CVE-2014-8529
https://notcve.org/view.php?id=CVE-2014-8529
McAfee Network Data Loss Prevention (NDLP) before 9.3 stores the SSH key in cleartext, which allows local users to obtain sensitive information via unspecified vectors. McAfee Network Data Loss Prevention (NDLP) anterior a 9.3 almacena la clave SSH en texto plano, lo que permite a usuarios locales obtener información sensible a través de vectores no especificados. • https://kc.mcafee.com/corporate/index?page=content&id=SB10053 • CWE-310: Cryptographic Issues •
CVE-2014-8526
https://notcve.org/view.php?id=CVE-2014-8526
McAfee Network Data Loss Prevention (NDLP) before 9.3 allows local users to obtain sensitive information by reading a Java stack trace. McAfee Network Data Loss Prevention (NDLP) anterior a 9.3 permite a usuarios locales obtener información sensible mediante la lectura de una traza de pilas Java. • https://kc.mcafee.com/corporate/index?page=content&id=SB10053 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2014-8525
https://notcve.org/view.php?id=CVE-2014-8525
McAfee Network Data Loss Prevention (NDLP) before 9.3 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie. McAfee Network Data Loss Prevention (NDLP) anterior a 9.3 no incluye el indicador HTTPOnly en una cabecera Set-Cookie para la cookie de la sesión, lo que facilita a atacantes remotos obtener información potencialmente sensible a través del acceso de secuencias de comandos a esta cookie. • http://www.securityfocus.com/bid/70823 https://exchange.xforce.ibmcloud.com/vulnerabilities/98431 https://kc.mcafee.com/corporate/index?page=content&id=SB10053 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2014-8531
https://notcve.org/view.php?id=CVE-2014-8531
The TLS/SSL Server in McAfee Network Data Loss Prevention (NDLP) before 9.3 uses weak cipher algorithms, which makes it easier for remote authenticated users to execute arbitrary code via unspecified vectors. El servidor TLS/SSL en McAfee Network Data Loss Prevention (NDLP) anterior a 9.3 utiliza algoritmos de cifrado débiles, lo que facilita a usuarios remotos autenticados ejecutar código arbitrario a través de vectores no especificados. • http://www.securityfocus.com/bid/70831 https://exchange.xforce.ibmcloud.com/vulnerabilities/98432 https://kc.mcafee.com/corporate/index?page=content&id=SB10053 • CWE-310: Cryptographic Issues •
CVE-2004-0230 – TCP Connection Reset - Remote Denial of Service
https://notcve.org/view.php?id=CVE-2004-0230
TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP. TCP, cuando se usa un tamaño de ventana de transmisión grande, hace más fácil a atacantes remotos adivinar números de secuencia y causar una denegación de servicio (pérdida de la conexión) en conexiones TCP persistentes inyectando repetidamente un paquete TCP RST, especialmente en protocolos que usan conexiones de vida larga, como BGP. • https://www.exploit-db.com/exploits/291 https://www.exploit-db.com/exploits/24030 https://www.exploit-db.com/exploits/24031 https://www.exploit-db.com/exploits/24033 https://www.exploit-db.com/exploits/24032 https://www.exploit-db.com/exploits/942 https://www.exploit-db.com/exploits/276 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-006.txt.asc ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.3/SCOSA-2005.3.txt ftp://ftp.sco.com/ •