CVSS: 2.1EPSS: 0%CPEs: 18EXPL: 0CVE-2009-1186
https://notcve.org/view.php?id=CVE-2009-1186
Buffer overflow in the util_path_encode function in udev/lib/libudev-util.c in udev before 1.4.1 allows local users to cause a denial of service (service outage) via vectors that trigger a call with crafted arguments. Desbordamiento de búfer en la función util_path_encode en udev/lib/libudev-util.c en udev antes de v1.4.1 permite a usuarios locales provocar una denegación de servicio (parada del servicio) mediante vectores que disparan una llamada con argumentos manipulados. • http://git.kernel.org/?p=linux/hotplug/udev.git%3Ba=commitdiff%3Bh=662c3110803bd8c1aedacc36788e6fd028944314 http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00006.html http://secunia.com/advisories/34731 http://secunia.com/advisories/34750 http://secunia.com/advisories/34753 http://secunia.com/advisories/34771 http://secunia.com/advisories/34776 http://secunia.com/advisories/34785 http://secunia.com/advisories/34787 http://secunia.com/advisories/34801 http://slackware.com/sec • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.2EPSS: 0%CPEs: 22EXPL: 3CVE-2009-1185 – Linux Kernel 2.6 (Debian 4.0 / Ubuntu / Gentoo) UDEV < 1.4.1 - Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2009-1185
udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space. udev antes de v1.4.1 no verifica si un mensaje NETLINK es generado desde el espacio del kernel, lo que permite a usuarios locales obtener privilegios mediante el envio de un mensaje NETLIINK desde el espacio de usuario. Versions of udev < 1.4.1 do not verify that netlink messages are coming from the kernel. This allows local users to gain privileges by sending netlink messages from userland. • https://www.exploit-db.com/exploits/8478 https://www.exploit-db.com/exploits/8572 https://www.exploit-db.com/exploits/21848 http://git.kernel.org/?p=linux/hotplug/udev.git%3Ba=commitdiff%3Bh=e2b362d9f23d4c63018709ab5f81a02f72b91e75 http://git.kernel.org/?p=linux/hotplug/udev.git%3Ba=commitdiff%3Bh=e86a923d508c2aed371cdd958ce82489cf2ab615 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 http://lists.opensuse.org/opensuse-secu • CWE-346: Origin Validation Error CWE-862: Missing Authorization •
CVSS: 10.0EPSS: 64%CPEs: 18EXPL: 0CVE-2009-0846 – krb5: ASN.1 decoder can free uninitialized pointer when decoding an invalid encoding (MITKRB5-SA-2009-002)
https://notcve.org/view.php?id=CVE-2009-0846
The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c in the ASN.1 GeneralizedTime decoder in MIT Kerberos 5 (aka krb5) before 1.6.4 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors involving an invalid DER encoding that triggers a free of an uninitialized pointer. La función asn1_decode_generaltime en lib/krb5/asn.1/asn1_decode.c en el decodificador ASN.1 GeneralizedTime en MIT Kerberos 5 (también conocido como Krb5) anteriores a v1.6.4, permite a atacantes remotos provocar una denegación de servicio (caída del demonio) o posiblemente ejecución de código de su elección a través de vectores que implican una codificación DER inválida, que provocará una liberación del puntero no inicializado. • http://lists.apple.com/archives/security-announce/2009/May/msg00002.html http://lists.vmware.com/pipermail/security-announce/2009/000059.html http://marc.info/?l=bugtraq&m=124896429301168&w=2 http://marc.info/?l=bugtraq&m=130497213107107&w=2 http://rhn.redhat.com/errata/RHSA-2009-0409.html http://rhn.redhat.com/errata/RHSA-2009-0410.html http://secunia.com/advisories/34594 http://secunia.com/advisories/34598 http://secunia.com/advisories/34617 http://secunia.com/adv • CWE-416: Use After Free CWE-824: Access of Uninitialized Pointer •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2008-6560
https://notcve.org/view.php?id=CVE-2008-6560
Buffer overflow in CMAN - The Cluster Manager before 2.03.09-1 on Fedora 9 and Red Hat Enterprise Linux (RHEL) 5 allows attackers to cause a denial of service (CPU consumption and memory corruption) via a cluster.conf file with many lines. NOTE: it is not clear whether this issue crosses privilege boundaries in realistic uses of the product. Desbordamiento de búfer en CMAN - The Cluster Manager versiones anteriores a v2.03.09-1 en Fedora 9 y Red Hat Enterprise Linux (RHEL) 5 permite a atacantes provocar una denegación de servicio (consumo de CPU y consumo de memoria) a través de un fichero cluster.conf con muchas líneas. NOTA: no está claro si este problema cruza fronteras de privilegios en usuarios reales del producto. • http://git.fedorahosted.org/git/cluster.git?p=cluster.git%3Ba=commitdiff%3Bh=67fee9128e54c6c3fc3eae306b5b501f3029c3be http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00163.html http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00164.html http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00165.html http://www.ubuntu.com/usn/USN-875-1 https://bugzilla.redhat.com/show_bug.cgi?id=468966 https://exchange.xforce.ibmcloud.com/vulnerabilities/49832 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.9EPSS: 0%CPEs: 43EXPL: 0CVE-2008-6552 – rgmanager: multiple insecure temporary file use issues
https://notcve.org/view.php?id=CVE-2008-6552
Red Hat Cluster Project 2.x allows local users to modify or overwrite arbitrary files via symlink attacks on files in /tmp, involving unspecified components in Resource Group Manager (aka rgmanager) before 2.03.09-1, gfs2-utils before 2.03.09-1, and CMAN - The Cluster Manager before 2.03.09-1 on Fedora 9. Red Hat Cluster Project v2.x permite a usuarios locales modificar o sobrescribir ficheros de su elección mediante ataques de enlaces simbólicos a ficheros en /tmp, implicando componentes no especificados en Resource Group Manager (también conocido como rgmanager) versiones anteriores a v2.03.09-1, en gfs2-utils versiones anteriore a v2.03.09-1, y en CMAN - The Cluster Manager versiones anteriores a v2.03.09-1 para Fedora 9. • http://osvdb.org/50299 http://osvdb.org/50300 http://osvdb.org/50301 http://rhn.redhat.com/errata/RHSA-2009-1337.html http://secunia.com/advisories/32602 http://secunia.com/advisories/32616 http://secunia.com/advisories/36530 http://secunia.com/advisories/36555 http://secunia.com/advisories/43367 http://secunia.com/advisories/43372 http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00163.html http://www.redhat.com/archives/fedora-package-announce/ • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-377: Insecure Temporary File •