CVSS: 6.4EPSS: 0%CPEs: 10EXPL: 0CVE-2011-3152 – Ubuntu Security Notice USN-1284-2
https://notcve.org/view.php?id=CVE-2011-3152
29 Nov 2011 — DistUpgrade/DistUpgradeFetcherCore.py in Update Manager before 1:0.87.31.1, 1:0.134.x before 1:0.134.11.1, 1:0.142.x before 1:0.142.23.1, 1:0.150.x before 1:0.150.5.1, and 1:0.152.x before 1:0.152.25.5 on Ubuntu 8.04 through 11.10 does not verify the GPG signature before extracting an upgrade tarball, which allows man-in-the-middle attackers to (1) create or overwrite arbitrary files via a directory traversal attack using a crafted tar file, or (2) bypass authentication via a crafted meta-release file. Dist... • http://secunia.com/advisories/47024 • CWE-310: Cryptographic Issues •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2011-3154 – Ubuntu Security Notice USN-1284-2
https://notcve.org/view.php?id=CVE-2011-3154
29 Nov 2011 — DistUpgrade/DistUpgradeViewKDE.py in Update Manager before 1:0.87.31.1, 1:0.134.x before 1:0.134.11.1, 1:0.142.x before 1:0.142.23.1, 1:0.150.x before 1:0.150.5.1, and 1:0.152.x before 1:0.152.25.5 does not properly create temporary files, which allows local users to obtain the XAUTHORITY file content for a user via a symlink attack on the temporary file. DistUpgrade/DistUpgradeViewKDE.py en Update Manager anterior a 1:0.87.31.1, 1:0.134.x anterior a 1:0.134.11.1, 1:0.142.x anterior a 1:0.142.23.1, 1:0.150.... • http://secunia.com/advisories/47024 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 9.8EPSS: 79%CPEs: 10EXPL: 1CVE-2011-4566 – php: integer overflow in exif_process_IFD_TAG() may lead to DoS or arbitrary memory disclosure
https://notcve.org/view.php?id=CVE-2011-4566
29 Nov 2011 — Integer overflow in the exif_process_IFD_TAG function in exif.c in the exif extension in PHP 5.4.0beta2 on 32-bit platforms allows remote attackers to read the contents of arbitrary memory locations or cause a denial of service via a crafted offset_val value in an EXIF header in a JPEG file, a different vulnerability than CVE-2011-0708. Un desbordamiento de entero en la función exif_process_IFD_TAG en el fichero exif.c de la extensión exif de PHP v5.4.0 beta2 en las plataformas de 32 bits permite a atacante... • http://lists.apple.com/archives/security-announce/2012/May/msg00001.html • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 7.4EPSS: 0%CPEs: 12EXPL: 0CVE-2011-3634 – Ubuntu Security Notice USN-1283-1
https://notcve.org/view.php?id=CVE-2011-3634
28 Nov 2011 — methods/https.cc in apt before 0.8.11 accepts connections when the certificate host name fails validation and Verify-Host is enabled, which allows man-in-the-middle attackers to obtain repository credentials via unspecified vectors. methods/https.cc en apt anterior a 0.8.11 acepta conexiones cuando el nombre de host del certificado falla la validación y Verify-Host está habilitado, lo que permite a atacantes man-in-the-middle obtener credenciales de repositorios a través de vectores no especificados. It was... • http://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3634.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2011-3628 – Ubuntu Security Notice USN-1237-1
https://notcve.org/view.php?id=CVE-2011-3628
25 Oct 2011 — Untrusted search path vulnerability in pam_motd (aka the MOTD module) in libpam-modules before 1.1.3-2ubuntu2.1 on Ubuntu 11.10, before 1.1.2-2ubuntu8.4 on Ubuntu 11.04, before 1.1.1-4ubuntu2.4 on Ubuntu 10.10, before 1.1.1-2ubuntu5.4 on Ubuntu 10.04 LTS, and before 0.99.7.1-5ubuntu6.5 on Ubuntu 8.04 LTS, when using certain configurations such as "session optional pam_motd.so", allows local users to gain privileges by modifying the PATH environment variable to reference a malicious command, as demonstrated ... • http://www.ubuntu.com/usn/USN-1237-1 •
CVSS: 7.8EPSS: 92%CPEs: 16EXPL: 13CVE-2011-3192 – Apache - Denial of Service
https://notcve.org/view.php?id=CVE-2011-3192
25 Aug 2011 — The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086. El filtro byterange en el Servidor Apache HTTP v1.3.x, v2.0.x hasta v2.0.64, y v2.2.x hasta v2.2.19 permite a tacantes remotos provocar una denegación de servicio (consumo de memo... • https://packetstorm.news/files/id/180517 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 87%CPEs: 92EXPL: 0CVE-2011-2748 – dhcp: denial of service flaws
https://notcve.org/view.php?id=CVE-2011-2748
12 Aug 2011 — The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted DHCP packet. El servidor en ISC DHCP v3.x y v4.x anterior a v4.2.2, v3.1-ESV anterior a v3.1-ESV-R3, y v4.1-ESV anterior a v4.1-ESV-R3 permite a atacantes remotos provocar una denegación de servicio (salida de demonio) a través de un paquete DHCP manipulado. The Dynamic Host Configuration Protocol is a protocol that allows ... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 83%CPEs: 92EXPL: 0CVE-2011-2749 – dhcp: denial of service flaws
https://notcve.org/view.php?id=CVE-2011-2749
12 Aug 2011 — The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted BOOTP packet. El servidor en ISC DHCP v3.x y v4.x anterior a v4.2.2, v3.1-ESV anterior a v3.1-ESV-R3, y v4.1-ESV anterior a v4.1-ESV-R3 permite a atacantes remotos provocar una denegación de servicio (salida de demonio) a través de un paquete BOOTP manipulado. The Dynamic Host Configuration Protocol is a protocol that allow... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 30%CPEs: 10EXPL: 3CVE-2011-2522 – SWAT Samba Web Administration Tool - Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-2011-2522
27 Jul 2011 — Multiple cross-site request forgery (CSRF) vulnerabilities in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.10 allow remote attackers to hijack the authentication of administrators for requests that (1) shut down daemons, (2) start daemons, (3) add shares, (4) remove shares, (5) add printers, (6) remove printers, (7) add user accounts, or (8) remove user accounts, as demonstrated by certain start, stop, and restart parameters to the status program. Varias vulnerabilidades de falsificación... • https://packetstorm.news/files/id/103472 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 4.8EPSS: 3%CPEs: 10EXPL: 0CVE-2011-2694 – (SWAT): XSS flaw in Change Password page
https://notcve.org/view.php?id=CVE-2011-2694
27 Jul 2011 — Cross-site scripting (XSS) vulnerability in the chg_passwd function in web/swat.c in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.10 allows remote authenticated administrators to inject arbitrary web script or HTML via the username parameter to the passwd program (aka the user field to the Change Password page). Vulnerabilidad de ejecución de comandos en sitios cruzados (XSS) en la función chg_passwd en web/swat.c en la herramienta de administración web de Samba (SWAT) en Samba v3.x ante... • http://jvn.jp/en/jp/JVN63041502/index.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •