CVSS: 5.3EPSS: 0%CPEs: 31EXPL: 0CVE-2018-7170
https://notcve.org/view.php?id=CVE-2018-7170
ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim's clock via a Sybil attack. This issue exists because of an incomplete fix for CVE-2016-1549. ntpd en ntp, en versiones 4.2.x anteriores a la 4.2.8p7 y versiones 4.3.x anteriores a la 4.3.92, permite que usuarios autenticados que conozcan la clave privada simétrica creen de forma arbitraria muchas asociaciones efímeras para ganar la selección de reloj de ntpd y modifiquen el reloj de una víctima mediante un ataque Sybil. Este problema existe debido a una solución incompleta para CVE-2016-1549. • http://packetstormsecurity.com/files/146631/Slackware-Security-Advisory-ntp-Updates.html http://support.ntp.org/bin/view/Main/NtpBug3415 http://www.securityfocus.com/archive/1/541824/100/0/threaded http://www.securityfocus.com/bid/103194 https://bugzilla.redhat.com/show_bug.cgi?id=1550214 https://security.FreeBSD.org/advisories/FreeBSD-SA-18:02.ntp.asc https://security.gentoo.org/glsa/201805-12 https://security.netapp.com/advisory/ntap-20180626-0001 https://support.hpe.com/hpsc/doc •
CVSS: 7.5EPSS: 2%CPEs: 23EXPL: 0CVE-2018-7184
https://notcve.org/view.php?id=CVE-2018-7184
ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating the "received" timestamp, which allows remote attackers to cause a denial of service (disruption) by sending a packet with a zero-origin timestamp causing the association to reset and setting the contents of the packet as the most recent timestamp. This issue is a result of an incomplete fix for CVE-2015-7704. ntpd en ntp, en versiones 4.2.8p4 anteriores a la 4.2.8p11, envía paquetes malos antes de actualizar la marca de tiempo "received". Esto permite que atacantes remotos provoquen una denegación de servicio (interrupción) mediante el envío de un paquete con una marca de tiempo zero-origin que provoca que la asociación se restablezca y establezca el contenido del paquete como la marca de tiempo más reciente. Este problema es el resultado de una solución incompleta para CVE-2015-7704. • http://packetstormsecurity.com/files/146631/Slackware-Security-Advisory-ntp-Updates.html http://support.ntp.org/bin/view/Main/NtpBug3453 http://www.securityfocus.com/archive/1/541824/100/0/threaded http://www.securityfocus.com/bid/103192 https://security.FreeBSD.org/advisories/FreeBSD-SA-18:02.ntp.asc https://security.gentoo.org/glsa/201805-12 https://security.netapp.com/advisory/ntap-20180626-0001 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en&# •
CVSS: 7.5EPSS: 3%CPEs: 63EXPL: 0CVE-2018-7185
https://notcve.org/view.php?id=CVE-2018-7185
The protocol engine in ntp 4.2.6 before 4.2.8p11 allows a remote attackers to cause a denial of service (disruption) by continually sending a packet with a zero-origin timestamp and source IP address of the "other side" of an interleaved association causing the victim ntpd to reset its association. El motor de protocolo en ntp, en versiones 4.2.6 anteriores a la 4.2.8p11, permite que atacantes remotos provoquen una denegación de servicio (interrupción) mediante el envío continuado de un paquete con una marca de tiempo zero-origin y la dirección IP de origen "del otro lado" de una asociación intercalada que provoca que el ntpd de la víctima restablezca su asociación. • http://packetstormsecurity.com/files/146631/Slackware-Security-Advisory-ntp-Updates.html http://support.ntp.org/bin/view/Main/NtpBug3454 http://www.securityfocus.com/archive/1/541824/100/0/threaded http://www.securityfocus.com/bid/103339 https://security.FreeBSD.org/advisories/FreeBSD-SA-18:02.ntp.asc https://security.gentoo.org/glsa/201805-12 https://security.netapp.com/advisory/ntap-20180626-0001 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en&# •
CVSS: 5.6EPSS: 97%CPEs: 1467EXPL: 3CVE-2017-5753 – Multiple CPUs - 'Spectre' Information Disclosure
https://notcve.org/view.php?id=CVE-2017-5753
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. Los sistemas con microprocesadores con ejecución especulativa y predicción de ramas podrían permitir la revelación no autorizada de información al atacante con acceso de usuario local mediante un análisis de un canal lateral. An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant CVE-2017-5753 triggers the speculative execution by performing a bounds-check bypass. • https://www.exploit-db.com/exploits/43427 https://github.com/sachinthaBS/Spectre-Vulnerability-CVE-2017-5753- http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html http://nvidia.custhe • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-203: Observable Discrepancy •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15895
https://notcve.org/view.php?id=CVE-2017-15895
Directory traversal vulnerability in the SYNO.FileStation.Extract in Synology Router Manager (SRM) before 1.1.5-6542-4 allows remote authenticated users to write arbitrary files via the dest_folder_path parameter. Una vulnerabilidad de salto de directorio en SYNO.FileStation.Extract en Synology Router Manager (SRM) en versiones anteriores a la 1.1.5-6542-4 permite que usuarios remotos autenticados escriban archivos arbitrarios mediante el parámetro dest_folder_path. • https://www.synology.com/en-global/support/security/Synology_SA_17_71_SRM • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •