Page 48 of 240 results (0.014 seconds)

CVSS: 8.1EPSS: 97%CPEs: 68EXPL: 10

Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module. Múltiples desbordamientos de buffer basado en pila en las funciones (1) send_dg y (2) send_vc en la librería libresolv en la librería GNU C (también conocida como glibc o libc6) en versiones anteriores a 2.23 permiten a atacantes remotos causar una denegación de servicio (caída) o posiblemente ejecutar código arbitrario a través de una respuesta DNS manipulada que desencadenan una llamada a la función getaddrinfo con la familia de direcciones AF_UNSPEC o AF_INET6, en relación con la ejecución de "consultas duales A/AAAA DNS" y el módulo libnss_dns.so.2 NSS. A stack-based buffer overflow was found in the way the libresolv library performed dual A/AAAA DNS queries. A remote attacker could create a specially crafted DNS response which could cause libresolv to crash or, potentially, execute code with the permissions of the user running the library. Note: this issue is only exposed when libresolv is called from the nss_dns NSS service module. • https://www.exploit-db.com/exploits/39454 https://www.exploit-db.com/exploits/40339 https://github.com/fjserna/CVE-2015-7547 https://github.com/cakuzo/CVE-2015-7547 https://github.com/Stick-U235/CVE-2015-7547-Research https://github.com/t0r0t0r0/CVE-2015-7547 https://github.com/babykillerblack/CVE-2015-7547 https://github.com/Amilaperera12/Glibc-Vulnerability-Exploit-CVE-2015-7547 https://github.com/miracle03/CVE-2015-7547-master https://github.com/bluebluelan/CVE-2015-7547&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •

CVSS: 4.3EPSS: 0%CPEs: 8EXPL: 0

BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Link Controller, and PEM 12.0.0 before HF1, when the TCP profile for a virtual server is configured with Congestion Metrics Cache enabled, allow remote attackers to cause a denial of service (Traffic Management Microkernel (TMM) restart) via crafted ICMP packets, related to Path MTU (PMTU) discovery. BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Link Controller y PEM 12.0.0 en versiones anteriores a HF1, cuando el perfil TCP para un servidor virtual se configura con Congestion Metrics Cache habilitado, permiten a atacantes remotos causar una denegación de servicio (reinicio del Traffic Management Microkernel (TMM)) a través de paquetes ICMP manipulados, relacionada con el descubrimiento de Path MTU (PMTU). • http://www.securitytracker.com/id/1034627 https://support.f5.com/kb/en-us/solutions/public/k/22/sol22843911.html • CWE-20: Improper Input Validation •

CVSS: 10.0EPSS: 0%CPEs: 9EXPL: 0

BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, and PEM 12.0.0 before HF1 on the 2000, 4000, 5000, 7000, and 10000 platforms do not properly sync passwords with the Always-On Management (AOM) subsystem, which might allow remote attackers to obtain login access to AOM via an (1) expired or (2) default password. BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller y PEM 12.0.0 en versiones anteriores a HF1 sobre las plataformas 2000, 4000, 5000, 7000 y 10000 no sincroniza adecuadamente las contraseñas con el subsistema Always-On Management (AOM), lo que podría permitir a atacantes remotos obtener acceso de inicio de sesión al AOM a través de una contraseña (1) expirada o (2) predeterminada. • http://www.securitytracker.com/id/1034629 https://support.f5.com/kb/en-us/solutions/public/k/05/sol05272632.html • CWE-255: Credentials Management Errors •

CVSS: 7.8EPSS: 1%CPEs: 45EXPL: 4

racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests. racoon/gssapi.c en IPsec-Tools 0.8.2 permite a atacantes remotos causar una denegación de servicios (referencia a puntero nulo y caída de demonio IKE) a través de una serie de solicitudes UDP manipuladas. • http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159482.html http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159549.html http://packetstormsecurity.com/files/131992/IPsec-Tools-0.8.2-Denial-Of-Service.html http://seclists.org/fulldisclosure/2015/May/81 http://seclists.org/fulldisclosure/2015/May/83 http://www.debian.org/security/2015/dsa-3272 http://www.openwall.com/lists/oss-security/2015/05/20/1 http://www.openwall.com/lists/oss-security/20 • CWE-476: NULL Pointer Dereference •

CVSS: 2.3EPSS: 0%CPEs: 35EXPL: 0

The rd_build_device_space function in drivers/target/target_core_rd.c in the Linux kernel before 3.14 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from ramdisk_mcp memory by leveraging access to a SCSI initiator. La función rd_build_device_space en drivers/target/target_core_rd.c en el kernel de Linux anterior a 3.14 no inicializa debidamente cierta estructura de datos, lo que permite a usuarios locales obtener información sensible de la memoria ramdisk_mcp mediante el aprovechamiento del acceso a un iniciador SCSI. An information leak flaw was found in the RAM Disks Memory Copy (rd_mcp) backend driver of the iSCSI Target subsystem of the Linux kernel. A privileged user could use this flaw to leak the contents of kernel memory to an iSCSI initiator remote client. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html http://permalink.gmane.org/gmane.linux.scsi.target.devel/6618 http://secunia.com/advisories/59134 http://secunia.com/advisories/59777 http://secunia.com/advisories/60564 http://secunia.com/advisories/61310 http://www.openwall. • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •