CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2018-17199 – httpd: mod_session_cookie does not respect expiry time
https://notcve.org/view.php?id=CVE-2018-17199
In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. This causes session expiry time to be ignored for mod_session_cookie sessions since the expiry time is loaded when the session is decoded. En Apache HTTP Server 2.4, en sus distribuciones 2.4.37 y anteriores, mod_session comprueba el tiempo de caducidad de la sesión antes de descodificarla. Esto provoca que se ignore el tiempo de caducidad de la sesión para sesiones mod_session_cookie, debido a que el tiempo de caducidad se carga cuando la sesión está descodificada. • http://www.securityfocus.com/bid/106742 https://access.redhat.com/errata/RHSA-2019:3932 https://access.redhat.com/errata/RHSA-2019:3933 https://access.redhat.com/errata/RHSA-2019:3935 https://access.redhat.com/errata/RHSA-2019:4126 https://httpd.apache.org/security/vulnerabilities_24.html https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache • CWE-384: Session Fixation CWE-613: Insufficient Session Expiration •
CVSS: 9.3EPSS: 3%CPEs: 11EXPL: 0CVE-2019-3462
https://notcve.org/view.php?id=CVE-2019-3462
Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine. El saneamiento incorrecto de un campo de redirección 302 en el método HTTP "transport" en apt, en versiones 1.4.8 y anteriores, puede conducir a la inyección de contenido por parte de un atacante MITM, lo que puede conducir a la ejecución remota de código en el equipo objetivo. • http://www.securityfocus.com/bid/106690 https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E https://lists.debian.org/debian-lts-announce/2019/01/msg00013.html https://lists.debian.org/debian-lts-announce/2019/01/msg00014.html https://security.netapp.com/advisory/ntap-20190125-0002 https://usn.ubuntu.com/3863-1 https://usn.ubuntu.com/3863-2 https://www.debian.org/security/2019/dsa-4371 •
CVSS: 3.1EPSS: 0%CPEs: 34EXPL: 0CVE-2019-2422 – OpenJDK: memory disclosure in FileChannelImpl (Libraries, 8206290)
https://notcve.org/view.php?id=CVE-2019-2422
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u201, 8u192 and 11.0.1; Java SE Embedded: 8u191. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00028.html http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00013.html http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html http://www.securityfocus.com/bid/106596 https://access.redhat.com/errata/RHSA-2019:0416 https://access.redhat.com/errata/RHSA-2019:0435 https://access.redhat.com/errata/RHSA-2019:0436 https://a • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.9EPSS: 0%CPEs: 55EXPL: 3CVE-2019-6111 – OpenSSH SCP Client - Write Arbitrary Files
https://notcve.org/view.php?id=CVE-2019-6111
An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file). • https://www.exploit-db.com/exploits/46516 https://www.exploit-db.com/exploits/46193 http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00058.html http://www.openwall.com/lists/oss-security/2019/04/18/1 http://www.openwall.com/lists/oss-security/2022/08/02/1 http://www.securityfocus.com/bid/106741 https://access.redhat.com/errata/RHSA-2019:3702 https://bugzilla.redhat.com/show_bug.cgi?id=1677794 https://cert-portal.siemens.com/productcert/pdf/ssa-412672&# • CWE-20: Improper Input Validation CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.8EPSS: 0%CPEs: 51EXPL: 0CVE-2019-6109 – openssh: Missing character encoding in progress display allows for spoofing of scp client output
https://notcve.org/view.php?id=CVE-2019-6109
An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c. Se ha descubierto un problema en OpenSSH 7.9. Debido a la falta de cifrado de caracteres en la pantalla de progreso, un servidor malicioso (o atacante Man-in-the-Middle) puede emplear nombres de objeto manipulados para manipular la salida del cliente, por ejemplo, empleando códigos de control de ANSI para ocultar los archivos adicionales que se están transfiriendo. • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00058.html https://access.redhat.com/errata/RHSA-2019:3702 https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf https://cvsweb.openbsd.org/src/usr.bin/ssh/progressmeter.c https://cvsweb.openbsd.org/src/usr.bin/ssh/scp.c https://lists.debian.org/debian-lts-announce/2019/03/msg00030.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W3YVQ2BPTOVDCFDVNC2GGF5P5ISFG37G https:// • CWE-116: Improper Encoding or Escaping of Output CWE-451: User Interface (UI) Misrepresentation of Critical Information •