CVE-2007-6420 – mod_proxy_balancer: mod_proxy_balancer CSRF
https://notcve.org/view.php?id=CVE-2007-6420
Cross-site request forgery (CSRF) vulnerability in the balancer-manager in mod_proxy_balancer for Apache HTTP Server 2.2.x allows remote attackers to gain privileges via unspecified vectors. Una vulnerabilidad de tipo cross-site request forgery (CSRF) en el controlador-balanceador en el componente mod_proxy_balancer en el servidor HTTP de Apache versión 2.2.x, permite a los atacantes remotos conseguir privilegios por medio de vectores no especificados. • http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html http://marc.info/?l=bugtraq&m=123376588623823&w=2 http://secunia.com/advisories/31026 http://secunia.com/advisories/32222 http://secunia.com/advisories/33797 http://secunia.com/advisories/34219 http://security.gentoo.org/glsa/glsa-200807-06.xml http://securityreason.com/securityalert/3523 http://support.apple.com/kb/HT3216 http:/& • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2008-0226 – MySQL 6.0 yaSSL 1.7.5 - Hello Message Buffer Overflow
https://notcve.org/view.php?id=CVE-2008-0226
Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allow remote attackers to execute arbitrary code via (1) the ProcessOldClientHello function in handshake.cpp or (2) "input_buffer& operator>>" in yassl_imp.cpp. Múltiples desbordamientos de búfer en yaSSL 1.7.5 y anteriores, como el utilizado en MySQL y posiblemente otros productos, permite a atacantes remotos ejecutar código de su elección mediante (1) la función ProcessOldClientHello en handshake.cpp o (2) "input_buffer& operator>>" en yassl_imp.cpp. • https://www.exploit-db.com/exploits/9953 https://www.exploit-db.com/exploits/16849 https://www.exploit-db.com/exploits/16701 http://bugs.mysql.com/33814 http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html http://secunia.com/advisories/28324 http://secunia.com/advisories/28419 http://secunia.com/advisories/28597 http://secunia.com/advisories/29443 http://secunia.com/advisories/32222 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2007-4772 – postgresql DoS via infinite loop in regex NFA optimization code
https://notcve.org/view.php?id=CVE-2007-4772
The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted regular expression. El intérprete de expresiones regulares en TCL en versiones anteriores a 8.4.17, como se utiliza en PostgreSQL 8.2 en versiones anteriores a 8.2.6, 8.1 en versiones anteriores a 8.1.11, 8.0 en versiones anteriores a 8.0.15 y 7.4 en versiones anteriores a 7.4.19, permite a atacantes dependientes del contexto provocar una denegación de servicio (bucle infinito) a través de una expresión regular manipulada. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00049.html http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00052.html http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00054.html http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00056 • CWE-399: Resource Management Errors CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVE-2007-5000 – httpd: mod_imagemap XSS
https://notcve.org/view.php?id=CVE-2007-5000
Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en los módulos (1) mod_imap en Apache HTTP Server 1.3.0 hasta 1.3.39 y 2.0.35 hasta 2.0.61, y (2) mod_imagemap en Apache HTTP Server 2.2.0 hasta 2.2.6 permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección mediante vectores no especificados. • http://docs.info.apple.com/article.html?artnum=307562 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01345501 http://httpd.apache.org/security/vulnerabilities_13.html http://httpd.apache.org/security/vulnerabilities_20.html http://httpd.apache.org/security/vulnerabilities_22.html http://lists.apple.com/archives/security-announce/2008//May/msg00001.html http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://lists.opensuse.org/opensuse-security-announce& • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2007-6206 – Issue with core dump owner
https://notcve.org/view.php?id=CVE-2007-6206
The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2.6.24-rc3, and possibly other versions, does not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which might allow local users to obtain sensitive information. La función do_coredump en el archivo fs/exec.c en el kernel de Linux versiones 2.4.x y versiones 2.6.x hasta 2.6.24-rc3, y posiblemente otras versiones, no cambia el UID de un archivo de volcado de núcleo si éste existe antes de una creación de proceso root en un volcado de núcleo en la misma ubicación, lo que podría permitir a los usuarios locales obtener información confidencial. • http://bugzilla.kernel.org/show_bug.cgi?id=3043 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=c46f739dd39db3b07ab5deb4e3ec81e1c04a91af http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00002.html http://lists.vmware.com/pipermail/security-announce/2008/000023.html http://rhn.redhat.com/errata/RHSA-2008 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •