CVSS: 9.3EPSS: 9%CPEs: 195EXPL: 3CVE-2014-2927 – F5 Big-IP - rsync Access
https://notcve.org/view.php?id=CVE-2014-2927
The rsync daemon in F5 BIG-IP 11.6 before 11.6.0, 11.5.1 before HF3, 11.5.0 before HF4, 11.4.1 before HF4, 11.4.0 before HF7, 11.3.0 before HF9, and 11.2.1 before HF11 and Enterprise Manager 3.x before 3.1.1 HF2, when configured in failover mode, does not require authentication, which allows remote attackers to read or write to arbitrary files via a cmi request to the ConfigSync IP address. El demonio rsync en F5 BIG-IP 11.6 anterior a 11.6.0, 11.5.1 anterior a HF3, 11.5.0 anterior a HF4, 11.4.1 anterior a HF4, 11.4.0 anterior a HF7, 11.3.0 anterior a HF9, y 11.2.1 anterior a HF11 y Enterprise Manager 3.x anterior a 3.1.1 HF2, cuando se configura por error en modo de conmutador, no requiere autenticación, lo que permite a atacantes remotos escribir ficheros arbitrarios a través de peticiones cmi a la dirección IP del ConfigSync. • https://www.exploit-db.com/exploits/34465 http://www.exploit-db.com/exploits/34465 http://www.security-assessment.com/files/documents/advisory/F5_Unauthenticated_rsync_access_to_Remote_Root_Code_Execution.pdf https://support.f5.com/kb/en-us/solutions/public/15000/200/sol15236.html • CWE-287: Improper Authentication •
CVSS: 4.3EPSS: 0%CPEs: 150EXPL: 1CVE-2014-4023 – F5 BIG-IP 11.5.1 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2014-4023
Cross-site scripting (XSS) vulnerability in tmui/dashboard/echo.jsp in the Configuration utility in F5 BIG-IP LTM, APM, ASM, GTM, and Link Controller 11.0.0 before 11.6.0 and 10.1.0 through 10.2.4, AAM 11.4.0 before 11.6.0, AFM and PEM 11.3.0 before 11.6.0, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 11.0.0 through 11.3.0 and 10.1.0 through 10.2.4, and PSM 11.0.0 through 11.4.1 and 10.1.0 through 10.2.4 and Enterprise Manager 3.0.0 through 3.1.1 and 2.1.0 through 2.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en tmui/dashboard/echo.jsp en la utilidad Configuration en F5 BIG-IP LTM, APM, ASM, GTM, y Link Controller 11.0.0 anterior a 11.6.0 y 10.1.0 hasta 10.2.4, AAM 11.4.0 anterior a 11.6.0, AFM y PEM 11.3.0 anterior a 11.6.0, Analytics 11.0.0 hasta 11.5.1, Edge Gateway, WebAccelerator, y WOM 11.0.0 hasta 11.3.0 y 10.1.0 hasta 10.2.4, y PSM 11.0.0 hasta 11.4.1 y 10.1.0 hasta 10.2.4 y Enterprise Manager 3.0.0 hasta 3.1.1 y 2.1.0 hasta 2.3.0 permite a atacantes remotos inyectar secuencias de comandos web arbitrarios a través de vectores no especificados. F5 BIG-IP versions 11.5.1 and below suffer from a reflective cross site scripting vulnerability. • http://www.securitytracker.com/id/1030776 https://support.f5.com/kb/en-us/solutions/public/15000/500/sol15532.html https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140828-F5_BIG-IP_Reflected_XSS_v10.txt • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 28EXPL: 0CVE-2014-3959
https://notcve.org/view.php?id=CVE-2014-3959
Cross-site scripting (XSS) vulnerability in list.jsp in the Configuration utility in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, GTM, and Link Controller 11.2.1 through 11.5.1, AAM 11.4.0 through 11.5.1 PEM 11.3.0 through 11.5.1, PSM 11.2.1 through 11.4.1, WebAccelerator and WOM 11.2.1 through 11.3.0, and Enterprise Manager 3.0.0 through 3.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. Vulnerabilidad de XSS en list.jsp en la utilidad de configuración en F5 BIG-IP LTM, AFM, Analytics, APM, ASM, GTM y Link Controller 11.2.1 hasta 11.5.1, AAM 11.4.0 hasta 11.5.1, PEM 11.3.0 hasta 11.5.1, PSM 11.2.1 hasta 11.4.1, WebAccelerator y WOM 11.2.1 hasta 11.3.0 y Enterprise Manager 3.0.0 hasta 3.1.1 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de parámetros no especificados. • http://secunia.com/advisories/58969 http://support.f5.com/kb/en-us/solutions/public/15000/200/sol15296.html http://www.securityfocus.com/bid/67771 http://www.securitytracker.com/id/1030319 http://www.securitytracker.com/id/1030320 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 91%CPEs: 35EXPL: 0CVE-2014-0101 – kernel: net: sctp: null pointer dereference when processing authenticated cookie_echo chunk
https://notcve.org/view.php?id=CVE-2014-0101
The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the Linux kernel through 3.13.6 does not validate certain auth_enable and auth_capable fields before making an sctp_sf_authenticate call, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an SCTP handshake with a modified INIT chunk and a crafted AUTH chunk before a COOKIE_ECHO chunk. La función sctp_sf_do_5_1D_ce en net/sctp/sm_statefuns.c en el kernel de Linux hasta la versión 3.13.6 no valida ciertos campos auth_enable y auth_capable antes de hacer una llamada sctp_sf_authenticate, lo que permite a atacantes remotos provocar una denegación de servicio (referencia a puntero NULL y caída del sistema) a través de un SCTP handshake con un fragmento INIT modificado y un fragmento AUTH manipulado anterior a un fragmento COOKIE_ECHO. A flaw was found in the way the Linux kernel processed an authenticated COOKIE_ECHO chunk during the initialization of an SCTP connection. A remote attacker could use this flaw to crash the system by initiating a specially crafted SCTP handshake in order to trigger a NULL pointer dereference on the system. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ec0223ec48a90cb605244b45f7c62de856403729 http://rhn.redhat.com/errata/RHSA-2014-0328.html http://rhn.redhat.com/errata/RHSA-2014-0419.html http://rhn.redhat.com/errata/RHSA-2014-0432.html http://secunia.com/advisories/59216 http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15317.html http://www.openwall.com/lists/oss-security/2014/03/04/6 http://www.securityfocus.com/bid/65943 h • CWE-476: NULL Pointer Dereference •
CVSS: 9.0EPSS: 0%CPEs: 37EXPL: 0CVE-2012-3163 – mysql: unspecified vulnerability related to Information Schema (CPU Oct 2012)
https://notcve.org/view.php?id=CVE-2012-3163
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema. Vulnerabilidad no especificada en el componente MySQL Server en Oracle MySQL v5.1.64 y anteriores, y v5.5.26 y anteriores, permite a usuarios remotos autenticados a afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con Information Schema. • http://rhn.redhat.com/errata/RHSA-2012-1462.html http://secunia.com/advisories/51177 http://secunia.com/advisories/51309 http://secunia.com/advisories/53372 http://secunia.com/advisories/56509 http://secunia.com/advisories/56513 http://security.gentoo.org/glsa/glsa-201308-06.xml http://support.f5.com/kb/en-us/solutions/public/14000/900/sol14907.html http://www.debian.org/security/2012/dsa-2581 http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http:/&# •