Page 49 of 547 results (0.013 seconds)

CVSS: 8.1EPSS: 0%CPEs: 18EXPL: 1

A mechanism that uses AppCache to hijack a URL in a domain using fallback by serving the files from a sub-path on the domain. This has been addressed by requiring fallback files be inside the manifest directory. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55. Un mecanismo que utiliza AppCache para secuestrar una URL en un dominio utilizando fallback sirviendo los archivos desde una subruta en el dominio. Esto se ha solucionado al requerir que los archivos fallback estén dentro del directorio manifest. • http://www.securityfocus.com/bid/100242 http://www.securitytracker.com/id/1039124 https://access.redhat.com/errata/RHSA-2017:2456 https://access.redhat.com/errata/RHSA-2017:2534 https://bugzilla.mozilla.org/show_bug.cgi?id=1376459 https://security.gentoo.org/glsa/201803-14 https://www.debian.org/security/2017/dsa-3928 https://www.debian.org/security/2017/dsa-3968 https://www.mozilla.org/security/advisories/mfsa2017-18 https://www.mozilla.org/security/advisories/mfsa2017-19 • CWE-20: Improper Input Validation CWE-829: Inclusion of Functionality from Untrusted Control Sphere •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

discovery-debug in Foreman before 6.2 when the ssh service has been enabled on discovered nodes displays the root password in plaintext in the system journal when used to log in, which allows local users with access to the system journal to obtain the root password by reading the system journal, or by clicking Logs on the console. Se ha descubierto una vulnerabilidad en el descovery-debug en Foreman versión anterior a 6.2 cuando el servicio ssh se ha habilitado en los nodos descubiertos muestra la contraseña de tipo root en texto plano del sistema cuando se usa para iniciar sesión, lo que permite a los usuarios locales con acceso al System Journal puedan obtener la contraseña de tipo root leyendo El System Journal, o haciendo clic en Registros en la consola. A flaw was found in discovery-debug in foreman. An attacker, with permissions to view the debug results, would be able to view the root password associated with that system, potentially allowing them to access it. • https://access.redhat.com/errata/RHSA-2018:0336 https://bugzilla.redhat.com/show_bug.cgi?id=1349136 https://access.redhat.com/security/cve/CVE-2016-4996 • CWE-255: Credentials Management Errors CWE-532: Insertion of Sensitive Information into Log File •

CVSS: 4.7EPSS: 0%CPEs: 4EXPL: 0

/usr/libexec/openldap/generate-server-cert.sh in openldap-servers sets weak permissions for the TLS certificate, which allows local users to obtain the TLS certificate by leveraging a race condition between the creation of the certificate, and the chmod to protect it. La biblioteca /usr/libexec/openldap/generate-server-cert.sh en openldap-servers se establece permisos débiles para el certificado TLS, que permite a los usuarios locales obtener el certificado TLS mediante el aprovechamiento de una condición de carrera entre la creación del certificado y la función chmod para protegerlo • https://bugzilla.redhat.com/show_bug.cgi?id=1346120 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 9.1EPSS: 46%CPEs: 34EXPL: 0

In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial key with no '=' assignment could reflect the stale value of uninitialized pool memory used by the prior request, leading to leakage of potentially confidential information, and a segfault in other cases resulting in denial of service. En Apache httpd, en versiones anteriores a la 2.2.34 y en versiones 2.4.x anteriores a la 2.4.27, el valor placeholder en cabeceras [Proxy-]Authorization del tipo 'Digest' no se inicializó o reinició antes de o entre las asignaciones sucesivas key=value por mod_auth_digest. Proporcionar una clave inicial sin asignación "=" podría reflejar el valor obsoleto de la memoria agrupada no inicializada utilizada por la petición anterior. Esto podría dar lugar al filtrado de información potencialmente confidencial y, en otros casos, a un fallo de segmentación que daría como resultado una denegación de servicio (DoS) It was discovered that the httpd's mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. • http://www.debian.org/security/2017/dsa-3913 http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html http://www.securityfocus.com/bid/99569 http://www.securitytracker.com/id/1038906 https://access.redhat.com/errata/RHSA-2017:2478 https://access.redhat.com/errata/RHSA-2017:2479 https://access.redhat.com/errata/RHSA-2017:2483 https://access.redhat.com/errata/RHSA-2017:2708 https://access.redhat.com/errata/RHSA-2017:2709 https://access.redhat.com/errata/RHS • CWE-20: Improper Input Validation CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-456: Missing Initialization of a Variable •

CVSS: 9.8EPSS: 1%CPEs: 35EXPL: 0

In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed. En Apache httpd, en versiones 2.2.x anteriores a la 2.2.33 y versiones 2.4.x anteriores a la 2.4.26, el uso de ap_get_basic_auth_pw() por parte de módulos de terceros fuera de la fase de autenticación puede dar lugar a que se omitan requisitos de autenticación.. It was discovered that the use of httpd's ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. • http://www.debian.org/security/2017/dsa-3896 http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html http://www.securityfocus.com/bid/99135 http://www.securitytracker.com/id/1038711 https://access.redhat.com/errata/RHSA-2017:2478 https://access.redhat.com/errata/RHSA-2017:2479 https://access.redhat.com/errata/RHSA-2017:2483 https://access.redhat.com/errata/RHSA-2017:3193 https://access.redhat.com/errata/RHSA-2017:3194 https://access.redhat.com/errata/RHS • CWE-287: Improper Authentication •