CVE-2023-46847 – Squid: denial of service in http digest authentication
https://notcve.org/view.php?id=CVE-2023-46847
Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication. Squid es vulnerable a una Denegación de Servicio, donde un atacante remoto puede realizar un ataque de desbordamiento de búfer escribiendo hasta 2 MB de datos arbitrarios en la memoria acumulada cuando Squid está configurado para aceptar la autenticación implícita HTTP. • https://access.redhat.com/errata/RHSA-2023:6266 https://access.redhat.com/errata/RHSA-2023:6267 https://access.redhat.com/errata/RHSA-2023:6268 https://access.redhat.com/errata/RHSA-2023:6748 https://access.redhat.com/errata/RHSA-2023:6801 https://access.redhat.com/errata/RHSA-2023:6803 https://access.redhat.com/errata/RHSA-2023:6804 https://access.redhat.com/errata/RHSA-2023:6805 https://access.redhat.com/errata/RHSA-2023:6810 https://access.redhat.com/errata/RHSA • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2023-46848 – Squid: denial of service in ftp
https://notcve.org/view.php?id=CVE-2023-46848
Squid is vulnerable to Denial of Service, where a remote attacker can perform DoS by sending ftp:// URLs in HTTP Request messages or constructing ftp:// URLs from FTP Native input. Squid es vulnerable a la Denegación de Servicio, donde un atacante remoto puede realizar DoS enviando URL ftp:// en mensajes de solicitud HTTP o construyendo URL ftp:// a partir de una entrada nativa FTP. • https://access.redhat.com/errata/RHSA-2023:6266 https://access.redhat.com/errata/RHSA-2023:6268 https://access.redhat.com/errata/RHSA-2023:6748 https://access.redhat.com/security/cve/CVE-2023-46848 https://bugzilla.redhat.com/show_bug.cgi?id=2245919 https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w https://security.netapp.com/advisory/ntap-20231214-0005 • CWE-681: Incorrect Conversion between Numeric Types •
CVE-2023-46846 – Squid: request/response smuggling in http/1.1 and icap
https://notcve.org/view.php?id=CVE-2023-46846
SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems. SQUID es vulnerable al contrabando de solicitudes HTTP, causado por la indulgencia de los decodificadores fragmentados, lo que permite a un atacante remoto realizar el contrabando de solicitudes/respuestas a través del firewall y los sistemas de seguridad frontales. • https://access.redhat.com/errata/RHSA-2023:6266 https://access.redhat.com/errata/RHSA-2023:6267 https://access.redhat.com/errata/RHSA-2023:6268 https://access.redhat.com/errata/RHSA-2023:6748 https://access.redhat.com/errata/RHSA-2023:6801 https://access.redhat.com/errata/RHSA-2023:6803 https://access.redhat.com/errata/RHSA-2023:6804 https://access.redhat.com/errata/RHSA-2023:6810 https://access.redhat.com/errata/RHSA-2023:7213 https://access.redhat.com/security/cve • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVE-2023-3972 – Insights-client: unsafe handling of temporary files and directories
https://notcve.org/view.php?id=CVE-2023-3972
A vulnerability was found in insights-client. This security issue occurs because of insecure file operations or unsafe handling of temporary files and directories that lead to local privilege escalation. Before the insights-client has been registered on the system by root, an unprivileged local user or attacker could create the /var/tmp/insights-client directory (owning the directory with read, write, and execute permissions) on the system. After the insights-client is registered by root, an attacker could then control the directory content that insights are using by putting malicious scripts into it and executing arbitrary code as root (trivially bypassing SELinux protections because insights processes are allowed to disable SELinux system-wide). Se encontró una vulnerabilidad en insights-client. • https://access.redhat.com/errata/RHSA-2023:6264 https://access.redhat.com/errata/RHSA-2023:6282 https://access.redhat.com/errata/RHSA-2023:6283 https://access.redhat.com/errata/RHSA-2023:6284 https://access.redhat.com/errata/RHSA-2023:6795 https://access.redhat.com/errata/RHSA-2023:6796 https://access.redhat.com/errata/RHSA-2023:6798 https://access.redhat.com/errata/RHSA-2023:6811 https://access.redhat.com/security/cve/CVE-2023-3972 https://bugzilla.redhat.com/show • CWE-379: Creation of Temporary File in Directory with Insecure Permissions CWE-668: Exposure of Resource to Wrong Sphere •
CVE-2023-5380 – Xorg-x11-server: use-after-free bug in destroywindow
https://notcve.org/view.php?id=CVE-2023-5380
A use-after-free flaw was found in the xorg-x11-server. An X server crash may occur in a very specific and legacy configuration (a multi-screen setup with multiple protocol screens, also known as Zaphod mode) if the pointer is warped from within a window on one screen to the root window of the other screen and if the original window is destroyed followed by another window being destroyed. Se encontró una falla de use-after-free en el servidor xorg-x11. Puede ocurrir una falla del servidor X en una configuración muy específica y heredada (una configuración de múltiples pantallas con múltiples pantallas de protocolo, también conocida como modo Zaphod) si el puntero se deforma desde dentro de una ventana en una pantalla a la ventana raíz de la otra pantalla y si la ventana original se destruye y luego se destruye otra ventana. This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. • https://access.redhat.com/errata/RHSA-2023:7428 https://access.redhat.com/errata/RHSA-2024:2169 https://access.redhat.com/errata/RHSA-2024:2298 https://access.redhat.com/errata/RHSA-2024:2995 https://access.redhat.com/errata/RHSA-2024:3067 https://access.redhat.com/security/cve/CVE-2023-5380 https://bugzilla.redhat.com/show_bug.cgi?id=2244736 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2WS5E7H4A5J3U5YBCTMRPQVGWK5LVH7D https://lists.fedoraprojec • CWE-416: Use After Free •