CVE-2016-0778 – OpenSSH: Client buffer-overflow when using roaming connections
https://notcve.org/view.php?id=CVE-2016-0778
The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly maintain connection file descriptors, which allows remote servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact by requesting many forwardings. Las funciones (1) roaming_read y (2) roaming_write en roaming_common.c en el cliente en OpenSSH 5.x, 6.x y 7.x en versiones anteriores a 7.1p2, cuando ciertas opciones proxy y forward se encuentran habilitadas, no mantiene adecuadamente los descriptores de archivo de conexión, lo que permite a servidores remotos causar una denegación de servicio (desbordamiento de buffer basado en memoria dinámica) o posiblemente tener otro impacto no especificado mediante la petición de varios reenvíos. A buffer overflow flaw was found in the way the OpenSSH client roaming feature was implemented. A malicious server could potentially use this flaw to execute arbitrary code on a successfully authenticated OpenSSH client if that client used certain non-default configuration options. • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10734 http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176516.html http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176349.html http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2016-01& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVE-2015-8605
https://notcve.org/view.php?id=CVE-2015-8605
ISC DHCP 4.x before 4.1-ESV-R12-P1, 4.2.x, and 4.3.x before 4.3.3-P1 allows remote attackers to cause a denial of service (application crash) via an invalid length field in a UDP IPv4 packet. ISC DHCP 4.x en versiones anteriores a 4.1-ESV-R12-P1, 4.2.x y 4.3.x en versiones anteriores a 4.3.3-P1 permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) a través de una longitud de campo no válida en un paquete UDP IPv4. • http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175594.html http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176031.html http://lists.opensuse.org/opensuse-updates/2016-02/msg00162.html http://lists.opensuse.org/opensuse-updates/2016-02/msg00168.html http://www.debian.org/security/2016/dsa-3442 http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html http://www.securityfocus.com/bid/80703 http://www.securitytracker.com/id/1034657 http • CWE-20: Improper Input Validation •
CVE-2014-2537
https://notcve.org/view.php?id=CVE-2014-2537
Memory leak in the TCP stack in the kernel in Sophos UTM before 9.109 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors. Fuga de memoria en la pila TCP en el kernel en Sophos UTM anterior a 9.109 permite a atacantes remotos causar una denegación de servicio (consumo de memoria) a través de vectores no especificados. • http://blogs.sophos.com/2014/02/20/utm-up2date-9-109 http://secunia.com/advisories/57344 http://www.securityfocus.com/bid/66231 http://www.securitytracker.com/id/1029920 • CWE-399: Resource Management Errors •
CVE-2013-5932
https://notcve.org/view.php?id=CVE-2013-5932
Unspecified vulnerability in WebAdmin in Sophos UTM (aka Astaro Security Gateway) before 9.105 has unknown impact and attack vectors. Vulnerabilidad no especificada en WebAdmin en Sophos UTM (aka Astaro Security Gateway) anterior a v9.105 tiene un impacto y vectores de ataque desconocidos. • http://blogs.sophos.com/2013/08/21/utm-up2date-9-105-released http://secunia.com/advisories/54881 http://www.securitytracker.com/id/1029039 •
CVE-2012-3238
https://notcve.org/view.php?id=CVE-2012-3238
Cross-site scripting (XSS) vulnerability in the Backup/Restore component in WebAdmin in Astaro Security Gateway before 8.305 allows remote attackers to inject arbitrary web script or HTML via the "Comment (optional)" field. vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en el componente Backup/Restore en WebAdmin en Astaro Security Gateway anteriores a v8.305, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del campo "Comment (opcional)". • http://archives.neohapsis.com/archives/fulldisclosure/2012-06/0206.html http://security.inshell.net/advisory/27 http://www.astaro.com/en-uk/blog/up2date/8305 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •