamente resultados de la división, lo que permite a atacantes remotos provocar una denegación de servicio (escritura fuera de ... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759 • CWE-391: Unchecked Error Condition CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 40%CPEs: 32EXPL: 0CVE-2016-2179 – openssl: DTLS memory exhaustion DoS when messages are not removed from fragment buffer
https://notcve.org/view.php?id=CVE-2016-2179
16 Sep 2016 — The DTLS implementation in OpenSSL before 1.1.0 does not properly restrict the lifetime of queue entries associated with unused out-of-order messages, which allows remote attackers to cause a denial of service (memory consumption) by maintaining many crafted DTLS sessions simultaneously, related to d1_lib.c, statem_dtls.c, statem_lib.c, and statem_srvr.c. La implementación DTLS en OpenSSL en versiones anteriores a 1.1.0 no restringe adecuadamente la vida útil de entradas de cola asociadas con mensajes fuera... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759 • CWE-399: Resource Management Errors CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.5EPSS: 18%CPEs: 34EXPL: 0CVE-2016-6302 – openssl: Insufficient TLS session ticket HMAC length checks
https://notcve.org/view.php?id=CVE-2016-6302
16 Sep 2016 — The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short. La función tls_decrypt_ticket en ssl/t1_lib.c en OpenSSL en versiones anteriores a 1.1.0 no considera el tamaño HMAC durante la validación de la longitud del ticket, lo que permite a atacantes remotos provocar una denegación de servicio a través de un ticket que es muy corto. ... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759 • CWE-20: Improper Input Validation CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 1%CPEs: 14EXPL: 0CVE-2016-7166 – libarchive: Denial of service using a crafted gzip file
https://notcve.org/view.php?id=CVE-2016-7166
12 Sep 2016 — libarchive before 3.2.0 does not limit the number of recursive decompressions, which allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted gzip file. libarchive en versiones anteriores a 3.2.0 no limita el número de descompresiones recursivas, lo que permite a atacantes remotos provocar una denegación de servicio (consumo de memoria y caída de aplicación) a través de un archivo gzip manipulado. A vulnerability was found in libarchive. A specially craft... • http://rhn.redhat.com/errata/RHSA-2016-1844.html • CWE-399: Resource Management Errors CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.5EPSS: 0%CPEs: 16EXPL: 3CVE-2016-5418 – libarchive: Archive Entry with type 1 (hardlink), but has a non-zero data size file overwrite
https://notcve.org/view.php?id=CVE-2016-5418
12 Sep 2016 — The sandboxing code in libarchive 3.2.0 and earlier mishandles hardlink archive entries of non-zero data size, which might allow remote attackers to write to arbitrary files via a crafted archive file. El código sandboxing en libarchive 3.2.0 y versiones anteriores no maneja adecuadamente entradas de archivo de vínculo físico de datos de tamaño distinto de cero, lo que podría permitir a atacantes remotos escribir a archivos arbitrarios a través de un archivo manipulado. A flaw was found in the way libarchiv... • http://rhn.redhat.com/errata/RHSA-2016-1844.html • CWE-19: Data Processing Errors CWE-20: Improper Input Validation CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2016-5404 – ipa: Insufficient privileges check in certificate revocation
https://notcve.org/view.php?id=CVE-2016-5404
01 Sep 2016 — The cert_revoke command in FreeIPA does not check for the "revoke certificate" permission, which allows remote authenticated users to revoke arbitrary certificates by leveraging the "retrieve certificate" permission. El comando cert_revoke en FreeIPA no realiza comprobaciones para el permiso "certificado de revocación", lo que permite a usuarios remotos autenticados revocar certificados arbitrarios aprovechando el permiso "certificado de recuperación". An insufficient permission check issue was found in the... • http://rhn.redhat.com/errata/RHSA-2016-1797.html • CWE-284: Improper Access Control CWE-285: Improper Authorization •