CVE-2023-4641 – Shadow-utils: possible password leak during passwd(1) change
https://notcve.org/view.php?id=CVE-2023-4641
A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from the memory. Se encontró una falla en Shadow-Utils. • https://access.redhat.com/errata/RHSA-2023:6632 https://access.redhat.com/errata/RHSA-2023:7112 https://access.redhat.com/errata/RHSA-2024:0417 https://access.redhat.com/errata/RHSA-2024:2577 https://access.redhat.com/security/cve/CVE-2023-4641 https://bugzilla.redhat.com/show_bug.cgi?id=2215945 • CWE-287: Improper Authentication CWE-303: Incorrect Implementation of Authentication Algorithm •
CVE-2023-46847 – Squid: denial of service in http digest authentication
https://notcve.org/view.php?id=CVE-2023-46847
Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication. Squid es vulnerable a una Denegación de Servicio, donde un atacante remoto puede realizar un ataque de desbordamiento de búfer escribiendo hasta 2 MB de datos arbitrarios en la memoria acumulada cuando Squid está configurado para aceptar la autenticación implícita HTTP. • https://access.redhat.com/errata/RHSA-2023:6266 https://access.redhat.com/errata/RHSA-2023:6267 https://access.redhat.com/errata/RHSA-2023:6268 https://access.redhat.com/errata/RHSA-2023:6748 https://access.redhat.com/errata/RHSA-2023:6801 https://access.redhat.com/errata/RHSA-2023:6803 https://access.redhat.com/errata/RHSA-2023:6804 https://access.redhat.com/errata/RHSA-2023:6805 https://access.redhat.com/errata/RHSA-2023:6810 https://access.redhat.com/errata/RHSA • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2023-46846 – Squid: request/response smuggling in http/1.1 and icap
https://notcve.org/view.php?id=CVE-2023-46846
SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems. SQUID es vulnerable al contrabando de solicitudes HTTP, causado por la indulgencia de los decodificadores fragmentados, lo que permite a un atacante remoto realizar el contrabando de solicitudes/respuestas a través del firewall y los sistemas de seguridad frontales. • https://access.redhat.com/errata/RHSA-2023:6266 https://access.redhat.com/errata/RHSA-2023:6267 https://access.redhat.com/errata/RHSA-2023:6268 https://access.redhat.com/errata/RHSA-2023:6748 https://access.redhat.com/errata/RHSA-2023:6801 https://access.redhat.com/errata/RHSA-2023:6803 https://access.redhat.com/errata/RHSA-2023:6804 https://access.redhat.com/errata/RHSA-2023:6810 https://access.redhat.com/errata/RHSA-2023:7213 https://access.redhat.com/security/cve • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVE-2023-3972 – Insights-client: unsafe handling of temporary files and directories
https://notcve.org/view.php?id=CVE-2023-3972
A vulnerability was found in insights-client. This security issue occurs because of insecure file operations or unsafe handling of temporary files and directories that lead to local privilege escalation. Before the insights-client has been registered on the system by root, an unprivileged local user or attacker could create the /var/tmp/insights-client directory (owning the directory with read, write, and execute permissions) on the system. After the insights-client is registered by root, an attacker could then control the directory content that insights are using by putting malicious scripts into it and executing arbitrary code as root (trivially bypassing SELinux protections because insights processes are allowed to disable SELinux system-wide). Se encontró una vulnerabilidad en insights-client. • https://access.redhat.com/errata/RHSA-2023:6264 https://access.redhat.com/errata/RHSA-2023:6282 https://access.redhat.com/errata/RHSA-2023:6283 https://access.redhat.com/errata/RHSA-2023:6284 https://access.redhat.com/errata/RHSA-2023:6795 https://access.redhat.com/errata/RHSA-2023:6796 https://access.redhat.com/errata/RHSA-2023:6798 https://access.redhat.com/errata/RHSA-2023:6811 https://access.redhat.com/security/cve/CVE-2023-3972 https://bugzilla.redhat.com/show • CWE-379: Creation of Temporary File in Directory with Insecure Permissions CWE-668: Exposure of Resource to Wrong Sphere •
CVE-2023-5367 – Xorg-x11-server: out-of-bounds write in xichangedeviceproperty/rrchangeoutputproperty
https://notcve.org/view.php?id=CVE-2023-5367
A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in randr/rrproperty.c, allowing for possible escalation of privileges or denial of service. Se encontró una falla de escritura fuera de los límites en el servidor xorg-x11. Este problema ocurre debido a un cálculo incorrecto de un desplazamiento del búfer al copiar datos almacenados en el montón en la función XIChangeDeviceProperty en Xi/xiproperty.c y en la función RRChangeOutputProperty en randr/rrproperty.c, lo que permite una posible escalada de privilegios o Denegación de Servicio (DoS). . This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. • https://access.redhat.com/errata/RHSA-2023:6802 https://access.redhat.com/errata/RHSA-2023:6808 https://access.redhat.com/errata/RHSA-2023:7373 https://access.redhat.com/errata/RHSA-2023:7388 https://access.redhat.com/errata/RHSA-2023:7405 https://access.redhat.com/errata/RHSA-2023:7428 https://access.redhat.com/errata/RHSA-2023:7436 https://access.redhat.com/errata/RHSA-2023:7526 https://access.redhat.com/errata/RHSA-2023:7533 https://access.redhat.com/errata/RHSA • CWE-787: Out-of-bounds Write •