CVE-2015-3276 – openldap: incorrect multi-keyword mode cipherstring parsing
https://notcve.org/view.php?id=CVE-2015-3276
The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors. La función nss_parse_ciphers en libraries/libldap/tls_m.c en OpenLDAP no analiza adecuadamente cadenas de cifrado en modo multiclave de estilo OpenSSL, lo que podría provocar el uso de un cifrado más débil que el previsto y permitir a atacantes remotos tener un impacto no especificado a través de vectores desconocidos. A flaw was found in the way OpenLDAP parsed OpenSSL-style cipher strings. As a result, OpenLDAP could potentially use ciphers that were not intended to be enabled. • http://rhn.redhat.com/errata/RHSA-2015-2131.html http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http://www.securitytracker.com/id/1034221 https://bugzilla.redhat.com/show_bug.cgi?id=1238322 https://access.redhat.com/security/cve/CVE-2015-3276 • CWE-682: Incorrect Calculation •
CVE-2015-8126 – libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions
https://notcve.org/view.php?id=CVE-2015-8126
Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image. Múltiples desbordamientos de buffer en las funciones (1) png_set_PLTE y (2) png_get_PLTE en libpng en versiones anteriores a 1.0.64, 1.1.x y 1.2.x en versiones anteriores a 1.2.54, 1.3.x y 1.4.x en versiones anteriores a 1.4.17, 1.5.x en versiones anteriores a 1.5.24 y 1.6.x en versiones anteriores a 1.6.19 permiten a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente tener otro impacto no especificado a través de un valor bit-depth pequeño en un fragmento IHDR (también conocido como image header) en una imagen PNG. It was discovered that the png_get_PLTE() and png_set_PLTE() functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer overflow or out-of-bounds reads. An attacker could exploit this to cause a crash or potentially execute arbitrary code by tricking an unsuspecting user into processing a specially crafted PNG image. • http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172324.html http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172620.html http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172647.html http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172663.html http://lists.fedoraproject.org/pipermail • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2015-5219 – ntp: infinite loop in sntp processing crafted packet
https://notcve.org/view.php?id=CVE-2015-5219
The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet. La función ULOGTOD en el archivo ntp.d en SNTP en versiones anteriores a la 4.2.7p366 no realiza apropiadamente las conversiones de tipo de un valor de precisión a uno doble, lo que permite a los atacantes remotos causar una denegación de servicio (bucle infinito) por medio de un paquete NTP creado. It was discovered that the sntp utility could become unresponsive due to being caught in an infinite loop when processing a crafted NTP packet. • http://aix.software.ibm.com/aix/efixes/security/ntp_advisory4.asc http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=51786731Gr4-NOrTBC_a_uXO4wuGhg http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170926.html http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169167.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166992.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html http://lists.opensuse.org/opensuse-updates • CWE-704: Incorrect Type Conversion or Cast CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVE-2015-4858 – mysql: unspecified vulnerability related to Server:DML (CPU October 2015)
https://notcve.org/view.php?id=CVE-2015-4858
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via vectors related to DML, a different vulnerability than CVE-2015-4913. Vulnerabilidad no especificada en Oracle MySQL Server 5.5.45 y versiones anteriores y 5.6.26 y versiones anteriores, permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores relacionados con DML, una vulnerabilidad diferente a CVE-2015-4913. • http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html http://rhn.redhat.com/errata/RHSA-2016-0534.html http://rhn.redhat.com/errata/RHSA-2016-0705.html http://rhn.redhat.com/errata/RHSA-2016-1480.html http://rhn.redhat.com/errata/RHSA-2016-1481 •
CVE-2015-4879 – mysql: unspecified vulnerability related to Server:DML (CPU October 2015)
https://notcve.org/view.php?id=CVE-2015-4879
Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to DML. Vulnerabilidad no especificada en Oracle MySQL Server 5.5.44 y versiones anteriores y 5.6.25 y versiones anteriores, permite a usuarios remotos autenticados afectar a la confidencialidad, integridad y disponibilidad a través de vectores relacionados con DML. • http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html http://rhn.redhat.com/errata/RHSA-2015-1628.html http://rhn.redhat.com/errata/RHSA-2016-0534.html http://rhn.redhat.com/errata/RHSA-2016-1481.html http://www.debian.org/security/2015/dsa-3377 http://www.debian.org/security/2015/dsa-3385 http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html http://www •