Page 6 of 156 results (0.020 seconds)

CVSS: 6.5EPSS: 92%CPEs: 122EXPL: 0

The Incutio XML-RPC (IXR) Library, as used in WordPress before 3.9.2 and Drupal 6.x before 6.33 and 7.x before 7.31, does not limit the number of elements in an XML document, which allows remote attackers to cause a denial of service (CPU consumption) via a large document, a different vulnerability than CVE-2014-5265. La libraría Incutio XML-RPC (IXR) , utilizado en WordPress anterior a 3.9.2 y Drupal 6.x anterior a 6.33 y 7.x anterior a 7.31, no limita el número de elementos en un documento XML, lo que permite a atacantes remotos causar una denegación de servicio (consumo de CPU) a través de un documento grande, una vulnerabilidad diferente a CVE-2014-5265. Wordpress XMLRPC parsing is vulnerable to a XML based denial of service. This vulnerability affects Wordpress 3.5 - 3.9.2 (3.8.4 and 3.7.4 are also patched). • http://cgit.drupalcode.org/drupal/diff/includes/xmlrpc.inc?id=1849830 http://cgit.drupalcode.org/drupal/diff/modules/openid/xrds.inc?id=1849830 http://www.debian.org/security/2014/dsa-2999 http://www.debian.org/security/2014/dsa-3001 https://core.trac.wordpress.org/changeset/29404 https://wordpress.org/news/2014/08/wordpress-3-9-2 https://www.drupal.org/SA-CORE-2014-004 http://www.breaksec.com/?p=6362 https://mashable.com/archive/wordpress-xml-blowup-dos • CWE-399: Resource Management Errors CWE-400: Uncontrolled Resource Consumption •

CVSS: 5.0EPSS: 43%CPEs: 122EXPL: 0

The Incutio XML-RPC (IXR) Library, as used in WordPress before 3.9.2 and Drupal 6.x before 6.33 and 7.x before 7.31, permits entity declarations without considering recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564. La librería Incutio XML-RPC (IXR), utilizada en WordPress anterior a 3.9.2 y Drupal 6.x anterior a 6.33 y 7.x anterior a 7.31, permite declaraciones de entidad sin considerar la recursión durante la expansión de la entidad, lo que permite a atacantes remotos causar una denegación de servicios (consumo de memoria y CPU) a través de un documento XML manipulado que contiene un número grande de referencias de entidad anidadas, un problema similar al CVE-2003-1564. • http://cgit.drupalcode.org/drupal/diff/includes/xmlrpc.inc?id=1849830 http://www.debian.org/security/2014/dsa-2999 http://www.debian.org/security/2014/dsa-3001 https://core.trac.wordpress.org/changeset/29404 https://wordpress.org/news/2014/08/wordpress-3-9-2 https://www.drupal.org/SA-CORE-2014-004 • CWE-399: Resource Management Errors CWE-400: Uncontrolled Resource Consumption •

CVSS: 4.3EPSS: 0%CPEs: 193EXPL: 0

Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 allows attackers to obtain "Tomcat internals" information by leveraging the presence of an untrusted web application with a context.xml, web.xml, *.jspx, *.tagx, or *.tld XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. Apache Tomcat anterior a 6.0.39, 7.x anterior a 7.0.50 y 8.x anterior a 8.0.0-RC10 permite a atacantes obtener información "Tomcat internals" mediante el aprovechamiento de la presencia de una aplicación web no confiable con un documento context.xml, web.xml, *.jspx, *.tagx, o *.tld XML que contiene una declaración de entidad externa en conjunto con una referencia de entidad, relacionada con un problema XML External Entity (XXE). It was found that several application-provided XML files, such as web.xml, content.xml, *.tld, *.tagx, and *.jspx, resolved external entities, permitting XML External Entity (XXE) attacks. An attacker able to deploy malicious applications to Tomcat could use this flaw to circumvent security restrictions set by the JSM, and gain access to sensitive information on the system. Note that this flaw only affected deployments in which Tomcat is running applications from untrusted sources, such as in a shared hosting environment. • http://advisories.mageia.org/MGASA-2014-0148.html http://marc.info/?l=bugtraq&m=144498216801440&w=2 http://secunia.com/advisories/59036 http://secunia.com/advisories/59722 http://secunia.com/advisories/59724 http://secunia.com/advisories/59873 http://svn.apache.org/viewvc?view=revision&revision=1549528 http://svn.apache.org/viewvc?view=revision&revision=1549529 http://svn.apache.org/viewvc?view=revision&revision=1558828 http://tomcat.apache.org/security-6.html http://tomcat.a • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-611: Improper Restriction of XML External Entity Reference •

CVSS: 7.5EPSS: 1%CPEs: 45EXPL: 0

nbd-server in Network Block Device (nbd) before 3.5 does not properly check IP addresses, which might allow remote attackers to bypass intended access restrictions via an IP address that has a partial match in the authfile configuration file. nbd-server en Network Block Device (nbd) anteriores a 3.5 no comprueba correctamente direcciones IP, lo cual podría permitir a atacantes remotos sortear restricciones de acceso intencionadas a través de una dirección IP con una coincidencia parcial en el fichero de configuración authfile. • http://sourceforge.net/mailarchive/forum.php?thread_name=529BAA58.2080401%40uter.be&forum_name=nbd-general http://www.debian.org/security/2013/dsa-2806 http://www.openwall.com/lists/oss-security/2013/11/29/4 http://www.securityfocus.com/bid/64002 http://www.ubuntu.com/usn/USN-2676-1 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 4.3EPSS: 0%CPEs: 66EXPL: 0

The crypt_des (aka DES-based crypt) function in FreeBSD before 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80 character, which makes it easier for context-dependent attackers to obtain access via an authentication attempt with an initial substring of the intended password, as demonstrated by a Unicode password. La función crypt_des (también conocido como crypt basado en DES), en FreeBSD v9.0-RELEASE-p2, tal y como se utiliza en PHP, PostgreSQL y otros productos, no procesa las contraseñas en claro si la contraseña contiene un carácter de 0x80, lo que hace más fácil para los atacantes dependientes del contexto a la hora de obtener acceso a través de un intento de autenticación con una subcadena inicial con la contraseña, tal y como se demuestra con una contraseña Unicode. • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=aab49e934de1fff046e659cbec46e3d053b41c34 http://git.postgresql.org/gitweb/?p=postgresql.git&a=commit&h=932ded2ed51e8333852e370c7a6dad75d9f236f9 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082258.html http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082292.html http://lists.fedoraproject.org • CWE-310: Cryptographic Issues •