CVSS: 7.5EPSS: 1%CPEs: 8EXPL: 0CVE-2018-1000127 – memcached: Integer Overflow in items.c:item_free()
https://notcve.org/view.php?id=CVE-2018-1000127
memcached version prior to 1.4.37 contains an Integer Overflow vulnerability in items.c:item_free() that can result in data corruption and deadlocks due to items existing in hash table being reused from free list. This attack appear to be exploitable via network connectivity to the memcached service. This vulnerability appears to have been fixed in 1.4.37 and later. memcached, en versiones anteriores a la 1.4.37, contiene una vulnerabilidad de desbordamiento de enteros en items.c:item_free() que puede resultar en la corrupción de datos y en deadlocks debido a que los ítems en la tabla de hash se reusan de la lista libre. Este ataque parece ser explotable mediante conectividad de red en el servicio memcached. La vulnerabilidad parece haber sido solucionada en las versiones 1.4.37 y siguientes. • https://access.redhat.com/errata/RHSA-2018:2290 https://github.com/memcached/memcached/commit/a8c4a82787b8b6c256d61bd5c42fb7f92d1bae00 https://github.com/memcached/memcached/issues/271 https://github.com/memcached/memcached/wiki/ReleaseNotes1437 https://lists.debian.org/debian-lts-announce/2018/03/msg00031.html https://usn.ubuntu.com/3601-1 https://www.debian.org/security/2018/dsa-4218 https://access.redhat.com/security/cve/CVE-2018-1000127 https://bugzilla.redhat.com/show_bug.cgi?id=1555064 • CWE-190: Integer Overflow or Wraparound CWE-667: Improper Locking •
CVSS: 5.3EPSS: 0%CPEs: 11EXPL: 0CVE-2018-7536 – django: Catastrophic backtracking in regular expressions via 'urlize' and 'urlizetrunc'
https://notcve.org/view.php?id=CVE-2018-7536
An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. The django.utils.html.urlize() function was extremely slow to evaluate certain inputs due to catastrophic backtracking vulnerabilities in two regular expressions (only one regular expression for Django 1.8.x). The urlize() function is used to implement the urlize and urlizetrunc template filters, which were thus vulnerable. Se ha descubierto un problema en Django, en versiones 2.0 anteriores a la 2.0.3; versiones 1.11 anteriores a la 1.11.11 y versiones 1.8 anteriores a la 1.8.19. La función django.utils.html.urlize() fue extremadamente lenta a la hora de evaluar ciertas entradas debido a vulnerabilidades catastróficas de búsqueda hacia atrás en dos expresiones regulares (solo una en el caso de las versiones 1.8.x de Django). • http://www.securityfocus.com/bid/103361 https://access.redhat.com/errata/RHSA-2018:2927 https://access.redhat.com/errata/RHSA-2019:0051 https://access.redhat.com/errata/RHSA-2019:0082 https://access.redhat.com/errata/RHSA-2019:0265 https://github.com/django/django/commit/1ca63a66ef3163149ad822701273e8a1844192c2 https://github.com/django/django/commit/abf89d729f210c692a50e0ad3f75fb6bec6fae16 https://github.com/django/django/commit/e157315da3ae7005fa0683ffc9751dbeca7306c8 https://lists.debian.org/debian-lts-announce/20 • CWE-185: Incorrect Regular Expression CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 96%CPEs: 11EXPL: 2CVE-2018-1000115 – Memcached 1.5.5 - 'Memcrashed' Insufficient Control Network Message Volume Denial of Service
https://notcve.org/view.php?id=CVE-2018-1000115
Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported by reliable sources). This attack appear to be exploitable via network connectivity to port 11211 UDP. This vulnerability appears to have been fixed in 1.5.6 due to the disabling of the UDP protocol by default. Memcached 1.5.5 contiene una vulnerabilidad de control insuficiente de volumen de mensaje de red (amplificación de red, CWE-406) en el soporte UDP del servidor memcached que puede resultar en una denegación de servicio (DoS) mediante una inundación de red (fuentes fiables reportan una amplificación de tráfico de 1:50.000). Este ataque parece ser explotable mediante conectividad de red en el puerto UDP 11211. • https://www.exploit-db.com/exploits/44264 https://www.exploit-db.com/exploits/44265 https://access.redhat.com/errata/RHBA-2018:2140 https://access.redhat.com/errata/RHSA-2018:1593 https://access.redhat.com/errata/RHSA-2018:1627 https://access.redhat.com/errata/RHSA-2018:2331 https://access.redhat.com/errata/RHSA-2018:2857 https://blogs.akamai.com/2018/03/memcached-fueled-13-tbps-attacks.html https://github.com/memcached/memcached/commit/dbb7a8af90054bf4ef51f5814ef7ceb17d83d974 https:/ • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 2CVE-2017-18191 – openstack-nova: Swapping encrypted volumes can allow an attacker to corrupt the LUKS header causing a denial of service in the host
https://notcve.org/view.php?id=CVE-2017-18191
An issue was discovered in OpenStack Nova 15.x through 15.1.0 and 16.x through 16.1.1. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header, resulting in a denial of service attack on the compute host. (The same code error also results in data loss, but that is not a vulnerability because the user loses their own data.) All Nova setups supporting encrypted volumes are affected. Se ha descubierto un problema en OpenStack Nova en versiones 15.x hasta la 15.1.0 y 16.x hasta la 16.1.1. • http://openwall.com/lists/oss-security/2018/04/20/3 http://www.securityfocus.com/bid/103104 https://access.redhat.com/errata/RHSA-2018:2332 https://access.redhat.com/errata/RHSA-2018:2714 https://access.redhat.com/errata/RHSA-2018:2855 https://launchpad.net/bugs/1739593 https://review.openstack.org/539893 https://security.openstack.org/ossa/OSSA-2018-001.html https://access.redhat.com/security/cve/CVE-2017-18191 https://bugzilla.redhat.com/show_bug.cgi?id=1546937 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-2121 – redis: weak permissions on sensitive files
https://notcve.org/view.php?id=CVE-2016-2121
A permissions flaw was found in redis, which sets weak permissions on certain files and directories that could potentially contain sensitive information. A local, unprivileged user could possibly use this flaw to access unauthorized system information. Se ha detectado un error de permisos en redis, lo que establece permisos débiles en ciertos archivos y directorios que podrían contener información sensible. Un usuario local sin privilegios podría emplear este error para acceder a información no autorizada del sistema. • http://www.securityfocus.com/bid/94111 https://access.redhat.com/errata/RHSA-2017:3226 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-2121 https://access.redhat.com/security/cve/CVE-2016-2121 https://bugzilla.redhat.com/show_bug.cgi?id=1390588 • CWE-264: Permissions, Privileges, and Access Controls CWE-732: Incorrect Permission Assignment for Critical Resource •