Page 4 of 23 results (0.032 seconds)

CVSS: 7.8EPSS: 82%CPEs: 55EXPL: 0

CVE-2019-9514 – Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service

https://notcve.org/view.php?id=CVE-2019-9514

Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both. Algunas implementaciones de HTTP / 2 son vulnerables a una inundación de reinicio, lo que puede conducir a una denegación de servicio. El atacante abre una serie de secuencias y envía una solicitud no válida sobre cada secuencia que debería solicitar una secuencia de tramas RST_STREAM del par. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00076.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00031.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00032.html http://lists.opensuse.org/opensuse-security-announce/2019-09 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 6.1EPSS: 0%CPEs: 13EXPL: 1

CVE-2019-3870

https://notcve.org/view.php?id=CVE-2019-3870

A vulnerability was found in Samba from version (including) 4.9 to versions before 4.9.6 and 4.10.2. During the creation of a new Samba AD DC, files are created in a private subdirectory of the install location. This directory is typically mode 0700, that is owner (root) only access. However in some upgraded installations it will have other permissions, such as 0755, because this was the default before Samba 4.8. Within this directory, files are created with mode 0666, which is world-writable, including a sample krb5.conf, and the list of DNS names and servicePrincipalName values to update. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3870 https://bugzilla.samba.org/show_bug.cgi?id=13834 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6354GALK73CZWQKFUG7AWB6EIEGFMF62 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JTJVFA3RZ6G2IZDTVKLHRMX6QBYA4GPA https://support.f5.com/csp/article/K20804356 https://www.samba.org/samba/security/CVE-2019-3870.html https://www.synology.com/security/advisory/Synology_SA_19 • CWE-276: Incorrect Default Permissions •

CVSS: 10.0EPSS: 89%CPEs: 9EXPL: 6

CVE-2018-1160 – Netatalk 3.1.12 - Authentication Bypass (PoC)

https://notcve.org/view.php?id=CVE-2018-1160

Netatalk before 3.1.12 is vulnerable to an out of bounds write in dsi_opensess.c. This is due to lack of bounds checking on attacker controlled data. A remote unauthenticated attacker can leverage this vulnerability to achieve arbitrary code execution. Netatalk, en versiones anteriores a la 3.1.12, es vulnerable a una escritura fuera de límites en dsi_opensess.c. Esto se debe a la falta de comprobación de límites de los datos controlados por el atacante. • https://www.exploit-db.com/exploits/46048 https://www.exploit-db.com/exploits/46034 https://www.exploit-db.com/exploits/46675 https://github.com/SachinThanushka/CVE-2018-1160 http://netatalk.sourceforge.net/3.1/ReleaseNotes3.1.12.html http://packetstormsecurity.com/files/152440/QNAP-Netatalk-Authentication-Bypass.html http://www.securityfocus.com/bid/106301 https://attachments.samba.org/attachment.cgi?id=14735 https://github.com/tenable/poc/tree/master/netatalk/cve_2018_1160 https:/ • CWE-787: Out-of-bounds Write •

CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0

CVE-2018-13281

https://notcve.org/view.php?id=CVE-2018-13281

Information exposure vulnerability in SYNO.Core.ACL in Synology DiskStation Manager (DSM) before 6.2-23739-2 allows remote authenticated users to determine the existence and obtain the metadata of arbitrary files via the file_path parameter. Vulnerabilidad de exposición de información en SYNO.Core.ACL en Synology DiskStation Manager (DSM) en versiones anteriores a la 6.2-23739-2 permite que usuarios autenticados remotos determinen la existencia y obtengan los metadatos de archivos arbitrarios mediante el parámetro file_path. • https://www.synology.com/en-global/support/security/Synology_SA_18_36 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.5EPSS: 3%CPEs: 63EXPL: 0

CVE-2018-7185

https://notcve.org/view.php?id=CVE-2018-7185

The protocol engine in ntp 4.2.6 before 4.2.8p11 allows a remote attackers to cause a denial of service (disruption) by continually sending a packet with a zero-origin timestamp and source IP address of the "other side" of an interleaved association causing the victim ntpd to reset its association. El motor de protocolo en ntp, en versiones 4.2.6 anteriores a la 4.2.8p11, permite que atacantes remotos provoquen una denegación de servicio (interrupción) mediante el envío continuado de un paquete con una marca de tiempo zero-origin y la dirección IP de origen "del otro lado" de una asociación intercalada que provoca que el ntpd de la víctima restablezca su asociación. • http://packetstormsecurity.com/files/146631/Slackware-Security-Advisory-ntp-Updates.html http://support.ntp.org/bin/view/Main/NtpBug3454 http://www.securityfocus.com/archive/1/541824/100/0/threaded http://www.securityfocus.com/bid/103339 https://security.FreeBSD.org/advisories/FreeBSD-SA-18:02.ntp.asc https://security.gentoo.org/glsa/201805-12 https://security.netapp.com/advisory/ntap-20180626-0001 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en&# •