CVE-2002-2443 – krb5: UDP ping-pong flaw in kpasswd
https://notcve.org/view.php?id=CVE-2002-2443
schpw.c in the kpasswd service in kadmind in MIT Kerberos 5 (aka krb5) before 1.11.3 does not properly validate UDP packets before sending responses, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged packet that triggers a communication loop, as demonstrated by krb_pingpong.nasl, a related issue to CVE-1999-0103. schpw.c en el servicio kpasswd en kadmind en MIT Kerberos 5 (conocido como krb5) anterior a v1.11.3 no valida correctamente los paquetes UDP antes de enviar respuestas, lo que permite a atacantes remotos provocar una denegación de servicio (consumo de CPU y ancho de banda) a través de un paquete "forged" que activa un circuito de comunicación, como se demostró en krb_pingpong.nasl, un fallo relacionado con CVE-1999-0103. • http://krbdev.mit.edu/rt/Ticket/Display.html?id=7637 http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105879.html http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105978.html http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106698.html http://lists.opensuse.org/opensuse-updates/2013-07/msg00004.html http://lists.opensuse.org/opensuse-updates/2013-07/msg00007.html http://rhn.redhat.com/errata/RHSA-2013-0942.html http://www.debian.org/s • CWE-20: Improper Input Validation •
CVE-2013-1862 – httpd: mod_rewrite allows terminal escape sequences to be written to the log file
https://notcve.org/view.php?id=CVE-2013-1862
mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator. mod_rewrite.c en el modulo mod_rewrite en Apache HTTP Server v2.2.x anterior a v2.2.25 escribe datos en un archivo de log sin eliminar caracteres no imprimibles, lo que podría permitir a un atacante remotos ejecutar comandos arbitrarios a través de una petición HTTP que contiene una secuencia de escape para un emulador de terminal. • http://lists.opensuse.org/opensuse-updates/2013-08/msg00026.html http://lists.opensuse.org/opensuse-updates/2013-08/msg00029.html http://lists.opensuse.org/opensuse-updates/2013-08/msg00030.html http://people.apache.org/~jorton/mod_rewrite-CVE-2013-1862.patch http://rhn.redhat.com/errata/RHSA-2013-0815.html http://rhn.redhat.com/errata/RHSA-2013-1207.html http://rhn.redhat.com/errata/RHSA-2013-1208.html http://rhn.redhat.com/errata/RHSA-2013-1209.html http://secunia. •
CVE-2012-6137 – subscription-manager: rhn-migrate-classic-to-rhsm missing SSL certificate verification
https://notcve.org/view.php?id=CVE-2012-6137
rhn-migrate-classic-to-rhsm tool in Red Hat subscription-manager does not verify the Red Hat Network Classic server's X.509 certificate when migrating to a Certificate-based Red Hat Network, which allows remote man-in-the-middle attackers to obtain sensitive information such as user credentials. rhn-migrate-classic-to-rhsm tool en Red Hat subscription-manager no verifica el certificado de servidor X.509 en Red Hat Network Classic cuando se está migrando a Certificate-based Red Hat Network, lo que permite a atacantes remotos "man-in-the-middle" obtener información sensible como credenciales de usuario. • http://osvdb.org/93058 http://rhn.redhat.com/errata/RHSA-2013-0788.html http://secunia.com/advisories/53330 http://www.securityfocus.com/bid/59674 http://www.securitytracker.com/id/1028520 https://bugzilla.redhat.com/show_bug.cgi?id=885130 https://exchange.xforce.ibmcloud.com/vulnerabilities/84020 https://access.redhat.com/security/cve/CVE-2012-6137 • CWE-255: Credentials Management Errors •
CVE-2013-0791 – Mozilla: Out-of-bounds array read in CERT_DecodeCertPackage (MFSA 2013-40)
https://notcve.org/view.php?id=CVE-2013-0791
The CERT_DecodeCertPackage function in Mozilla Network Security Services (NSS), as used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to cause a denial of service (out-of-bounds read and memory corruption) via a crafted certificate. La función CERT_DecodeCertPackage en Mozilla Network Security Services (NSS), tal como se utiliza en Mozilla Firefox antes de v20.0, Firefox ESR v17.x antes v17.0.5, Thunderbird antes de v17.0.5, Thunderbird ESR v17.x antes de v17.0.5, SeaMonkey antes de v2.17, y otros productos, permite a atacantes remotos provocar una denegación de servicio (fuera del terreno de juego y lectura de corrupción de memoria) a través de un certificado manipulado. • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761 http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00019.html http://rhn.redhat.com/errata/RHSA-2013-1135.html http://rhn.redhat.com/errata/RHSA-2013-1144.html http://www.mozilla.org/security • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2013-0772 – Mozilla: Out-of-bounds read in image rendering (MFSA 2013-22)
https://notcve.org/view.php?id=CVE-2013-0772
The RasterImage::DrawFrameTo function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and application crash) via a crafted GIF image. La función RasterImage::DrawFrameTo function en Mozilla Firefox anterior a v19.0, Thunderbird anterior a v17.0.3, y SeaMonkey anterior a v2.16, permite a atacantes remotos obtener información sensible de los procesos de memoria o provocar una denegación de servicio (lectura de memoria fuera de rango o caída de aplicación) a través de una imagen GIF manipulada. • http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00017.html http://lists.opensuse.org/opensuse-updates/2013-02/msg00062.html http://rhn.redhat.com/errata/RHSA-2013-1812.html http://www.mozilla.org/security/announce/2013/mfsa2013-22.html http://www.ubuntu.com/usn/USN-1729-1 http://www.ubuntu.com/usn/USN-1729-2 https://bugzilla.mozilla.org/show_bug.cgi?id=801366 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17159 https:/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •