CVSS: 7.5EPSS: 0%CPEs: 65EXPL: 0CVE-2014-3562 – 389-ds: unauthenticated information disclosure
https://notcve.org/view.php?id=CVE-2014-3562
Red Hat Directory Server 8 and 389 Directory Server, when debugging is enabled, allows remote attackers to obtain sensitive replicated metadata by searching the directory. Red Hat Directory Server 8 y 389 Directory Server, cuando depuración está habilitada, permite a atacantes remotos obtener metadatos replicados sensibles mediante la búsqueda del directorio. It was found that when replication was enabled for each attribute in Red Hat Directory Server / 389 Directory Server, which is the default configuration, the server returned replicated metadata when the directory was searched while debugging was enabled. A remote attacker could use this flaw to disclose potentially sensitive information. • http://rhn.redhat.com/errata/RHSA-2014-1031.html http://rhn.redhat.com/errata/RHSA-2014-1032.html https://bugzilla.redhat.com/show_bug.cgi?id=1123477 https://access.redhat.com/security/cve/CVE-2014-3562 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-201: Insertion of Sensitive Information Into Sent Data •
CVSS: 7.9EPSS: 93%CPEs: 35EXPL: 0CVE-2014-3560 – samba: remote code execution in nmbd
https://notcve.org/view.php?id=CVE-2014-3560
NetBIOS name services daemon (nmbd) in Samba 4.0.x before 4.0.21 and 4.1.x before 4.1.11 allows remote attackers to execute arbitrary code via unspecified vectors that modify heap memory, involving a sizeof operation on an incorrect variable in the unstrcpy macro in string_wrappers.h. NetBIOS name services daemon (nmbd) en Samba 4.0.x anterior a 4.0.21 y 4.1.x anterior a 4.1.11 permite a atacantes remotos ejecutar código arbitrario a través de vectores no especificados que modifican la memoria dinámica, involucrando una operación sizeof sobre una variable incorrecta en la macro unstrcpy en string_wrappers.h. A heap-based buffer overflow flaw was found in Samba's NetBIOS message block daemon (nmbd). An attacker on the local network could use this flaw to send specially crafted packets that, when processed by nmbd, could possibly lead to arbitrary code execution with root privileges. • http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136280.html http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136864.html http://lists.opensuse.org/opensuse-updates/2014-08/msg00027.html http://secunia.com/advisories/59583 http://secunia.com/advisories/59610 http://secunia.com/advisories/59976 http://www.samba.org/samba/security/CVE-2014-3560 http://www.securityfocus.com/bid/69021 http://www.securitytracker.com/id/1030663 http://www.ubuntu.com&#x • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 3%CPEs: 7EXPL: 1CVE-2014-2483 – OpenJDK: Restrict use of privileged annotations (Libraries, 8034985)
https://notcve.org/view.php?id=CVE-2014-2483
Unspecified vulnerability in the Java SE component in Oracle Java SE Java SE 7u60 and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2014-4223. NOTE: the previous information is from the July 2014 CPU. Oracle has not commented on another vendor's claim that the issue is related to improper restriction of the "use of privileged annotations." Vulnerabilidad no especificada en el componente Java SE en Oracle Java SE Java SE 7u60 y OpenJDK 7 permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores relacionados con Libraries, una vulnerabilidad diferente a CVE-2014-4223. NOTA: la información anterior es de la CPU de julio de 2014. • http://hg.openjdk.java.net/jdk7u/jdk7u/hotspot/rev/848481af9003 http://marc.info/?l=bugtraq&m=140852886808946&w=2 http://seclists.org/fulldisclosure/2014/Dec/23 http://secunia.com/advisories/60485 http://secunia.com/advisories/60812 http://security.gentoo.org/glsa/glsa-201502-12.xml http://www.debian.org/security/2014/dsa-2987 http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html http://www.securityfocus.com/archive/1/534161/100/0/threaded http:// •
CVSS: 9.8EPSS: 17%CPEs: 8EXPL: 2CVE-2014-4650 – Python CGIHTTPServer - Encoded Directory Traversal
https://notcve.org/view.php?id=CVE-2014-4650
The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct directory traversal attacks and execute unintended code via a crafted character sequence, as demonstrated by a %2f separator. El módulo CGIHTTPServer en Python versiones 2.7.5 y 3.3.4, no maneja apropiadamente las URL en las que la codificación de URL es usada para los separadores de ruta, lo que permite a atacantes remotos leer el código fuente del script o conducir un salto de directorio y ejecutar código no deseado por medio de una secuencia de caracteres diseñada, como es demostrado mediante un separador %2f. It was discovered that the CGIHTTPServer module incorrectly handled URL encoded paths. A remote attacker could use this flaw to execute scripts outside of the cgi-bin directory, or disclose source of scripts in the cgi-bin directory. • https://www.exploit-db.com/exploits/33894 http://bugs.python.org/issue21766 http://openwall.com/lists/oss-security/2014/06/26/3 https://access.redhat.com/security/cve/cve-2014-4650 https://access.redhat.com/security/cve/CVE-2014-4650 https://bugzilla.redhat.com/show_bug.cgi?id=1113527 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-138: Improper Neutralization of Special Elements •
CVSS: 5.0EPSS: 46%CPEs: 76EXPL: 1CVE-2013-5704 – httpd: bypass of mod_headers rules via chunked requests
https://notcve.org/view.php?id=CVE-2013-5704
The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such." El módulo mod_headers en el servidor de Apache HTTP 2.2.22 permite a atacantes remotos evadir directivas "RequestHeader unset" mediante la colocación de una cabera en la porción "trailer" de datos enviados con codificación de transferencia fragmentada. NOTA: el proveedor afirma que "esto no es un problema de seguridad en httpd como tal." A flaw was found in the way httpd handled HTTP Trailer headers when processing requests using chunked encoding. • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html http://marc.info/?l=apache-httpd-dev&m=139636309822854&w=2 http://marc.info/?l=bugtraq&m=143403519711434&w=2 http://marc.info/?l=bugtraq&m=144493176821532&w=2 http://martin.swende.se/blog/HTTPChunked.html http://rhn.redhat.com/errata/RHSA-2015-0325.html http://rhn.redhat.com/errata/RHSA-2015-1249.html http://rhn.redhat& • CWE-287: Improper Authentication •