Page 33 of 273 results (0.017 seconds)

CVSS: 7.5EPSS: 87%CPEs: 45EXPL: 0

CVE-2016-9131 – bind: assertion failure while processing response to an ANY query

https://notcve.org/view.php?id=CVE-2016-9131

named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed response to an RTYPE ANY query. named en ISC BIND 9.x en versiones anteriores a 9.9.9-P5, 9.10.x en versiones anteriores a 9.10.4-P5 y 9.11.x en versiones anteriores a 9.11.0-P2 permite a atacantes remotos provocar una denegación de servicio (fallo de aserción y salida de demonio) a través de una respuesta mal formada a una query RTYPE ANY. A denial of service flaw was found in the way BIND processed a response to an ANY query. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. • http://rhn.redhat.com/errata/RHSA-2017-0062.html http://www.debian.org/security/2017/dsa-3758 http://www.securityfocus.com/bid/95386 http://www.securitytracker.com/id/1037582 https://access.redhat.com/errata/RHSA-2017:1583 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05381687 https://kb.isc.org/article/AA-01439/74/CVE-2016-9131 https://security.gentoo.org/glsa/201708-01 https://security.netapp.com/advisory/ntap-20180926-0005 https: • CWE-20: Improper Input Validation •

CVSS: 5.5EPSS: 0%CPEs: 22EXPL: 0

CVE-2016-9401 – bash: popd controlled free

https://notcve.org/view.php?id=CVE-2016-9401

popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address. popd en bash podrían permitir a usuarios locales eludir el shell restringido y provocar un uso después de liberación de memoria a través de una dirección manipulada. A denial of service flaw was found in the way bash handled popd commands. A poorly written shell script could cause bash to crash resulting in a local denial of service limited to a specific bash session. • http://rhn.redhat.com/errata/RHSA-2017-0725.html http://www.openwall.com/lists/oss-security/2016/11/17/5 http://www.openwall.com/lists/oss-security/2016/11/17/9 http://www.securityfocus.com/bid/94398 https://access.redhat.com/errata/RHSA-2017:1931 https://lists.debian.org/debian-lts-announce/2019/03/msg00028.html https://security.gentoo.org/glsa/201701-02 https://access.redhat.com/security/cve/CVE-2016-9401 https://bugzilla.redhat.com/show_bug.cgi?id=1396383 • CWE-416: Use After Free •

CVSS: 7.5EPSS: 0%CPEs: 27EXPL: 0

CVE-2016-8743 – httpd: Apache HTTP Request Parsing Whitespace Defects

https://notcve.org/view.php?id=CVE-2016-8743

Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was liberal in the whitespace accepted from requests and sent in response lines and headers. Accepting these different behaviors represented a security concern when httpd participates in any chain of proxies or interacts with back-end application servers, either through mod_proxy or using conventional CGI mechanisms, and may result in request smuggling, response splitting and cache pollution. El servidor HTTP Apache, en todas las distribuciones anteriores a la 2.2.32 y la 2.4.25 era liberal en el espacio en blanco aceptado de peticiones y enviado en lineas y cabeceras de respuesta. La aceptación de estos comportamientos diferentes representaba un problema a nivel de seguridad cuando httpd participa en cualquier cadena de proxies o interactúa con servidores de aplicaciones backend, ya sea mediante mod_proxy o utilizando mecanismos CGI convencionales y puede dar lugar al tráfico de peticiones, división de respuestas y contaminación de la caché. It was discovered that the HTTP parser in httpd incorrectly allowed certain characters not permitted by the HTTP protocol specification to appear unencoded in HTTP request headers. • http://rhn.redhat.com/errata/RHSA-2017-1415.html http://www.debian.org/security/2017/dsa-3796 http://www.securityfocus.com/bid/95077 http://www.securitytracker.com/id/1037508 https://access.redhat.com/errata/RHSA-2017:0906 https://access.redhat.com/errata/RHSA-2017:1161 https://access.redhat.com/errata/RHSA-2017:1413 https://access.redhat.com/errata/RHSA-2017:1414 https://access.redhat.com/errata/RHSA-2017:1721 https://h20566.www2.hpe.com/hpsc/doc/public/display • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 5%CPEs: 92EXPL: 0

CVE-2016-7426 – ntp: Client rate limiting and server responses

https://notcve.org/view.php?id=CVE-2016-7426

NTP before 4.2.8p9 rate limits responses received from the configured sources when rate limiting for all associations is enabled, which allows remote attackers to cause a denial of service (prevent responses from the sources) by sending responses with a spoofed source address. NTP en versiones anteriores a 4.2.8p9 limita la clasificación de respuestas recibidas desde las fuentes configuradas cuando la limitación de clasificación para todas las asociaciones está habilitado, lo que permite a atacantes remotos provocar una denegación de servicio (prevenir las respuestas de las fuentes) enviando respuestas con una dirección de origen suplantada. It was found that when ntp is configured with rate limiting for all associations the limits are also applied to responses received from its configured sources. A remote attacker who knows the sources can cause a denial of service by preventing ntpd from accepting valid responses from its sources. • http://nwtime.org/ntp428p9_release http://rhn.redhat.com/errata/RHSA-2017-0252.html http://support.ntp.org/bin/view/Main/NtpBug3071 http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities http://www.securityfocus.com/bid/94451 http://www.securitytracker.com/id/1037354 https://bto.bluecoat.com/security-advisory/sa139 https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03706en_us https://security.FreeBSD.org/advisories/FreeBSD-SA- • CWE-400: Uncontrolled Resource Consumption •

CVSS: 4.9EPSS: 0%CPEs: 19EXPL: 0

CVE-2016-5011 – util-linux: Extended partition loop in MBR partition table leads to DOS

https://notcve.org/view.php?id=CVE-2016-5011

The parse_dos_extended function in partitions/dos.c in the libblkid library in util-linux allows physically proximate attackers to cause a denial of service (memory consumption) via a crafted MSDOS partition table with an extended partition boot record at zero offset. La función parse_dos_extended en partitions/dos.c en la biblioteca libblkid en util-linux permite a atacantes físicamente próximos provocar una denegación de servicio (consumo de memoria) a través de una tabla de particiones MSDOS manipulada con un registro de arranque de partición extendida en desplazamiento cero. It was found that util-linux's libblkid library did not properly handle Extended Boot Record (EBR) partitions when reading MS-DOS partition tables. An attacker with physical USB access to a protected machine could insert a storage device with a specially crafted partition table that could, for example, trigger an infinite loop in systemd-udevd, resulting in a denial of service on that machine. • http://rhn.redhat.com/errata/RHSA-2016-2605.html http://www-01.ibm.com/support/docview.wss?uid=isg3T1024543 http://www-01.ibm.com/support/docview.wss?uid=nas8N1021801 http://www.openwall.com/lists/oss-security/2016/07/11/2 http://www.securityfocus.com/bid/91683 http://www.securitytracker.com/id/1036272 https://git.kernel.org/pub/scm/utils/util-linux/util-linux.git/commit/?id=7164a1c3 https://access.redhat.com/security/cve/CVE-2016-5011 https://bugzilla.redhat. •