CVSS: 7.5EPSS: 97%CPEs: 54EXPL: 16CVE-2014-0160 – OpenSSL Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2014-0160
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug. Las implementaciones de (1) TLS y (2) DTLS en OpenSSL 1.0.1 en versiones anteriores a 1.0.1g no manejan adecuadamente paquetes Heartbeat Extension, lo que permite a atacantes remotos obtener información sensible desde la memoria de proceso a través de paquetes manipulados que desencadenan una sobrelectura del buffer, según lo demostrado mediante la lectura de claves privadas, relacionado con d1_both.c y t1_lib.c, también conocido como bug Heartbleed. An information disclosure flaw was found in the way OpenSSL handled TLS and DTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server could send a specially crafted TLS or DTLS Heartbeat packet to disclose a limited portion of memory per request from a connected client or server. Note that the disclosed portions of memory could potentially include sensitive information such as private keys. • https://www.exploit-db.com/exploits/32764 https://www.exploit-db.com/exploits/32791 https://www.exploit-db.com/exploits/32998 https://www.exploit-db.com/exploits/32745 https://github.com/0x90/CVE-2014-0160 https://github.com/jdauphant/patch-openssl-CVE-2014-0160 https://github.com/caiqiqi/OpenSSL-HeartBleed-CVE-2014-0160-PoC https://github.com/obayesshelton/CVE-2014-0160-Scanner https://github.com/MrE-Fog/CVE-2014-0160-Chrome-Plugin https://github.com/Xyl2k/CVE-2014&# • CWE-125: Out-of-bounds Read CWE-201: Insertion of Sensitive Information Into Sent Data •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2014-1696
https://notcve.org/view.php?id=CVE-2014-1696
Siemens SIMATIC WinCC OA before 3.12 P002 January uses a weak hash algorithm for passwords, which makes it easier for remote attackers to obtain access via a brute-force attack. Siemens SIMATIC WinCC OA anterior a 3.12 P002 January usa un algoritmo hash débil para las contraseñas, lo que hace más fácil para atacantes remotos obtener acceso a través de un ataque de fuerza bruta. • http://ics-cert.us-cert.gov/advisories/ICSA-14-035-01 http://osvdb.org/102809 http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-342587.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/90934 • CWE-310: Cryptographic Issues •
CVSS: 5.0EPSS: 2%CPEs: 1EXPL: 0CVE-2014-1699
https://notcve.org/view.php?id=CVE-2014-1699
Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attackers to cause a denial of service (monitoring-service outage) via malformed HTTP requests to port 4999. Siemens SIMATIC WinCC OA anterior a 3.12 P002 January permite a atacantes remotos causar una denegación de servicio (interrupción del servicio de monitorización) a través de peticiones HTTP malformadas hacia el puerto TCP 4999. • http://ics-cert.us-cert.gov/advisories/ICSA-14-035-01 http://osvdb.org/102812 http://secunia.com/advisories/56651 http://www.securityfocus.com/bid/65347 http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-342587.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/90936 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 0CVE-2014-1697
https://notcve.org/view.php?id=CVE-2014-1697
The integrated web server in Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attackers to execute arbitrary code via crafted packets to TCP port 4999. El servidor Web integrado en Siemens SIMATIC WinCC OA anterior a 3.12 P002 January permite a atacantes remotos ejecutar código arbitrario a través de paquetes manipulados hacia el puerto TCP 4999. • http://ics-cert.us-cert.gov/advisories/ICSA-14-035-01 http://osvdb.org/102810 http://secunia.com/advisories/56651 http://www.securityfocus.com/bid/65351 http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-342587.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/90933 •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2014-1698
https://notcve.org/view.php?id=CVE-2014-1698
Directory traversal vulnerability in Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attackers to read arbitrary files via crafted packets to TCP port 4999. Vulnerabilidad de salto de directorio en Siemens SIMATIC WinCC OA anterior a 3.12 P002 January permite a atacantes remotos leer archivos arbitrarios a través de paquetes manipulados hacia el puerto TCP 4999. • http://ics-cert.us-cert.gov/advisories/ICSA-14-035-01 http://osvdb.org/102811 http://secunia.com/advisories/56651 http://www.securityfocus.com/bid/65349 http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-342587.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/90935 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •