CVSS: 6.9EPSS: 0%CPEs: 4EXPL: 0CVE-2013-1976 – tomcat: Improper TOMCAT_LOG management in init script (DoS, ACE)
https://notcve.org/view.php?id=CVE-2013-1976
The (1) tomcat5, (2) tomcat6, and (3) tomcat7 init scripts, as used in the RPM distribution of Tomcat for JBoss Enterprise Web Server 1.0.2 and 2.0.0, and Red Hat Enterprise Linux 5 and 6, allow local users to change the ownership of arbitrary files via a symlink attack on (a) tomcat5-initd.log, (b) tomcat6-initd.log, (c) catalina.out, or (d) tomcat7-initd.log. Los scripts de inicio de (1) tomcat5, (2) tomcat6, y (3) tomcat7, como los usados en las distribuciones RPM de Tomcat para JBoss Enterprise Web Server v1.0.2 y v2.0.0, y Red Hat Enterprise Linux 5 y 6, permite a usuarios locales cambiar el propietario de ficheros a través de un ataque de enlace simbólico sobre a) tomcat5-initd.log, (b) tomcat6-initd.log, (c) catalina.out, o (d) tomcat7-initd.log. • http://lists.opensuse.org/opensuse-updates/2013-08/msg00013.html http://rhn.redhat.com/errata/RHSA-2013-0869.html http://rhn.redhat.com/errata/RHSA-2013-0870.html http://rhn.redhat.com/errata/RHSA-2013-0871.html http://rhn.redhat.com/errata/RHSA-2013-0872.html https://bugzilla.redhat.com/show_bug.cgi?id=927622 https://access.redhat.com/security/cve/CVE-2013-1976 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 5.0EPSS: 95%CPEs: 23EXPL: 0CVE-2002-2443 – krb5: UDP ping-pong flaw in kpasswd
https://notcve.org/view.php?id=CVE-2002-2443
schpw.c in the kpasswd service in kadmind in MIT Kerberos 5 (aka krb5) before 1.11.3 does not properly validate UDP packets before sending responses, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged packet that triggers a communication loop, as demonstrated by krb_pingpong.nasl, a related issue to CVE-1999-0103. schpw.c en el servicio kpasswd en kadmind en MIT Kerberos 5 (conocido como krb5) anterior a v1.11.3 no valida correctamente los paquetes UDP antes de enviar respuestas, lo que permite a atacantes remotos provocar una denegación de servicio (consumo de CPU y ancho de banda) a través de un paquete "forged" que activa un circuito de comunicación, como se demostró en krb_pingpong.nasl, un fallo relacionado con CVE-1999-0103. • http://krbdev.mit.edu/rt/Ticket/Display.html?id=7637 http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105879.html http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105978.html http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106698.html http://lists.opensuse.org/opensuse-updates/2013-07/msg00004.html http://lists.opensuse.org/opensuse-updates/2013-07/msg00007.html http://rhn.redhat.com/errata/RHSA-2013-0942.html http://www.debian.org/s • CWE-20: Improper Input Validation •
CVSS: 5.1EPSS: 20%CPEs: 27EXPL: 0CVE-2013-1862 – httpd: mod_rewrite allows terminal escape sequences to be written to the log file
https://notcve.org/view.php?id=CVE-2013-1862
mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator. mod_rewrite.c en el modulo mod_rewrite en Apache HTTP Server v2.2.x anterior a v2.2.25 escribe datos en un archivo de log sin eliminar caracteres no imprimibles, lo que podría permitir a un atacante remotos ejecutar comandos arbitrarios a través de una petición HTTP que contiene una secuencia de escape para un emulador de terminal. • http://lists.opensuse.org/opensuse-updates/2013-08/msg00026.html http://lists.opensuse.org/opensuse-updates/2013-08/msg00029.html http://lists.opensuse.org/opensuse-updates/2013-08/msg00030.html http://people.apache.org/~jorton/mod_rewrite-CVE-2013-1862.patch http://rhn.redhat.com/errata/RHSA-2013-0815.html http://rhn.redhat.com/errata/RHSA-2013-1207.html http://rhn.redhat.com/errata/RHSA-2013-1208.html http://rhn.redhat.com/errata/RHSA-2013-1209.html http://secunia. •
CVSS: 4.3EPSS: 0%CPEs: 10EXPL: 0CVE-2012-6137 – subscription-manager: rhn-migrate-classic-to-rhsm missing SSL certificate verification
https://notcve.org/view.php?id=CVE-2012-6137
rhn-migrate-classic-to-rhsm tool in Red Hat subscription-manager does not verify the Red Hat Network Classic server's X.509 certificate when migrating to a Certificate-based Red Hat Network, which allows remote man-in-the-middle attackers to obtain sensitive information such as user credentials. rhn-migrate-classic-to-rhsm tool en Red Hat subscription-manager no verifica el certificado de servidor X.509 en Red Hat Network Classic cuando se está migrando a Certificate-based Red Hat Network, lo que permite a atacantes remotos "man-in-the-middle" obtener información sensible como credenciales de usuario. • http://osvdb.org/93058 http://rhn.redhat.com/errata/RHSA-2013-0788.html http://secunia.com/advisories/53330 http://www.securityfocus.com/bid/59674 http://www.securitytracker.com/id/1028520 https://bugzilla.redhat.com/show_bug.cgi?id=885130 https://exchange.xforce.ibmcloud.com/vulnerabilities/84020 https://access.redhat.com/security/cve/CVE-2012-6137 • CWE-255: Credentials Management Errors •
CVSS: 4.7EPSS: 0%CPEs: 208EXPL: 0CVE-2013-2015
https://notcve.org/view.php?id=CVE-2013-2015
The ext4_orphan_del function in fs/ext4/namei.c in the Linux kernel before 3.7.3 does not properly handle orphan-list entries for non-journal filesystems, which allows physically proximate attackers to cause a denial of service (system hang) via a crafted filesystem on removable media, as demonstrated by the e2fsprogs tests/f_orphan_extents_inode/image.gz test. La funcion ext4_orphan_del en fs/ext4/namei.c en Linux Kernel anterior a v3.7.3 no maneja adecuadamente las cabeceras orphan-list para sistemas de ficheros non-journal, lo que permite causar a atacantes físicamente próximos una denegación de servicio (bloqueo del sistema) a través de un sistema de archivos diseñado en medios extraíbles, como se demostró en el test de e2fsprogs tests/f_orphan_extents_inode/image.gz. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0e9a9a1ad619e7e987815d20262d36a2f95717ca http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.7.3 http://www.openwall.com/lists/oss-security/2013/04/26/16 https://bugzilla.redhat.com/show_bug.cgi?id=957123 https://github.com/torvalds/linux/commit/0e9a9a1ad619e7e987815d20262d36a2f95717ca • CWE-399: Resource Management Errors •