Page 45 of 363 results (0.026 seconds)

CVSS: 10.0EPSS: 62%CPEs: 18EXPL: 0

CVE-2009-0846 – krb5: ASN.1 decoder can free uninitialized pointer when decoding an invalid encoding (MITKRB5-SA-2009-002)

https://notcve.org/view.php?id=CVE-2009-0846

The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c in the ASN.1 GeneralizedTime decoder in MIT Kerberos 5 (aka krb5) before 1.6.4 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors involving an invalid DER encoding that triggers a free of an uninitialized pointer. La función asn1_decode_generaltime en lib/krb5/asn.1/asn1_decode.c en el decodificador ASN.1 GeneralizedTime en MIT Kerberos 5 (también conocido como Krb5) anteriores a v1.6.4, permite a atacantes remotos provocar una denegación de servicio (caída del demonio) o posiblemente ejecución de código de su elección a través de vectores que implican una codificación DER inválida, que provocará una liberación del puntero no inicializado. • http://lists.apple.com/archives/security-announce/2009/May/msg00002.html http://lists.vmware.com/pipermail/security-announce/2009/000059.html http://marc.info/?l=bugtraq&m=124896429301168&w=2 http://marc.info/?l=bugtraq&m=130497213107107&w=2 http://rhn.redhat.com/errata/RHSA-2009-0409.html http://rhn.redhat.com/errata/RHSA-2009-0410.html http://secunia.com/advisories/34594 http://secunia.com/advisories/34598 http://secunia.com/advisories/34617 http://secunia.com/adv • CWE-416: Use After Free CWE-824: Access of Uninitialized Pointer •

CVSS: 6.2EPSS: 96%CPEs: 22EXPL: 0

CVE-2009-1072 – kernel: nfsd should drop CAP_MKNOD for non-root

https://notcve.org/view.php?id=CVE-2009-1072

nfsd in the Linux kernel before 2.6.28.9 does not drop the CAP_MKNOD capability before handling a user request in a thread, which allows local users to create device nodes, as demonstrated on a filesystem that has been exported with the root_squash option. nfsd en el Kernel de Linux anteriores a la v2.6.28.9 no detiene la capacidad de CAP_MKNOD antes del manejo de una petición de usuario en un hilo, lo que permite a usuarios locales crear nodos de dispositivo, como se ha demostrado en un sistema de ficheros que ha sido exportado con la opción root_squash. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=76a67ec6fb79ff3570dcb5342142c16098299911 http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html http://secunia.com/advisories/34422 http://secunia.com/advisories/34432 http://sec • CWE-16: Configuration •

CVSS: 7.1EPSS: 1%CPEs: 358EXPL: 1

CVE-2009-0778 – kernel: rt_cache leak leads to lack of network connectivity

https://notcve.org/view.php?id=CVE-2009-0778

The icmp_send function in net/ipv4/icmp.c in the Linux kernel before 2.6.25, when configured as a router with a REJECT route, does not properly manage the Protocol Independent Destination Cache (aka DST) in some situations involving transmission of an ICMP Host Unreachable message, which allows remote attackers to cause a denial of service (connectivity outage) by sending a large series of packets to many destination IP addresses within this REJECT route, related to an "rt_cache leak." La función icmp_send en net/ipv4/icmp.c en el kernel Linux anerior a v2.6.25, cuando se configura como un router con una ruta RECHAZADA, no gestiona apropiadamente el Protocolo Independiente de Caché de Destino (alias DST) en alguna situación que involucra transmisión de un mensaje ICMP Host inalcanzable, el cual permite a los atacantes remotos causar una denegación de servicio (conectividad parada) enviando una larga serie de paquetes a muchos direcciones IP de destino con esta ruta RECHAZADA, RELATIVA a "rt_cache leak." • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7c0ecc4c4f8fd90988aab8a95297b9c0038b6160 http://openwall.com/lists/oss-security/2009/03/11/2 http://secunia.com/advisories/33758 http://secunia.com/advisories/37471 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25 http://www.redhat.com/support/errata/RHSA-2009-0326.html http://www.securityfocus.com/archive/1/507985/100/0/threaded http://www.securityfocus.com/bid/34084 http:/&#x • CWE-400: Uncontrolled Resource Consumption •

CVSS: 3.6EPSS: 0%CPEs: 20EXPL: 0

CVE-2009-0834 – kernel: x86-64: syscall-audit: 32/64 syscall hole

https://notcve.org/view.php?id=CVE-2009-0834

The audit_syscall_entry function in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass certain syscall audit configurations via crafted syscalls, a related issue to CVE-2009-0342 and CVE-2009-0343. La función audit_syscall_entry en el núcleo de Linux v2.6.28.7 y versiones anteriores en la plataforma x86_64 no maneja adecuadamente (1) un proceso de 32-bit haciendo una llamada al sistema (syscall) de 64 bit o (2) un proceso de 64-bit haciendo una llamada al sistema (syscall) de 32-bit, lo cual permite a usuarios locales evitar determinadas configuraciones de auditoría de llamadas al sistema (syscall) a través de llamadas al sistema (syscall) manipuladas, una cuestión diferente a VE-2009-0342 y CVE-2009-0343. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ccbe495caa5e604b04d5a31d7459a6f6a76a756c http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html http://marc.info/?l=linux-kernel&m=123579056530191&w=2 http://marc.info/?l=linux-kernel&m=123579065130246&w=2 http://marc.info/?l=oss-security&m •

CVSS: 7.5EPSS: 1%CPEs: 18EXPL: 0

CVE-2008-5422

https://notcve.org/view.php?id=CVE-2008-5422

Sun Sun Ray Server Software 3.1 through 4.0 does not properly restrict access, which allows remote attackers to discover the Sun Ray administration password, and obtain admin access to the Data Store and Administration GUI, via unspecified vectors. Sun Sun Ray Server Software v3.1 a v4.0 no restringe el acceso apropiadamente, lo que permite a atacantes remotos descubrir la contraseña de administración de Sun Ray y obtener acceso admin a el Data Store y la Administration GUI, mediante vectores no especificados. • http://secunia.com/advisories/33108 http://sunsolve.sun.com/search/document.do?assetkey=1-21-127553-04-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-240365-1 http://support.avaya.com/elmodocs2/security/ASA-2008-502.htm http://www.securityfocus.com/bid/32769 http://www.securitytracker.com/id?1021383 http://www.vupen.com/english/advisories/2008/3406 https://exchange.xforce.ibmcloud.com/vulnerabilities/47253 • CWE-264: Permissions, Privileges, and Access Controls •