CVSS: 7.5EPSS: 96%CPEs: 6EXPL: 1CVE-2008-1105 – Samba 3.0.29 (Client) - 'receive_smb_raw()' Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2008-1105
Heap-based buffer overflow in the receive_smb_raw function in util/sock.c in Samba 3.0.0 through 3.0.29 allows remote attackers to execute arbitrary code via a crafted SMB response. Desbordamiento de búfer basado en montículo en la función receive_smb_raw de util/sock.c en Samba 3.0.0 hasta 3.0.29, permite a atacantes remotos ejecutar código de su elección a través de una respuesta SMB manipulada. • https://www.exploit-db.com/exploits/5712 http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00000.html http://lists.vmware.com/pipermail/security-announce/2008/000023.html http://secunia.com/advisories/30228 http://secunia.com/advisories/30385 http://secunia.com/advisories/30396 http://secunia.com/advisories/30442 http://secunia.com/advisories/30449 http://secunia.com/advisories/30478 http:/&#x • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 4%CPEs: 3EXPL: 0CVE-2008-1672
https://notcve.org/view.php?id=CVE-2008-1672
OpenSSL 0.9.8f and 0.9.8g allows remote attackers to cause a denial of service (crash) via a TLS handshake that omits the Server Key Exchange message and uses "particular cipher suites," which triggers a NULL pointer dereference. OpenSSL 0.9.8f y 0.9.8g permite a atacantes remotos provocar una denegación de servicio (caída) mediante una negociación TLS que omite el Server Key Excahnge y usa "particular cipher suites." • http://cert.fi/haavoittuvuudet/2008/advisory-openssl.html http://secunia.com/advisories/30405 http://secunia.com/advisories/30460 http://secunia.com/advisories/30825 http://secunia.com/advisories/30852 http://secunia.com/advisories/30868 http://secunia.com/advisories/31228 http://secunia.com/advisories/31288 http://security.gentoo.org/glsa/glsa-200806-08.xml http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.562004 http://sourceforge.net/project • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 87%CPEs: 7EXPL: 0CVE-2008-2136 – kernel: sit memory leak
https://notcve.org/view.php?id=CVE-2008-2136
Memory leak in the ipip6_rcv function in net/ipv6/sit.c in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3 allows remote attackers to cause a denial of service (memory consumption) via network traffic to a Simple Internet Transition (SIT) tunnel interface, related to the pskb_may_pull and kfree_skb functions, and management of an skb reference count. Fugas de memoria en la función ip6_rcv de net/ipv6/sit.c en el núcleo de Linux versiones anteriores a 2.6.25.3 permite a atacantes remotos provocar una denegación de servicio (consumo excesivo de memoria) a través de tráfico de red de una interfaz de túnel Simple Internet Transition (SIT), relacionado a las funciones pskb_may_pull y kfree_skb, y la gestión de una cuenta de referencia skb. • http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.3 http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00002.html http://marc.info/?l=linux-netdev&m=121031533024912&w=2 http://secunia.com/advisories/30198 http://secunia.com/advisories/30241 http://secunia.com/advisories/30276 http://secunia.com/advisories/30368 http://secunia.com/advisories/30499 http://secunia.com/advisories/30 • CWE-399: Resource Management Errors CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 4.3EPSS: 2%CPEs: 7EXPL: 0CVE-2008-2009 – vorbis: insufficient validation of Huffman tree causing memory corruption in _make_decode_tree()
https://notcve.org/view.php?id=CVE-2008-2009
Xiph.org libvorbis before 1.0 does not properly check for underpopulated Huffman trees, which allows remote attackers to cause a denial of service (crash) via a crafted OGG file that triggers memory corruption during execution of the _make_decode_tree function. Xiph.org libvorbis versiones anteriores a 1.0 no comprueba apropiadamente para árboles poco poblados Huffman, lo cual permite a atacantes remotos provocar una denegación de servicio (caída) a través de ficheros OGG manipulados que disparan una corrupción de memoria durante la ejecución de la función _make_decode_tree. • http://secunia.com/advisories/30247 http://www.redhat.com/support/errata/RHSA-2008-0271.html http://www.securitytracker.com/id?1020029 http://www.ubuntu.com/usn/USN-861-1 http://www.vupen.com/english/advisories/2008/1510/references https://bugzilla.redhat.com/show_bug.cgi?id=444443 https://exchange.xforce.ibmcloud.com/vulnerabilities/42521 https://access.redhat.com/security/cve/CVE-2008-2009 •
CVSS: 7.8EPSS: 11%CPEs: 6EXPL: 5CVE-2008-0166 – OpenSSL 0.9.8c-1 < 0.9.8g-9 (Debian and Derivatives) - Predictable PRNG Brute Force SSH
https://notcve.org/view.php?id=CVE-2008-0166
OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operating systems uses a random number generator that generates predictable numbers, which makes it easier for remote attackers to conduct brute force guessing attacks against cryptographic keys. OpenSSL versión 0.9.8c-1 hasta versiones anteriores a 0.9.8g-9, sobre sistemas operativos basados en Debian usa un generador de números aleatorios que genera números predecibles, lo que facilita a atacantes remotos la conducción de ataques de adivinación por fuerza bruta contra claves criptográficas. • https://www.exploit-db.com/exploits/5622 https://www.exploit-db.com/exploits/5720 https://www.exploit-db.com/exploits/5632 https://github.com/demining/Vulnerable-to-Debian-OpenSSL-bug-CVE-2008-0166 http://metasploit.com/users/hdm/tools/debian-openssl http://secunia.com/advisories/30136 http://secunia.com/advisories/30220 http://secunia.com/advisories/30221 http://secunia.com/advisories/30231 http://secunia.com/advisories/30239 http://secunia.com/advisories/30249 http:/ • CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) •