CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2012-6088
https://notcve.org/view.php?id=CVE-2012-6088
The rpmpkgRead function in lib/package.c in RPM 4.10.x before 4.10.2 does not return an error code in certain situations involving an "unparseable signature," which allows remote attackers to bypass RPM signature checks via a crafted package. La función rpmpkgRead en lib/package.c en RPM v4.10.x antes de v4.10.2 no devuelve un código de error en determinadas situaciones relacionadas con una "firma no analizable", lo que permite a atacantes remotos evitar los controles de firmas a través de un paquete RPM diseñado para tal fin. • http://rpm.org/gitweb?p=rpm.git%3Ba=commitdiff%3Bh=3d74c43 http://rpm.org/wiki/Releases/4.10.2 http://secunia.com/advisories/51706 http://www.openwall.com/lists/oss-security/2013/01/03/9 http://www.securityfocus.com/bid/57138 http://www.ubuntu.com/usn/USN-1694-1 https://bugzilla.novell.com/show_bug.cgi?id=796375 https://exchange.xforce.ibmcloud.com/vulnerabilities/80953 • CWE-255: Credentials Management Errors •
CVSS: 7.6EPSS: 4%CPEs: 105EXPL: 0CVE-2012-0061 – rpm: improper validation of header contents total size in headerLoad()
https://notcve.org/view.php?id=CVE-2012-0061
The headerLoad function in lib/header.c in RPM before 4.9.1.3 does not properly validate region tags, which allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large region size in a package header. La función headerLoad de lib/header.c de RPM anteriores a 4.9.1.3 no validan apropiadamente las etiquetas "region", lo que permite a atacantes remotos asistidos por el usuario provocar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de tamaño extenso de "region" en una cabecera de paquete. • http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077960.html http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078819.html http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078907.html http://rhn.redhat.com/errata/RHSA-2012-0451.html http://rhn.redhat.com/errata/RHSA-2012-0531.html http://rpm.org/gitweb?p=rpm.git%3Ba=commitdiff%3Bh=472e569562d4c90d7a298080e0052856aa7fa86b http://rpm.org/gitweb?p=rpm.git%3Ba=commitdiff%3Bh=858a328cd0f7d4bcd8500c78faaf00e4f8033df6 • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.6EPSS: 4%CPEs: 105EXPL: 0CVE-2012-0060 – rpm: insufficient validation of region tags
https://notcve.org/view.php?id=CVE-2012-0060
RPM before 4.9.1.3 does not properly validate region tags, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an invalid region tag in a package header to the (1) headerLoad, (2) rpmReadSignature, or (3) headerVerify function. RPM en versiones anteriores a la 4.9.1.3 no valida apropiadamente las etiquetas "region", lo que permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de una etiqueta "region" inválida en una cabecera de paquete de la función (1) headerLoad, (2) rpmReadSignature o (3) headerVerify. • http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077960.html http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078819.html http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078907.html http://rhn.redhat.com/errata/RHSA-2012-0451.html http://rhn.redhat.com/errata/RHSA-2012-0531.html http://rpm.org/gitweb?p=rpm.git%3Ba=commitdiff%3Bh=e4eab2bc6d07cfd33f740071de7ddbb2fe2f4190 http://rpm.org/gitweb?p=rpm.git%3Ba=commitdiff%3Bh=f23998251992b8ae25faf5113c42fee2c49c7f29 • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.6EPSS: 5%CPEs: 105EXPL: 0CVE-2012-0815 – rpm: incorrect handling of negated offsets in headerVerifyInfo()
https://notcve.org/view.php?id=CVE-2012-0815
The headerVerifyInfo function in lib/header.c in RPM before 4.9.1.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a negative value in a region offset of a package header, which is not properly handled in a numeric range comparison. La función headerVerifyInfo de lib/header.c de RPM anteriores a 4.9.1.3 permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de un valor negativo en un elemento "region offset" de una cabecera de paquete, que no es manejado apropiadamente en una comparación de rango numérico. • http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077960.html http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078819.html http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078907.html http://rhn.redhat.com/errata/RHSA-2012-0451.html http://rhn.redhat.com/errata/RHSA-2012-0531.html http://rpm.org/gitweb?p=rpm.git%3Ba=commitdiff%3Bh=472e569562d4c90d7a298080e0052856aa7fa86b http://rpm.org/gitweb?p=rpm.git%3Ba=commitdiff%3Bh=858a328cd0f7d4bcd8500c78faaf00e4f8033df6 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 6%CPEs: 12EXPL: 1CVE-2011-3378 – rpm: crashes and overflows on malformed header
https://notcve.org/view.php?id=CVE-2011-3378
RPM 4.4.x through 4.9.x, probably before 4.9.1.2, allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via an rpm package with crafted headers and offsets that are not properly handled when a package is queried or installed, related to (1) the regionSwab function, (2) the headerLoad function, and (3) multiple functions in rpmio/rpmpgp.c. RPM v4.4.x hasta v4.9.x, probablemente antes de v4.9.1.2, permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) y posiblemente ejecutar código arbitrario a través de un paquete RPM con cabeceras manipuladas y "offsets" que no son manipulados correctamente cuando un paquete es consultado o instalado, relacionado con (1) la función regionSwab, (2) la función headerLoad, y (3) múltiples funciones en rpmio/rpmpgp.c. • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691 http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00002.html http://rpm.org/gitweb?p=rpm.git%3Ba=commitdiff%3Bh=11a7e5d95a8ca8c7d4eaff179094afd8bb74fc3f http://rpm.org/gitweb?p=rpm.git%3Ba=commitdiff%3Bh=a48f0e20cbe2ababc88b2fc52fb7a281d6fc1656 http://rpm.org/wiki/Releases/4.9.1.2#Security http://www.mandriva.com/security/advisories?name=MDVSA-2011:143 http:&# • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •