CVE-2013-2031
https://notcve.org/view.php?id=CVE-2013-2031
MediaWiki before 1.19.6 and 1.20.x before 1.20.5 allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated by a CDATA section containing valid UTF-7 encoded sequences in a SVG file, which is then incorrectly interpreted as UTF-8 by Chrome and Firefox. MediaWiki anteriores a 1.19.6, y 1.20.x anteriores a 1.20.5, permite a atacantes remotos realizar ataques cross-site scripting (XSS), como demostrado por una sección CDATA conteniendo secuencias válidas codificadas con UTF-7 en un fichero SVG, el cual es interpretado incorrectamente como UTF-8 por Chrome y Firefox. • http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105784.html http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105825.html http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106293.html http://lists.wikimedia.org/pipermail/mediawiki-announce/2013-April/000129.html http://secunia.com/advisories/55433 http://secunia.com/advisories/57472 http://security.gentoo.org/glsa/glsa-201310-21.xml http://www.debian.org/security/2014/dsa-2891 http://www • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2013-2032
https://notcve.org/view.php?id=CVE-2013-2032
MediaWiki before 1.19.6 and 1.20.x before 1.20.5 does not allow extensions to prevent password changes without using both Special:PasswordReset and Special:ChangePassword, which allows remote attackers to bypass the intended restrictions of an extension that only implements one of these blocks. MediaWiki anteriores a 1.19.6, y 1.20.x anteriores a 1.20.5 no permite a las extensiones prevenir cambios en las contraseñas sin usar Special:PasswordReset y Special:ChangePassword, lo cual permite a atacantes remotos sortear restricciones de acceso en extensiones que sólo implementan uno de estos bloques. • http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105784.html http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105825.html http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106293.html http://lists.wikimedia.org/pipermail/mediawiki-announce/2013-April/000129.html http://secunia.com/advisories/55433 http://security.gentoo.org/glsa/glsa-201310-21.xml https://bugzilla.wikimedia.org/show_bug.cgi?id=46590 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2010-1159 – Aircrack-NG Tools svn r1675 - Remote Heap Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2010-1159
Multiple heap-based buffer overflows in Aircrack-ng before 1.1 allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a (1) large length value in an EAPOL packet or (2) long EAPOL packet. Múltiples desbordamientos de buffer basados en memoria dinámica en Aircrack-ng anteriores a 1.1 permiten a atacantes remotos causar denegación de servicio (caída) y ejecutar código arbitrario a través de (1) un valor grande en un paquete EAPOL o (2) un paquete EAPOL grande. • https://www.exploit-db.com/exploits/12217 http://pyrit.googlecode.com/svn/tags/opt/aircrackng_exploit.py http://secunia.com/advisories/39150 http://secunia.com/advisories/55053 http://security.gentoo.org/glsa/glsa-201310-06.xml http://svn.aircrack-ng.org/trunk/ChangeLog • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2011-1549
https://notcve.org/view.php?id=CVE-2011-1549
The default configuration of logrotate on Gentoo Linux uses root privileges to process files in directories that permit non-root write access, which allows local users to conduct symlink and hard link attacks by leveraging logrotate's lack of support for untrusted directories, as demonstrated by directories under /var/log/ for packages. La configuración por defecto en logrotate en Gentoo Linux utiliza privilegios de administrador para procear archivos en directorios que permite a no-administradores acceso de escritura, lo que permite a usuarios locales conducir ataques de enlace simbólico y enlace fijo aprovechándose de la falta de soporte en logrotate en directorios no confiables, como fue demostrado en directorios bajo /var/log/ para paquetes. • http://openwall.com/lists/oss-security/2011/03/04/16 http://openwall.com/lists/oss-security/2011/03/04/17 http://openwall.com/lists/oss-security/2011/03/04/18 http://openwall.com/lists/oss-security/2011/03/04/19 http://openwall.com/lists/oss-security/2011/03/04/22 http://openwall.com/lists/oss-security/2011/03/04/24 http://openwall.com/lists/oss-security/2011/03/04/25 http://openwall.com/lists/oss-security/2011/03/04/26 http://openwal • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2011-1548
https://notcve.org/view.php?id=CVE-2011-1548
The default configuration of logrotate on Debian GNU/Linux uses root privileges to process files in directories that permit non-root write access, which allows local users to conduct symlink and hard link attacks by leveraging logrotate's lack of support for untrusted directories, as demonstrated by /var/log/postgresql/. La configuración por defecto en logrotate en Debien GNU/Linux usa privilegios de administrador para procesar archivos en directorios que permite acceso de escritura a no-administradores, lo que permite a usuarios locales conducir ataques de enlace simbólico y enlace fijo aprovechándose de la falta de soporte en logrotate para directorios no confiables, como fue desmotrado por /var/log/postgresql/. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606544 http://openwall.com/lists/oss-security/2011/03/04/16 http://openwall.com/lists/oss-security/2011/03/04/17 http://openwall.com/lists/oss-security/2011/03/04/18 http://openwall.com/lists/oss-security/2011/03/04/19 http://openwall.com/lists/oss-security/2011/03/04/22 http://openwall.com/lists/oss-security/2011/03/04/24 http://openwall.com/lists/oss-security/2011/03/04/25 http://openwall • CWE-264: Permissions, Privileges, and Access Controls •