CVE-2016-1264
https://notcve.org/view.php?id=CVE-2016-1264
Race condition in the Op command in Juniper Junos OS before 12.1X44-D55, 12.1X46 before 12.1X46-D40, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R11, 12.3X48 before 12.3X48-D20, 12.3X50 before 12.3X50-D50, 13.2 before 13.2R8, 13.2X51 before 13.2X51-D39, 13.2X52 before 13.2X52-D30, 13.3 before 13.3R7, 14.1 before 14.1R6, 14.1X53 before 14.1X53-D30, 14.2 before 14.2R4, 15.1 before 15.1F2 or 15.1R2, 15.1X49 before 15.1X49-D10 or 15.1X49-D20, and 16.1 before 16.1R1 allows remote authenticated users to gain privileges via the URL option. Condición de carrera en el comando Op en Juniper Junos OS en versiones anteriores a 12.1X44-D55, 12.1X46 en versiones anteriores a 12.1X46-D40, 12.1X47 en versiones anteriores a 12.1X47-D25, 12.3 en versiones anteriores a 12.3R11, 12.3X48 en versiones anteriores a 12.3X48-D20, 12.3X50 en versiones anteriores a 12.3X50-D50, 13.2 en versiones anteriores a 13.2R8, 13.2X51 en versiones anteriores a 13.2X51-D39, 13.2X52 en versiones anteriores a 13.2X52-D30, 13.3 en versiones anteriores a 13.3R7, 14.1 en versiones anteriores a 14.1R6, 14.1X53 en versiones anteriores a 14.1X53-D30, 14.2 en versiones anteriores a 14.2R4, 15.1 en versiones anteriores a 15.1F2 o 15.1R2, 15.1X49 en versiones anteriores a 15.1X49-D10 o 15.1X49-D20 y 16.1 en versiones anteriores a 16.1R1 permite a usuarios remotos autenticados obtener privilegios a través de la opción URL. • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10725 http://www.securitytracker.com/id/1035669 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2016-1267
https://notcve.org/view.php?id=CVE-2016-1267
Race condition in the RPC functionality in Juniper Junos OS before 12.1X44-D55, 12.1X46 before 12.1X46-D40, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R11, 12.3X48 before 12.3X48-D20, 13.2 before 13.2R8, 13.2X51 before 13.2X51-D39, 13.3 before 13.3R7, 14.1 before 14.1R6, 14.1X53 before 14.1X53-D30, 14.2 before 14.2R3-S4, 15.1 before 15.1F2, or 15.1R2, 15.1X49 before 15.1X49-D20, and 16.1 before 16.1R1 allows local users to read, delete, or modify arbitrary files via unspecified vectors. Condición de carrera en la funcionalidad RPC en Juniper Junos OS en versiones anteriores a 12.1X44-D55, 12.1X46 en versiones anteriores a 12.1X46-D40, 12.1X47 en versiones anteriores a 12.1X47-D25, 12.3 en versiones anteriores a 12.3R11, 12.3X48 en versiones anteriores a 12.3X48-D20, 13.2 en versiones anteriores a 13.2R8, 13.2X51 en versiones anteriores a 13.2X51-D39, 13.3 en versiones anteriores a 13.3R7, 14.1 en versiones anteriores a 14.1R6, 14.1X53 en versiones anteriores a 14.1X53-D30, 14.2 en versiones anteriores a 14.2R3-S4, 15.1 en versiones anteriores a 15.1F2 o 15.1R2, 15.1X49 en versiones anteriores a 15.1X49-D20 y 16.1 en versiones anteriores a 16.1R1 permite a usuarios locales leer, eliminar o modificar archivos arbitrarios a través de vectores no especificados. • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10730 http://www.securitytracker.com/id/1035668 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVE-2016-1285 – bind: malformed packet sent to rndc can trigger assertion failure
https://notcve.org/view.php?id=CVE-2016-1285
named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed packet to the rndc (aka control channel) interface, related to alist.c and sexpr.c. named en ISC BIND 9.x en versiones anteriores a 9.9.8-P4 y 9.10.x en versiones anteriores a 9.10.3-P4 no maneja adecuadamente los archivos DNAME cuando analiza gramaticalmente la recuperación de mensajes contestados, lo que permite a atacantes remotos provocar una denegación de servicio (fallo de aserción y salida de demonio) a través de un paquete mal formado en la interfaz rndc (también conocido como canal de control), relacionado con alist.c y sexpr.c. A denial of service flaw was found in the way BIND processed certain control channel input. A remote attacker able to send a malformed packet to the control channel could use this flaw to cause named to crash. • http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181036.html http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181037.html http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178831.html http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178880.html http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179904.html http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179911.html http://lists.opensuse.org/opensuse- • CWE-617: Reachable Assertion •
CVE-2016-1286 – bind: malformed signature records for DNAME records can trigger assertion failure
https://notcve.org/view.php?id=CVE-2016-1286
named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted signature record for a DNAME record, related to db.c and resolver.c. named en ISC BIND 9.x en versiones anteriores a 9.9.8-P4 y 9.10.x en versiones anteriores a 9.10.3-P4 permite a atacantes remotos provocar una denegación de servicio (fallo de aserción y salida de demonio) a través de un registro de firma manipulado para un registro DNAME, relacionada con db.c y resolver.c. A denial of service flaw was found in the way BIND parsed signature records for DNAME records. By sending a specially crafted query, a remote attacker could use this flaw to cause named to crash. • http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181036.html http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181037.html http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178831.html http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178880.html http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179904.html http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179911.html http://lists.opensuse.org/opensuse- • CWE-617: Reachable Assertion •
CVE-2014-9708 – Appweb Web Server Denial Of Service
https://notcve.org/view.php?id=CVE-2014-9708
Embedthis Appweb before 4.6.6 and 5.x before 5.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a Range header with an empty value, as demonstrated by "Range: x=,". Embedthis Appweb anterior a 4.6.6 y 5.x anterior a 5.2.1 permite a atacantes remotos causar una denegación de servicio (referencia a puntero nulo) a través de una cabecera de rango con un valor vacío, tal y como fue demostrado por 'Rango: x=,'. Appweb Web Server suffers from a denial of service vulnerability. • http://packetstormsecurity.com/files/131157/Appweb-Web-Server-Denial-Of-Service.html http://seclists.org/fulldisclosure/2015/Apr/19 http://seclists.org/fulldisclosure/2015/Mar/158 http://www.openwall.com/lists/oss-security/2015/03/28/2 http://www.openwall.com/lists/oss-security/2015/04/06/2 http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html http://www.securityfocus.com/archive/1/535028/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/5 • CWE-476: NULL Pointer Dereference •