CVE-2018-12121 – nodejs: Denial of Service with large HTTP headers
https://notcve.org/view.php?id=CVE-2018-12121
Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of the headers, it is possible to cause the HTTP server to abort from heap allocation failure. Attack potential is mitigated by the use of a load balancer or other proxy layer. Node.js: Todas las versiones anteriores a la 6.15.0, 8.14.0, 10.14.0 y 11.3.0: Denegación de servicio (DoS) con cabeceras HTTP grandes. Mediante la combinación de muchas peticiones con cabeceras de tamaño máximo (casi 80 KB por conexión) y al terminar a su debido tiempo las cabeceras, es posible provocar que el servidor HTTP aborte el fallo de asignación de memoria dinámica (heap). El potencial del ataque se ve mitigado por el uso de un balance de carga u otra capa del proxy. • http://www.securityfocus.com/bid/106043 https://access.redhat.com/errata/RHSA-2019:1821 https://access.redhat.com/errata/RHSA-2019:2258 https://access.redhat.com/errata/RHSA-2019:3497 https://nodejs.org/en/blog/vulnerability/november-2018-security-releases https://security.gentoo.org/glsa/202003-48 https://access.redhat.com/security/cve/CVE-2018-12121 https://bugzilla.redhat.com/show_bug.cgi?id=1661002 • CWE-400: Uncontrolled Resource Consumption •
CVE-2018-14646 – kernel: NULL pointer dereference in af_netlink.c:__netlink_ns_capable() allows for denial of service
https://notcve.org/view.php?id=CVE-2018-14646
The Linux kernel before 4.15-rc8 was found to be vulnerable to a NULL pointer dereference bug in the __netlink_ns_capable() function in the net/netlink/af_netlink.c file. A local attacker could exploit this when a net namespace with a netnsid is assigned to cause a kernel panic and a denial of service. El kernel de Linux en versiones anteriores a la 4.15-rc8 era vulnerable a un error de desreferencia de puntero NULL en la función __netlink_ns_capable() en el archivo net/netlink/af_netlink.c. Un atacante local podría explotarlo cuando un espacio de nombres de red con un netnsid se asigne para provocar un kernel de pánico y ataque de denegación de servicio (DoS). The Linux kernel was found to be vulnerable to a NULL pointer dereference bug in the __netlink_ns_capable() function in the net/netlink/af_netlink.c file. • https://access.redhat.com/errata/RHSA-2018:3651 https://access.redhat.com/errata/RHSA-2018:3666 https://access.redhat.com/errata/RHSA-2018:3843 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14646 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f428fe4a04cc339166c8bbd489789760de3a0cee https://marc.info/?l=linux-netdev&m=151500466401174&w=2 https://access.redhat.com/security/cve/CVE-2018-14646 https://bugzilla.redhat.com/show_bug.cgi?id=1630124 • CWE-476: NULL Pointer Dereference •
CVE-2018-19475 – ghostscript: access bypass in psi/zdevice2.c (700153)
https://notcve.org/view.php?id=CVE-2018-19475
psi/zdevice2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because available stack space is not checked when the device remains the same. psi/zdevice2.c en Artifex Ghostscript en versiones anteriores a la 9.26 permite a los atacantes remotos omitir las restricciones de acceso planeadas debido a que el espacio de pila disponible no se comprueba cuando el dispositivo no cambia. • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=3005fcb9bb160af199e761e03bc70a9f249a987e http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=aeea342904978c9fe17d85f4906a0f6fcce2d315 http://www.securityfocus.com/bid/106154 https://access.redhat.com/errata/RHBA-2019:0327 https://access.redhat.com/errata/RHSA-2019:0229 https://bugs.ghostscript.com/show_bug.cgi?id=700153 https://lists.debian.org/debian-lts-announce/2018/11/msg00036.html https://semmle.com/news/semmle-discovers-severe-vulnerabilit • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2018-19476 – ghostscript: access bypass in psi/zicc.c (700169)
https://notcve.org/view.php?id=CVE-2018-19476
psi/zicc.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a setcolorspace type confusion. psi/zicc.c en Artifex Ghostscript en versiones anteriores a la 9.26 permite a los atacantes remotos omitir las restricciones de acceso planeadas debido a una confusión del tipo setcolorspace. • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=67d760ab775dae4efe803b5944b0439aa3c0b04a http://git.ghostscript.com/?p=ghostpdl.git%3Bh=434753adbe8be5534bfb9b7d91746023e8073d16 http://www.securityfocus.com/bid/106154 https://access.redhat.com/errata/RHBA-2019:0327 https://access.redhat.com/errata/RHSA-2019:0229 https://bugs.ghostscript.com/show_bug.cgi?id=700169 https://lists.debian.org/debian-lts-announce/2018/11/msg00036.html https://semmle.com/news/semmle-discovers-severe-vulnerability-ghostscript • CWE-704: Incorrect Type Conversion or Cast CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVE-2018-19477 – ghostscript: access bypass in psi/zfjbig2.c (700168)
https://notcve.org/view.php?id=CVE-2018-19477
psi/zfjbig2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a JBIG2Decode type confusion. psi/zfjbig2.c en Artifex Ghostscript en versiones anteriores a la 9.26 permite a los atacantes remotos omitir las restricciones de acceso planeadas debido a una confusión del tipo JBIG2Decode. • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=ef252e7dc214bcbd9a2539216aab9202848602bb http://git.ghostscript.com/?p=ghostpdl.git%3Bh=606a22e77e7f081781e99e44644cd0119f559e03 http://www.securityfocus.com/bid/106154 https://access.redhat.com/errata/RHBA-2019:0327 https://access.redhat.com/errata/RHSA-2019:0229 https://bugs.ghostscript.com/show_bug.cgi?id=700168 https://lists.debian.org/debian-lts-announce/2018/11/msg00036.html https://semmle.com/news/semmle-discovers-severe-vulnerability-ghostscript • CWE-704: Incorrect Type Conversion or Cast CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •