CVSS: 7.8EPSS: 90%CPEs: 49EXPL: 4CVE-2016-2776 – ISC BIND 9 - Denial of Service
https://notcve.org/view.php?id=CVE-2016-2776
28 Sep 2016 — buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query. buffer.c en named en ISC BIND 9 en versiones anteriores a 9.9.9-P3, 9.10.x en versiones anteriores a 9.10.4-P3 y 9.11.x en versiones anteriores a 9.11.0rc3 no construye respuestas adecuadamente, lo que permite a atacantes remotos provocar una denegación d... • https://packetstorm.news/files/id/180551 • CWE-20: Improper Input Validation CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 19%CPEs: 32EXPL: 0CVE-2016-2179 – openssl: DTLS memory exhaustion DoS when messages are not removed from fragment buffer
https://notcve.org/view.php?id=CVE-2016-2179
16 Sep 2016 — The DTLS implementation in OpenSSL before 1.1.0 does not properly restrict the lifetime of queue entries associated with unused out-of-order messages, which allows remote attackers to cause a denial of service (memory consumption) by maintaining many crafted DTLS sessions simultaneously, related to d1_lib.c, statem_dtls.c, statem_lib.c, and statem_srvr.c. La implementación DTLS en OpenSSL en versiones anteriores a 1.1.0 no restringe adecuadamente la vida útil de entradas de cola asociadas con mensajes fuera... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759 • CWE-399: Resource Management Errors CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.5EPSS: 23%CPEs: 32EXPL: 0CVE-2016-2181 – openssl: DTLS replay protection bypass allows DoS against DTLS connection
https://notcve.org/view.php?id=CVE-2016-2181
16 Sep 2016 — The Anti-Replay feature in the DTLS implementation in OpenSSL before 1.1.0 mishandles early use of a new epoch number in conjunction with a large sequence number, which allows remote attackers to cause a denial of service (false-positive packet drops) via spoofed DTLS records, related to rec_layer_d1.c and ssl3_record.c. La funcionalidad Anti-Replay en la implementación DTLS en OpenSSL en versiones anteriores a 1.1.0 no maneja adecuadamente el uso temprano de un número de época nuevo en conjunción con un nú... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759 • CWE-20: Improper Input Validation CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 36%CPEs: 38EXPL: 0CVE-2016-2182 – openssl: Out-of-bounds write caused by unchecked errors in BN_bn2dec()
https://notcve.org/view.php?id=CVE-2016-2182
16 Sep 2016 — The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 does not properly validate division results, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors. La función BN_bn2dec en crypto/bn/bn_print.c en OpenSSL en versiones anteriores a 1.1.0 no valida adecuadamente resultados de la división, lo que permite a atacantes remotos provocar una denegación de servicio (escritura fuera de ... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759 • CWE-391: Unchecked Error Condition CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 5%CPEs: 34EXPL: 0CVE-2016-6302 – openssl: Insufficient TLS session ticket HMAC length checks
https://notcve.org/view.php?id=CVE-2016-6302
16 Sep 2016 — The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short. La función tls_decrypt_ticket en ssl/t1_lib.c en OpenSSL en versiones anteriores a 1.1.0 no considera el tamaño HMAC durante la validación de la longitud del ticket, lo que permite a atacantes remotos provocar una denegación de servicio a través de un ticket que es muy corto. ... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759 • CWE-20: Improper Input Validation CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 5%CPEs: 16EXPL: 3CVE-2016-5418 – libarchive: Archive Entry with type 1 (hardlink), but has a non-zero data size file overwrite
https://notcve.org/view.php?id=CVE-2016-5418
12 Sep 2016 — The sandboxing code in libarchive 3.2.0 and earlier mishandles hardlink archive entries of non-zero data size, which might allow remote attackers to write to arbitrary files via a crafted archive file. El código sandboxing en libarchive 3.2.0 y versiones anteriores no maneja adecuadamente entradas de archivo de vínculo físico de datos de tamaño distinto de cero, lo que podría permitir a atacantes remotos escribir a archivos arbitrarios a través de un archivo manipulado. A flaw was found in the way libarchiv... • http://rhn.redhat.com/errata/RHSA-2016-1844.html • CWE-19: Data Processing Errors CWE-20: Improper Input Validation CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.6EPSS: 2%CPEs: 2EXPL: 0CVE-2016-6250 – libarchive: Buffer overflow when writing large iso9660 containers
https://notcve.org/view.php?id=CVE-2016-6250
12 Sep 2016 — Integer overflow in the ISO9660 writer in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via vectors related to verifying filename lengths when writing an ISO9660 archive, which trigger a buffer overflow. Desbordamiento de entero en el escritor ISO9660 en libarchive en versiones anteriores a 3.2.1 permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o ejecutar código arbitrario a través de vectores r... • http://rhn.redhat.com/errata/RHSA-2016-1844.html • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 0CVE-2016-7166 – libarchive: Denial of service using a crafted gzip file
https://notcve.org/view.php?id=CVE-2016-7166
12 Sep 2016 — libarchive before 3.2.0 does not limit the number of recursive decompressions, which allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted gzip file. libarchive en versiones anteriores a 3.2.0 no limita el número de descompresiones recursivas, lo que permite a atacantes remotos provocar una denegación de servicio (consumo de memoria y caída de aplicación) a través de un archivo gzip manipulado. A vulnerability was found in libarchive. A specially craft... • http://rhn.redhat.com/errata/RHSA-2016-1844.html • CWE-399: Resource Management Errors CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2016-5404 – ipa: Insufficient privileges check in certificate revocation
https://notcve.org/view.php?id=CVE-2016-5404
01 Sep 2016 — The cert_revoke command in FreeIPA does not check for the "revoke certificate" permission, which allows remote authenticated users to revoke arbitrary certificates by leveraging the "retrieve certificate" permission. El comando cert_revoke en FreeIPA no realiza comprobaciones para el permiso "certificado de revocación", lo que permite a usuarios remotos autenticados revocar certificados arbitrarios aprovechando el permiso "certificado de recuperación". An insufficient permission check issue was found in the... • http://rhn.redhat.com/errata/RHSA-2016-1797.html • CWE-284: Improper Access Control CWE-285: Improper Authorization •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2016-6197 – kernel: overlayfs: missing upper dentry verification before unlink and rename
https://notcve.org/view.php?id=CVE-2016-6197
06 Aug 2016 — fs/overlayfs/dir.c in the OverlayFS filesystem implementation in the Linux kernel before 4.6 does not properly verify the upper dentry before proceeding with unlink and rename system-call processing, which allows local users to cause a denial of service (system crash) via a rename system call that specifies a self-hardlink. fs/overlayfs/dir.c en la implementación del sistema de archivos OverlayFS en el kernel de Linux en versiones anteriores a 4.6 no verifica adecuadamente la dentry superior antes de proced... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=11f3710417d026ea2f4fcf362d866342c5274185 • CWE-20: Improper Input Validation CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •