CVSS: 7.9EPSS: 96%CPEs: 67EXPL: 1CVE-2011-0997 – dhclient: insufficient sanitization of certain DHCP response values
https://notcve.org/view.php?id=CVE-2011-0997
dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to dhclient-script. dhclient en ISC DHCP 3.0.x hasta la versión 4.2.x en versiones anteriores a 4.2.1-P1, 3.1-ESV en versiones anteriores a 3.1-ESV-R1 y 4.1-ESV en versiones anteriores a 4.1-ESV-R2 permite a atacantes remotos ejecutar comandos arbitrarios a través de metacaracteres shell en un nombre de anfitrión obtenido de un mensaje DHCP, como es demostrado por un nombre de anfitrión dado por dhclient-script. • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761 http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057888.html http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058279.html http://marc.info/?l=bugtraq&m=133226187115472&w=2 http://secunia.com/advisories/44037 http://secunia.com/advisories/44048 http://secunia.com/advisories/44089 http://secunia.com/advisories/44090 http://secunia.com/advisories/44103 http://secunia.com/advisories/44127&# • CWE-20: Improper Input Validation CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 5.0EPSS: 14%CPEs: 19EXPL: 5CVE-2011-0762 – vsftpd 2.3.2 - Denial of Service
https://notcve.org/view.php?id=CVE-2011-0762
The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 allows remote authenticated users to cause a denial of service (CPU consumption and process slot exhaustion) via crafted glob expressions in STAT commands in multiple FTP sessions, a different vulnerability than CVE-2010-2632. La función vsf_filename_passes_filter de ls.c de vsftpd en versiones anteriores a la 2.3.3 permite a usuarios autenticados remotos provocar una denegación de servicio (consumo de toda la CPU y agotamiento de los slots de procesos) a través de una expresión glob modificada en comandos STAT en múltiples sesiones FTP. Una vulnerabilidad distinta a la CVE-2010-2632. Vsftpd versions 2.3.2 on NetBSD and 2.3.0 on Ubuntu suffer from a remote denial of service vulnerability. • https://www.exploit-db.com/exploits/16270 ftp://vsftpd.beasts.org/users/cevans/untar/vsftpd-2.3.4/Changelog http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622741 http://cxib.net/stuff/vspoc232.c http://jvn.jp/en/jp/JVN37417423/index.html http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055881.html http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055882.html http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055957.html http&# • CWE-400: Uncontrolled Resource Consumption •
CVSS: 4.3EPSS: 0%CPEs: 22EXPL: 0CVE-2010-4180 – openssl: NETSCAPE_REUSE_CIPHER_CHANGE_BUG ciphersuite downgrade attack
https://notcve.org/view.php?id=CVE-2010-4180
OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier. OpenSSL en versiones anteriores a 0.9.8q y 1.0.x en versiones anteriores a 1.0.0c, cuando SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG está habilitado, no previene adecuadamente la modificación del conjunto de cifrado en la caché de sesión, lo que permite a atacantes remotos forzar la degradación para un cifrado no destinado a través de vectores que involucran rastreo de tráfico de red para descubrir un identificador de sesión. • http://cvs.openssl.org/chngview?cn=20131 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777 http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052027.html http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052315.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html& •
CVSS: 4.7EPSS: 0%CPEs: 12EXPL: 1CVE-2010-3849 – Linux Kernel 2.6.37 (RedHat / Ubuntu 10.04) - 'Full-Nelson.c' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2010-3849
The econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a sendmsg call that specifies a NULL value for the remote address field. La función econet_sendmsg en net/econet/af_econet.c en el kernel de Linux anteriores a v2.6.36.2, cuando se configura una dirección econet, permite a usuarios locales causar una denegación de servicio (desreferencia a puntero NULL y OOPS) a través de una llamada sendmsg que especifica un valor NULL para el campo de dirección remota. • https://www.exploit-db.com/exploits/15704 http://archives.neohapsis.com/archives/fulldisclosure/2010-12/0086.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fa0e846494792e722d817b9d3d625a4ef4896c96 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html http://openwall.com/lists/oss-security/2010/11 • CWE-476: NULL Pointer Dereference •
CVSS: 2.1EPSS: 0%CPEs: 12EXPL: 2CVE-2010-3850 – Linux Kernel 2.6.37 (RedHat / Ubuntu 10.04) - 'Full-Nelson.c' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2010-3850
The ec_dev_ioctl function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2 does not require the CAP_NET_ADMIN capability, which allows local users to bypass intended access restrictions and configure econet addresses via an SIOCSIFADDR ioctl call. La función ec_dev_ioctl en net/econet/af_econet.c en el kernel de Linux anteriores a v2.6.36.2 no requiere la capacidad CAP_NET_ADMIN, que permite a usuarios locales evitar las restricciones de acceso y configurar las direcciones econet a través de una llamada SIOCSIFADDR ioctl. • https://www.exploit-db.com/exploits/15704 https://www.exploit-db.com/exploits/17787 http://archives.neohapsis.com/archives/fulldisclosure/2010-12/0086.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=16c41745c7b92a243d0874f534c1655196c64b74 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html http&# •