CVE-2018-5379 – quagga: Double free vulnerability in bgpd when processing certain forms of UPDATE message allowing to crash or potentially execute arbitrary code
https://notcve.org/view.php?id=CVE-2018-5379
The Quagga BGP daemon (bgpd) prior to version 1.2.3 can double-free memory when processing certain forms of UPDATE message, containing cluster-list and/or unknown attributes. A successful attack could cause a denial of service or potentially allow an attacker to execute arbitrary code. El demonio Quagga BGP (bgpd), en versiones anteriores a la 1.2.3, puede realizar una doble liberación (double free) de memoria al procesar ciertos formularios de un mensaje UPDATE que contienen atributos cluster-list y/o desconocidos. Un ataque con éxito podría provocar una denegación de servicio (DoS) o permitir que un atacante ejecute código arbitrario. A double-free vulnerability was found in Quagga. • http://savannah.nongnu.org/forum/forum.php?forum_id=9095 http://www.kb.cert.org/vuls/id/940439 http://www.securityfocus.com/bid/103105 https://access.redhat.com/errata/RHSA-2018:0377 https://cert-portal.siemens.com/productcert/pdf/ssa-451142.pdf https://gogs.quagga.net/Quagga/quagga/src/master/doc/security/Quagga-2018-1114.txt https://lists.debian.org/debian-lts-announce/2018/02/msg00021.html https://security.gentoo.org/glsa/201804-17 https://usn.ubuntu.com/3573-1 • CWE-415: Double Free CWE-416: Use After Free •
CVE-2015-5537
https://notcve.org/view.php?id=CVE-2015-5537
The SSL layer of the HTTPS service in Siemens RuggedCom ROS before 4.2.0 and ROX II does not properly implement CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a different vulnerability than CVE-2014-3566. Vulnerabilidad en la capa SSL del servicio HTTPS en Siemens RuggedCom ROS en versiones anteriores a 4.2.0 y ROX II, no implementa adecuadamente el padding en CBC, lo cual facilita a atacantes man-in-the-middle obtener texto plano a través de un ataque padding-oracle, vulnerabilidad diferente a CVE-2014-3566. • http://www.securitytracker.com/id/1033022 http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-396873.pdf https://ics-cert.us-cert.gov/advisories/ICSA-15-202-03A • CWE-312: Cleartext Storage of Sensitive Information •
CVE-2012-4698
https://notcve.org/view.php?id=CVE-2012-4698
Siemens RuggedCom Rugged Operating System (ROS) before 3.12, ROX I OS through 1.14.5, ROX II OS through 2.3.0, and RuggedMax OS through 4.2.1.4621.22 use hardcoded private keys for SSL and SSH communication, which makes it easier for man-in-the-middle attackers to spoof servers and decrypt network traffic by leveraging the availability of these keys within ROS files at all customer installations. Siemens Ruggedcom Rugged Operating System (ROS) antes de v3.12, ROX I OS hasta v1.14.5, ROX II OS hasta v2.3.0 y RuggedMax OS hasta v4.2.1.4621.22 usa claves privadas para comunicaciones SSL y SSH escritas en código, lo que hace que sea más fácil para atacantes man-in-the-middle el crear servidores falsos y descifrar el tráfico de red aprovechándose de la disponibilidad de estas claves dentro de los archivos de ROS en todas las instalaciones de los clientes. • http://ics-cert.us-cert.gov/advisories/ICSA-12-354-01A http://www.ruggedcom.com/productbulletin/ros-security-page http://www.us-cert.gov/control_systems/pdf/ICSA-12-354-01.pdf https://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-622607.pdf • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •