CVSS: 6.8EPSS: 13%CPEs: 35EXPL: 3CVE-2008-1447 – BIND 9.4.1 < 9.4.2 - Remote DNS Cache Poisoning
https://notcve.org/view.php?id=CVE-2008-1447
The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug." El protocolo DNS, como es implementado en (1) BIND 8 y 9 en versiones anteriores a 9.5.0-P1, 9.4.2-P1 y 9.3.5-P1; (2) Microsoft DNS en Windows 2000 SP4, XP SP2 y SP3 y Server 2003 SP1 y SP2; y otras implementaciones permiten a atacantes remotos suplantar el tráfico DNS a través de un ataque de un cumpleaños que usa referencias in-bailiwick para llevar a cabo un envenenamiento del caché contra resolutores recursivos, relacionado con la insifuciente aleatoriedad de la ID de la transacción DNS y los puertos de origen, vulnerabilidad también conocida como "DNS Insufficient Socket Entropy Vulnerability" o "the Kaminsky bug". • https://www.exploit-db.com/exploits/6122 https://www.exploit-db.com/exploits/6130 https://www.exploit-db.com/exploits/6123 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID • CWE-331: Insufficient Entropy •
CVSS: 5.0EPSS: 0%CPEs: 18EXPL: 0CVE-2008-2364 – httpd: mod_proxy_http DoS via excessive interim responses from the origin server
https://notcve.org/view.php?id=CVE-2008-2364
The ap_proxy_http_process_response function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server 2.0.63 and 2.2.8 does not limit the number of forwarded interim responses, which allows remote HTTP servers to cause a denial of service (memory consumption) via a large number of interim responses. La función ap_proxy_http_process_response en mod_proxy_http.c en el modulo mod_proxy en el Servidor HTTP Apache 2.0.63 y 2.2.8 no limita el número de respuestas de desvío provisionales, lo que permite a servidores HTTP causar una denegación de servicio (memory consumption) a través de un gran número de respuestas provisionales. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01539432 http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html http://marc.info/?l=bugtraq&m=123376588623823&w=2 http://marc.info/?l=bugtraq&m=125631037611762&w=2 http://rhn.redhat.com/errata/RHSA-2008-0967.html http://secunia.com/advisories/30621 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 8.5EPSS: 0%CPEs: 5EXPL: 0CVE-2008-2112
https://notcve.org/view.php?id=CVE-2008-2112
Unspecified vulnerability in Sun Ray Kiosk Mode 4.0 allows local and remote authenticated Sun Ray administrators to gain root privileges via unknown vectors related to utconfig. Vulnerabilidad sin especificar en Sun Ray Kiosk Mode 4.0, permite a administradores autenticados locales y remotos de Sun Ray, obtener privilegios a través de vectores desconocidos relacionados con utconfig. • http://secunia.com/advisories/30130 http://sunsolve.sun.com/search/document.do?assetkey=1-26-236944-1 http://www.securityfocus.com/bid/29092 http://www.securitytracker.com/id?1019993 http://www.vupen.com/english/advisories/2008/1454/references https://exchange.xforce.ibmcloud.com/vulnerabilities/42262 •
CVSS: 6.8EPSS: 14%CPEs: 88EXPL: 2CVE-2008-0411 – Ghostscript 8.0.1/8.15 - 'zseticcspace()' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2008-0411
Stack-based buffer overflow in the zseticcspace function in zicc.c in Ghostscript 8.61 and earlier allows remote attackers to execute arbitrary code via a postscript (.ps) file containing a long Range array in a .seticcspace operator. Desbordamiento de búfer basado en pila en la función zseticcspace de zicc.c en Ghostscript 8.61 y anteriores permite a atacantes remotos ejecutar código de su elección a través de un archivo postscript (.ps) que contiene un array de Range (rango) largo en un operador .seticcspace. • https://www.exploit-db.com/exploits/31309 http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00009.html http://scary.beasts.org/security/CESA-2008-001.html http://secunia.com/advisories/29101 http://secunia.com/advisories/29103 http://secunia.com/advisories/29112 http://secunia.com/advisories/29135 http://secunia.com/advisories/29147 http://secunia.com/advisories/29154 http://secunia.com/advisories/29169 http://secunia.com/advisories/29196 http://secunia.com/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: 16%CPEs: 8EXPL: 0CVE-2008-0003 – tog-pegasus pam authentication buffer overflow
https://notcve.org/view.php?id=CVE-2008-0003
Stack-based buffer overflow in the PAMBasicAuthenticator::PAMCallback function in OpenPegasus CIM management server (tog-pegasus), when compiled to use PAM and without PEGASUS_USE_PAM_STANDALONE_PROC defined, might allow remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2007-5360. Un desbordamiento del búfer en la región stack de la memoria en la función PAMBasicAuthenticator::PAMCallback en el servidor de administración de OpenPegasus CIM (tog-pegasus), cuando es compilado para usar PAM y sin PEGASUS_USE_PAM_STANDALONE_PROC definida, podría permitir a atacantes remotos ejecutar código arbitrario por medio de vectores desconocidos, una vulnerabilidad diferente de CVE -2007-5360. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01438409 http://lists.vmware.com/pipermail/security-announce/2008/000014.html http://osvdb.org/40082 http://secunia.com/advisories/28338 http://secunia.com/advisories/28462 http://secunia.com/advisories/29056 http://secunia.com/advisories/29785 http://secunia.com/advisories/29986 http://securitytracker.com/id?1019159 http://www.attrition.org/pipermail/vim/2008-January/001879.html http://www.redhat.com/support/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •