Page 80 of 445 results (0.026 seconds)

CVSS: 6.5EPSS: 0%CPEs: 18EXPL: 0

daemon/abrt-handle-upload.in in Automatic Bug Reporting Tool (ABRT), when moving problem reports from /var/spool/abrt-upload, allows local users to write to arbitrary files or possibly have other unspecified impact via a symlink attack on (1) /var/spool/abrt or (2) /var/tmp/abrt. El archivo daemon/abrt-handle-upload.in en Automatic Bug Reporting Tool (ABRT), cuando mueve reportes de problemas desde /var/spool/abrt-upload, permite a usuarios locales escribir en archivos arbitrarios o posiblemente tener otro impacto no especificado por medio de un ataque de enlace simbólico en (1) /var/spool/abrt o (2) /var/tmp/abrt. It was discovered that, when moving problem reports between certain directories, abrt-handle-upload did not verify that the new problem directory had appropriate permissions and did not contain symbolic links. An attacker able to create a crafted problem report could use this flaw to expose other parts of ABRT, or to overwrite arbitrary files on the system. • http://rhn.redhat.com/errata/RHSA-2015-1083.html http://www.openwall.com/lists/oss-security/2015/04/17/5 https://bugzilla.redhat.com/show_bug.cgi?id=1212953 https://github.com/abrt/abrt/commit/3746b7627218438ae7d781fc8b18a221454e9091 https://github.com/abrt/abrt/pull/955 https://access.redhat.com/security/cve/CVE-2015-3147 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-283: Unverified Ownership •

CVSS: 7.5EPSS: 3%CPEs: 27EXPL: 0

Unspecified vulnerability in IBM Java 8 before SR1, 7 R1 before SR2 FP11, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to gain privileges via unknown vectors related to the Java Virtual Machine. Vulnerabilidad no especificada en IBM Java 8 anterior a SR1, 7 R1 anterior a SR2 FP11, 7 anterior a SR9, 6 R1 anterior a SR8 FP4, 6 anterior a SR16 FP4, y 5.0 anterior a SR16 FP10 permite a atacantes remotos ganar privilegios a través de vectores desconocidos relacionados con Java Virtual Machine. • http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html http://rhn.redhat.com/errata/RHSA-2015-1006.html http://rhn.redhat.com/errata/RHSA-2015-1007.html http://rhn.redhat.com&#x •

CVSS: 5.9EPSS: 0%CPEs: 27EXPL: 1

Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3, and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, aka a "BACKRONYM" attack. Oracle MySQL en versiones anteriores a 5.7.3, Oracle MySQL Connector/C (también conocido como libmysqlclient) en versiones anteriores a 6.1.3 y MariaDB en versiones anteriores a 5.5.44 utiliza la opción --ssl significa que SSL es opcional, lo que permite a atacantes man-in-the-middle suplantar servidores a través de un ataque de degradación de texto plano, también conocida como un ataque "BACKRONYM". It was found that the MySQL client library permitted but did not require a client to use SSL/TLS when establishing a secure connection to a MySQL server using the "--ssl" option. A man-in-the-middle attacker could use this flaw to strip the SSL/TLS protection from a connection between a client and a server. • http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161436.html http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161625.html http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option http://mysqlblog.fivefarmers.com/2015/04/29/ssltls-in-5-6-and-5-5-ocert-advisory http://packetstormsecurity.com/files/131688/MySQL-SSL-TLS-Downgrade.html http://rhn.redhat.com/errata/RHSA-2015-1646.html http://rhn.redhat.com/errata/RHSA-2015-1647.html http://rhn& • CWE-295: Improper Certificate Validation •

CVSS: 8.6EPSS: 1%CPEs: 30EXPL: 0

The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service (memory and CPU consumption) via a large (1) websocket payload or (2) HTTP headers section. El decodificador de frames websocket VNC en QEMU permite a atacantes remotos causar una denegación de servicio (consumo de CPU y memoria) a través de una gran (1) carga útil websocket o (2) sección de cabeceras HTTP It was found that the QEMU's websocket frame decoder processed incoming frames without limiting resources used to process the header and the payload. An attacker able to access a guest's VNC console could use this flaw to trigger a denial of service on the host by exhausting all available memory and CPU. • http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154656.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155196.html http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00042.html http://rhn.redhat.com/errata/RHSA-2015-1931.html http://rhn.redhat.com/errata/RHSA-2015-1943.html http://www.debian.org/security/2015/dsa-3259 http://www.openwall.com/lists/oss-secu • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 4.0EPSS: 0%CPEs: 33EXPL: 0

Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption. Vulnerabilidad no especificada en Oracle MySQL Server 5.5.41 y anteriores, y 5.6.22 y anteriores, permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores desconocidos relacionados con Server : Security : Encryption. • http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html http://rhn.redhat.com/errata/RHSA-2015-1628.html http://rhn.redhat.com/errata/RHSA-2015-1629.html http://rhn.redhat.com/errata/RHSA-2015-1647.html http://rhn.redhat.com/errata/RHSA-2015-1665.html http://www.debian.org/security/2015/dsa-3229 http://www.debian.org/security/2015/dsa-3311 http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html http://www.securitytracker.com/id/103212 •