CVSS: 7.8EPSS: 0%CPEs: 339EXPL: 0CVE-2016-1255
https://notcve.org/view.php?id=CVE-2016-1255
The pg_ctlcluster script in postgresql-common package in Debian wheezy before 134wheezy5, in Debian jessie before 165+deb8u2, in Debian unstable before 178, in Ubuntu 12.04 LTS before 129ubuntu1.2, in Ubuntu 14.04 LTS before 154ubuntu1.1, in Ubuntu 16.04 LTS before 173ubuntu0.1, in Ubuntu 17.04 before 179ubuntu0.1, and in Ubuntu 17.10 before 184ubuntu1.1 allows local users to gain root privileges via a symlink attack on a logfile in /var/log/postgresql. El script pg_ctlcluster en el paquete postgresql-common en Debian wheezy en versiones anteriores a la 134wheezy5; Debian jessie en versiones anteriores a la 165+deb8u2; Debian inestable en versiones anteriores a la 178; Ubuntu 12.04 LTS en versiones anteriores a la 129ubuntu1.2; Ubuntu 14.04 LTS en versiones anteriores a la 154ubuntu1.1; Ubuntu 16.04 LTS en versiones anteriores a la 173ubuntu0.1; Ubuntu 17.04 en versiones anteriores a la 179ubuntu0.1 y en Ubuntu 17.10 en versiones anteriores a la 184ubuntu1.1 permite que usuarios locales obtengan privilegios root mediante un ataque de enlace simbólico en un archivo de registro en /var/log/postgresql. • http://www.ubuntu.com/usn/USN-3476-1 http://www.ubuntu.com/usn/USN-3476-2 https://anonscm.debian.org/cgit/pkg-postgresql/postgresql-common.git/commit/?id=c8989206ec360f199400c74f129f7b4cb878c1ee https://lists.debian.org/debian-lts-announce/2017/01/msg00002.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 9.8EPSS: 8%CPEs: 8EXPL: 0CVE-2017-16548
https://notcve.org/view.php?id=CVE-2017-16548
The receive_xattr function in xattrs.c in rsync 3.1.2 and 3.1.3-development does not check for a trailing '\0' character in an xattr name, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact by sending crafted data to the daemon. La función receive_xattr en xattrs.c en rsync 3.1.2 y 3.1.3-development no comprueba un carácter final '\0' en un nombre xattr, lo que permite que atacantes remotos provoquen una denegación de servicio (desbordamiento de búfer basado en memoria dinámica o heap y cierre inesperado de la aplicación) o, posiblemente, causen otros impactos no especificados enviando datos manipulados al demonio. • https://bugzilla.samba.org/show_bug.cgi?id=13112 https://git.samba.org/rsync.git/?p=rsync.git%3Ba=commit%3Bh=47a63d90e71d3e19e0e96052bb8c6b9cb140ecc1 https://lists.debian.org/debian-lts-announce/2017/12/msg00020.html https://usn.ubuntu.com/3543-1 https://usn.ubuntu.com/3543-2 https://www.debian.org/security/2017/dsa-4068 • CWE-125: Out-of-bounds Read •
CVSS: 7.2EPSS: 0%CPEs: 11EXPL: 0CVE-2017-16525
https://notcve.org/view.php?id=CVE-2017-16525
The usb_serial_console_disconnect function in drivers/usb/serial/console.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device, related to disconnection and failed setup. La función usb_serial_console_disconnect en drivers/usb/serial/console.c en el kernel de Linux, en versiones anteriores a la 4.13.8, permite que los usuarios locales provoquen una denegación de servicio (uso de memoria previamente liberada y cierre inesperado del sistema) o, posiblemente, causen otros impactos no especificados mediante llamadas del sistema manipuladas. Esto está relacionado con desconexión y fallo de instalación. • http://www.securityfocus.com/bid/102028 https://github.com/torvalds/linux/commit/299d7572e46f98534033a9e65973f13ad1ce9047 https://github.com/torvalds/linux/commit/bd998c2e0df0469707503023d50d46cf0b10c787 https://groups.google.com/d/msg/syzkaller/cMACrmo1x0k/4KhRoUgABAAJ https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html https://usn.ubuntu.com/3583-1 https://usn.ubuntu.com/3583-2 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 30%CPEs: 54EXPL: 3CVE-2017-14491 – Dnsmasq < 2.78 - 2-byte Heap Overflow
https://notcve.org/view.php?id=CVE-2017-14491
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response. Un desbordamiento de búfer basado en memoria dinámica (heap) en dnsmasq en versiones anteriores a la 2.78 permite a los atacantes provocar una denegación de servicio (cierre inesperado) o ejecutar código arbitrario utilizando una respuesta DNS manipulada. A heap buffer overflow was found in dnsmasq in the code responsible for building DNS replies. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash or, potentially, execute arbitrary code. Dnsmasq versions prior to 2.78 suffer from a 2-byte heap-based overflow vulnerability. • https://www.exploit-db.com/exploits/42941 https://github.com/skyformat99/dnsmasq-2.4.1-fix-CVE-2017-14491 http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html http://nvidia.custhelp.com/app/answers/detail/a_id/4560 http://nvidia.custhelp.com/a • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 1CVE-2015-3643 – usb-creator 0.2.x (Ubuntu 12.04/14.04/14.10) - Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2015-3643
usb-creator before 0.2.38.3ubuntu0.1 on Ubuntu 12.04 LTS, before 0.2.56.3ubuntu0.1 on Ubuntu 14.04 LTS, before 0.2.62ubuntu0.3 on Ubuntu 14.10, and before 0.2.67ubuntu0.1 on Ubuntu 15.04 allows local users to gain privileges by leveraging a missing call check_polkit for the KVMTest method. usb-creator en versiones anteriores a 0.2.38.3ubuntu0.1 en Ubuntu 12.04 LTS, en versiones anteriores a 0.2.56.3ubuntu0.1 en Ubuntu 14.04 LTS, en versiones anteriores a 0.2.62ubuntu0.3 en Ubuntu 14.10 y en versiones anteriores a 0.2.67ubuntu0.1 en Ubuntu 15.04 permite que los usuarios locales obtengan privilegios aprovechando que el método KVMTest se olvida de llamar a la función check_polkit. • https://www.exploit-db.com/exploits/36820 http://www.openwall.com/lists/oss-security/2015/04/22/12 http://www.openwall.com/lists/oss-security/2015/05/04/3 http://www.securityfocus.com/bid/74304 https://bazaar.launchpad.net/~usb-creator-hackers/usb-creator/trunk/revision/470 https://usn.ubuntu.com/usn/usn-2576-1 https://usn.ubuntu.com/usn/usn-2576-2 • CWE-264: Permissions, Privileges, and Access Controls •