CVSS: 2.6EPSS: 0%CPEs: 1EXPL: 0CVE-2008-3270 – yum-rhn-plugin: does not verify SSL certificate for all communication with RHN server
https://notcve.org/view.php?id=CVE-2008-3270
yum-rhn-plugin in Red Hat Enterprise Linux (RHEL) 5 does not verify the SSL certificate for a file download from a Red Hat Network (RHN) server, which makes it easier for remote man-in-the-middle attackers to cause a denial of service (loss of updates) or force the download and installation of official Red Hat packages that were not requested. yum-rhn-plugin en Red Hat Enterprise Linux (RHEL) 5 no verifica el certificado SSL para un archivo descargado de un servidor Red Hat Network (RHN), lo que facilita a atacantes man-in-the-middle (hombre en el medio) remotos provocar una denegación de servicio (pérdida de actualizaciones) o forzar la descarga e instalación de paquetes Red Hat oficiales que no fueron solicitados. • http://secunia.com/advisories/31472 http://securitytracker.com/id?1020698 http://www.redhat.com/support/errata/RHSA-2008-0815.html http://www.securityfocus.com/bid/30695 https://bugzilla.redhat.com/show_bug.cgi?id=457113 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10864 https://access.redhat.com/security/cve/CVE-2008-3270 • CWE-310: Cryptographic Issues •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0CVE-2008-1376 – nfs-utils: missing tcp_wrappers support
https://notcve.org/view.php?id=CVE-2008-1376
A certain Red Hat build script for nfs-utils before 1.0.9-35z.el5_2 on Red Hat Enterprise Linux (RHEL) 5 omits TCP wrappers support, which might allow remote attackers to bypass intended access restrictions. Ciertas secuencias de comandos web usadas para "construir" nfs-utils anterior a 1.0.9-35z.el5_2 sobre Red Hat Enterprise Linux (RHEL) 5 omite soporte de paquetes TCP, los cuales permiten a atacantes remotos saltarse las restricciones de acceso previstas. • http://secunia.com/advisories/31322 http://secunia.com/advisories/35162 http://www.redhat.com/support/errata/RHSA-2008-0486.html http://www.redhat.com/support/errata/RHSA-2009-0955.html http://www.securityfocus.com/bid/30466 http://www.securitytracker.com/id?1020589 https://exchange.xforce.ibmcloud.com/vulnerabilities/44256 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10638 https://access.redhat.com/security/cve/CVE-2008-1376 https://bugzilla&# • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.8EPSS: 13%CPEs: 35EXPL: 3CVE-2008-1447 – BIND 9.4.1 < 9.4.2 - Remote DNS Cache Poisoning
https://notcve.org/view.php?id=CVE-2008-1447
The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug." El protocolo DNS, como es implementado en (1) BIND 8 y 9 en versiones anteriores a 9.5.0-P1, 9.4.2-P1 y 9.3.5-P1; (2) Microsoft DNS en Windows 2000 SP4, XP SP2 y SP3 y Server 2003 SP1 y SP2; y otras implementaciones permiten a atacantes remotos suplantar el tráfico DNS a través de un ataque de un cumpleaños que usa referencias in-bailiwick para llevar a cabo un envenenamiento del caché contra resolutores recursivos, relacionado con la insifuciente aleatoriedad de la ID de la transacción DNS y los puertos de origen, vulnerabilidad también conocida como "DNS Insufficient Socket Entropy Vulnerability" o "the Kaminsky bug". • https://www.exploit-db.com/exploits/6122 https://www.exploit-db.com/exploits/6130 https://www.exploit-db.com/exploits/6123 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID • CWE-331: Insufficient Entropy •
CVSS: 4.3EPSS: 0%CPEs: 64EXPL: 0CVE-2008-2808 – Firefox file location escaping flaw
https://notcve.org/view.php?id=CVE-2008-2808
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly escape HTML in file:// URLs in directory listings, which allows remote attackers to conduct cross-site scripting (XSS) attacks or have unspecified other impact via a crafted filename. Mozilla Firefox anterior a 2.0.0.15 y SeaMonkey anterior a 1.1.10 no escapan correctamente el HTML en listados de directorios file:// URLs, lo que permite a atacantes remotos llevar a cabo ataques de secuencias de comandos en sitios cruzados (XSS) o tener otros impactos no especificados mediante un nombre de archivo modificado. • http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00004.html http://rhn.redhat.com/errata/RHSA-2008-0616.html http://secunia.com/advisories/30878 http://secunia.com/advisories/30898 http://secunia.com/advisories/30903 http://secunia.com/advisories/30911 http://secunia.com/advisories/30949 http://secunia.com/advisories/31005 http://secunia.com/advisories/31008 http://secunia.com/advisories/31021 http://secunia.com/advisories/31023 http://secunia.com/advisories/3 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.9EPSS: 0%CPEs: 3EXPL: 1CVE-2008-2944
https://notcve.org/view.php?id=CVE-2008-2944
Double free vulnerability in the utrace support in the Linux kernel, probably 2.6.18, in Red Hat Enterprise Linux (RHEL) 5 and Fedora Core 6 (FC6) allows local users to cause a denial of service (oops), as demonstrated by a crash when running the GNU GDB testsuite, a different vulnerability than CVE-2008-2365. Vulnerabilidad de doble liberación en el soporte utrace del núcleo de Linux, probablemente de 2.6.18, en Red Hat Enterprise Linux (RHEL) 5 y Fedora Core 6 (FC6) permite a usuarios locales provocar una denegación de servicio (OOPS), como lo demostrado por una caída cuando se está ejecutando la testsuite GNU GDB, una vulnerabilidad diferente a CVE-2008-2365. • https://bugzilla.redhat.com/show_bug.cgi?id=207002 https://bugzilla.redhat.com/show_bug.cgi?id=449359 https://exchange.xforce.ibmcloud.com/vulnerabilities/43556 • CWE-415: Double Free •