CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 2CVE-2023-4256 – Tcpreplay: tcprewrite: double free in tcpedit_dlt_cleanup() in plugins/dlt_plugins.c
https://notcve.org/view.php?id=CVE-2023-4256
Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the tcpedit_dlt_cleanup() function within plugins/dlt_plugins.c. This vulnerability can be exploited by supplying a specifically crafted file to the tcprewrite binary. This flaw enables a local attacker to initiate a Denial of Service (DoS) attack. Dentro de tcprewrite de tcpreplay, se ha identificado una vulnerabilidad de doble liberación en la función tcpedit_dlt_cleanup() dentro de plugins/dlt_plugins.c. Esta vulnerabilidad se puede explotar proporcionando un archivo específicamente manipulado al binario tcprewrite. • https://bugzilla.redhat.com/show_bug.cgi?id=2255212 https://github.com/appneta/tcpreplay/issues/813 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EHUILQV2YJI5TXXXJA5FQ2HJQGFT7NTN https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TMW5CIODKRHUUH7NTAYIRWGSJ56DTGXM https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V3GYCHPVJ2VFN3D7FI4IRMDVMILLWBRF • CWE-415: Double Free •
CVSS: 8.1EPSS: 0%CPEs: 13EXPL: 0CVE-2021-27795 – License forgery in Brocade Fabric OS (FOS) hardware platforms running any version of Brocade Fabric OS software,
https://notcve.org/view.php?id=CVE-2021-27795
Brocade Fabric OS (FOS) hardware platforms running any version of Brocade Fabric OS software, which supports the license string format; contain cryptographic issues that could allow for the installation of forged or fraudulent license keys. This would allow attackers or a malicious party to forge a counterfeit license key that the Brocade Fabric OS platform would authenticate and activate as if it were a legitimate license key. Plataformas de hardware Brocade Fabric OS (FOS) que ejecutan cualquier versión del software Brocade Fabric OS, que admita el formato de cadena de licencia; contienen problemas criptográficos que podrían permitir la instalación de claves de licencia falsificadas o fraudulentas. Esto permitiría a los atacantes o a una parte malintencionada falsificar una clave de licencia falsa que la plataforma Brocade Fabric OS autenticaría y activaría como si fuera una clave de licencia legítima. • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/21289 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-31096
https://notcve.org/view.php?id=CVE-2023-31096
An issue was discovered in Broadcom) LSI PCI-SV92EX Soft Modem Kernel Driver through 2.2.100.1 (aka AGRSM64.sys). There is Local Privilege Escalation to SYSTEM via a Stack Overflow in RTLCopyMemory (IOCTL 0x1b2150). An attacker can exploit this to elevate privileges from a medium-integrity process to SYSTEM. This can also be used to bypass kernel-level protections such as AV or PPL, because exploit code runs with high-integrity privileges and can be used in coordinated BYOVD (bring your own vulnerable driver) ransomware campaigns. Se descubrió un problema en Broadcom) LSI PCI-SV92EX Soft Modem Kernel Driver hasta 2.2.100.1 (también conocido como AGRSM64.sys). • https://cschwarz1.github.io/posts/0x04 https://www.broadcom.com • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-31424 – Web authentication and authorization bypass
https://notcve.org/view.php?id=CVE-2023-31424
Brocade SANnav Web interface before Brocade SANnav v2.3.0 and v2.2.2a allows remote unauthenticated users to bypass web authentication and authorization. La interfaz web Brocade SANnav v2.3.0 y v2.2.2a permite a usuarios remotos no autenticados eludir la autenticación y autorización web. • https://security.netapp.com/advisory/ntap-20240229-0004 https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22507 • CWE-290: Authentication Bypass by Spoofing •
CVSS: 5.7EPSS: 0%CPEs: 1EXPL: 0CVE-2023-31423 – Possible information exposure through log file vulnerability
https://notcve.org/view.php?id=CVE-2023-31423
Possible information exposure through log file vulnerability where sensitive fields are recorded in the configuration log without masking on Brocade SANnav before v2.3.0 and 2.2.2a. Notes: To access the logs, the local attacker must have access to an already collected Brocade SANnav "supportsave" outputs. Posible exposición de información a través de la vulnerabilidad del archivo de registro donde se guardan campos sensibles en el registro de configuración sin enmascarar en Brocade SANnav antes de v2.3.0 y 2.2.2a. Notas: Para acceder a los registros, el atacante local debe tener acceso a una salida "supportsave" de Brocade SANnav ya recopilada. • https://security.netapp.com/advisory/ntap-20240229-0003 https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22508 • CWE-312: Cleartext Storage of Sensitive Information •