Page 321 of 2946 results (0.016 seconds)

CVSS: 5.0EPSS: 0%CPEs: 155EXPL: 0

CVE-2015-3143 – curl: re-using authenticated connection when unauthenticated

https://notcve.org/view.php?id=CVE-2015-3143

cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015. cURL y libcurl 7.10.6 hasta 7.41.0 no reutilizan correctamente las conexiones NTLM, lo que permite a atacantes remotos conectar como otros usuarios a través de una solicitud no autenticada, un problema similar a CVE-2014-0015. It was discovered that libcurl could incorrectly reuse NTLM-authenticated connections for subsequent unauthenticated requests to the same host. If an application using libcurl established an NTLM-authenticated connection to a server, and sent subsequent unauthenticated requests to the same server, the unauthenticated requests could be sent over the NTLM-authenticated connection, appearing as if they were sent by the NTLM authenticated user. • http://advisories.mageia.org/MGASA-2015-0179.html http://curl.haxx.se/docs/adv_20150422A.html http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10743 http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155957.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156250.html http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156945.html http://lists.fedoraproject.org • CWE-264: Permissions, Privileges, and Access Controls CWE-287: Improper Authentication •

CVSS: 6.8EPSS: 5%CPEs: 61EXPL: 1

CVE-2015-3330 – php: pipelined request executed in deinitialized interpreter under httpd 2.4

https://notcve.org/view.php?id=CVE-2015-3330

The php_handler function in sapi/apache2handler/sapi_apache2.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, when the Apache HTTP Server 2.4.x is used, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via pipelined HTTP requests that result in a "deconfigured interpreter." La función php_handler en sapi/apache2handler/sapi_apache2.c en PHP anterior a 5.4.40, 5.5.x anterior a 5.5.24, y 5.6.x anterior a 5.6.8, cuando Apache HTTP Server 2.4.x está utilizado, permite a atacantes remotos causar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código arbitrario a través de solicitudes HTTP segmentadas que resultan en un 'interprete desconfigurado.' A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interpreter, causing it to crash or, possibly, execute arbitrary code. • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=809610f5ea38a83b284e1125d1fff129bdd615e7 http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html http://openwall.com/lists/oss-security/2015/04/17/7 http://php.net/ChangeLog-5.php http://rhn.redhat.com&# • CWE-20: Improper Input Validation CWE-665: Improper Initialization •

CVSS: 5.8EPSS: 5%CPEs: 58EXPL: 1

CVE-2015-2783 – php: buffer over-read in Phar metadata parsing

https://notcve.org/view.php?id=CVE-2015-2783

ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read and application crash) via a crafted length value in conjunction with crafted serialized data in a phar archive, related to the phar_parse_metadata and phar_parse_pharfile functions. ext/phar/phar.c en PHP anterior a 5.4.40, 5.5.x anterior a 5.5.24, y 5.6.x anterior a 5.6.8 permite a atacantes remotos obtener información sensible de la memoria de procesos o causar una denegación de servicio (sobre lectura de buffer y caída de aplicación) a través de un valor de longitud manipulado en conjunto con datos seializados manipulados en un archivo phar, relacionado con las funciones phar_parse_metadata y phar_parse_pharfile. A buffer over-read flaw was found in PHP's phar (PHP Archive) paths implementation. A malicious script author could possibly use this flaw to disclose certain portions of server memory. • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html http://marc.info/?l=bugtraq&m=143403519711434&w=2 http://php.net/ChangeLog-5.php http://rhn.redhat.com/errata/RHSA-2015-1066.html http://rhn.redhat.com/errata/RHSA-2015-1135.html http:&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •

CVSS: 7.5EPSS: 68%CPEs: 67EXPL: 1

CVE-2015-3329 – php: buffer overflow in phar_set_inode()

https://notcve.org/view.php?id=CVE-2015-3329

Multiple stack-based buffer overflows in the phar_set_inode function in phar_internal.h in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allow remote attackers to execute arbitrary code via a crafted length value in a (1) tar, (2) phar, or (3) ZIP archive. Múltiples desbordamientos de buffer basado en pila en la función phar_set_inode en phar_internal.h en PHP anterior a 5.4.40, 5.5.x anterior a 5.5.24, y 5.6.x anterior a 5.6.8 permiten a atacantes remotos ejecutar código arbitrario a través de un valor de longitud manipulado en un archivo (1) tar, (2) phar, o (3) ZIP. A buffer overflow flaw was found in the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash or, possibly, execute arbitrary code when opened. • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=f59b67ae50064560d7bfcdb0d6a8ab284179053c http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html http://php.net/ChangeLog-5.php http://rhn.redhat.com/errata/RHSA-2015-1066.html http://rhn.redhat.com/errata& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •

CVSS: 1.9EPSS: 0%CPEs: 1EXPL: 1

CVE-2015-1145

https://notcve.org/view.php?id=CVE-2015-1145

The Code Signing implementation in Apple OS X before 10.10.3 does not properly validate signatures, which allows local users to bypass intended access restrictions via a crafted bundle, a different vulnerability than CVE-2015-1146. La implementación Firma de Código (Code Signing) en Apple OS X anterior a 10.10.3 no valida correctamente firmas, lo que permite a usuarios locales evadir las restricciones de acceso a través de un paquete manipulado, una vulnerabilidad diferente a CVE-2015-1146. • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html http://www.securityfocus.com/bid/73982 http://www.securitytracker.com/id/1032048 https://support.apple.com/HT204659 • CWE-310: Cryptographic Issues •