CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2018-5729 – krb5: null dereference in kadmind or DN container check bypass by supplying special crafted data
https://notcve.org/view.php?id=CVE-2018-5729
MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause a denial of service (NULL pointer dereference) or bypass a DN container check by supplying tagged data that is internal to the database module. MIT krb5, en versiones 1.6 o posteriores, permite que un kadmin autenticado con permiso para añadir entidades de seguridad a una base de datos LDAP Kerberos provoque una denegación de servicio (desreferencia de puntero NULL) u omita una comprobación de contenedor DN proporcionando datos etiquetados internos del módulo de la base de datos. • http://www.securitytracker.com/id/1042071 https://access.redhat.com/errata/RHBA-2019:0327 https://access.redhat.com/errata/RHSA-2018:3071 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891869 https://bugzilla.redhat.com/show_bug.cgi?id=1551083 https://github.com/krb5/krb5/commit/e1caf6fb74981da62039846931ebdffed71309d1 https://lists.debian.org/debian-lts-announce/2019/01/msg00020.html https://lists.debian.org/debian-lts-announce/2021/09/msg00019.html https://lists.fedoraproject.org/ar • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2018-5730 – krb5: DN container check bypass by supplying special crafted data
https://notcve.org/view.php?id=CVE-2018-5730
MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a "linkdn" and "containerdn" database argument, or by supplying a DN string which is a left extension of a container DN string but is not hierarchically within the container DN. MIT krb5, en versiones 1.6 o posteriores, permite que un kadmin autenticado con permiso para añadir entidades de seguridad a una base de datos LDAP Kerberos sortee una comprobación de containership DN proporcionando argumentos "linkdn" y "containerdn" de la base de datos, o proporcionando una cadena DN, que es una extensión a la izquierda de una cadena DN de contenedor pero que, jerárquicamente, no está dentro del contenedor DN. • http://www.securitytracker.com/id/1042071 https://access.redhat.com/errata/RHBA-2019:0327 https://access.redhat.com/errata/RHSA-2018:3071 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891869 https://bugzilla.redhat.com/show_bug.cgi?id=1551082 https://github.com/krb5/krb5/commit/e1caf6fb74981da62039846931ebdffed71309d1 https://lists.debian.org/debian-lts-announce/2019/01/msg00020.html https://lists.debian.org/debian-lts-announce/2021/09/msg00019.html https://lists.fedoraproject.org/ar • CWE-90: Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 1CVE-2018-7725 – zziplib: out of bound read in mmapped.c:zzip_disk_fread() causes crash
https://notcve.org/view.php?id=CVE-2018-7725
An issue was discovered in ZZIPlib 0.13.68. An invalid memory address dereference was discovered in zzip_disk_fread in mmapped.c. The vulnerability causes an application crash, which leads to denial of service. Se ha descubierto un problema en ZZIPlib 0.13.68. Se ha descubierto una desreferencia de dirección de memoria inválida en zzip_disk_fread en mmapped.c. • https://access.redhat.com/errata/RHSA-2018:3229 https://github.com/gdraheim/zziplib/issues/39 https://lists.debian.org/debian-lts-announce/2020/06/msg00029.html https://usn.ubuntu.com/3699-1 https://access.redhat.com/security/cve/CVE-2018-7725 https://bugzilla.redhat.com/show_bug.cgi?id=1554662 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 1CVE-2018-7726 – zziplib: Bus error in zip.c:__zzip_parse_root_directory() cause crash via crafted zip file
https://notcve.org/view.php?id=CVE-2018-7726
An issue was discovered in ZZIPlib 0.13.68. There is a bus error caused by the __zzip_parse_root_directory function of zip.c. Attackers could leverage this vulnerability to cause a denial of service via a crafted zip file. Se ha descubierto un problema en ZZIPlib 0.13.68. Hay un error de bus provocado por la función __zzip_parse_root_directory de zip.c. • https://access.redhat.com/errata/RHSA-2018:3229 https://github.com/gdraheim/zziplib/issues/41 https://lists.debian.org/debian-lts-announce/2020/06/msg00029.html https://usn.ubuntu.com/3699-1 https://access.redhat.com/security/cve/CVE-2018-7726 https://bugzilla.redhat.com/show_bug.cgi?id=1554672 • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 1CVE-2018-7727 – zziplib: Memory leak in memdisk.c:zzip_mem_disk_new() can lead to denial of service via crafted zip
https://notcve.org/view.php?id=CVE-2018-7727
An issue was discovered in ZZIPlib 0.13.68. There is a memory leak triggered in the function zzip_mem_disk_new in memdisk.c, which will lead to a denial of service attack. Se ha descubierto un problema en ZZIPlib 0.13.68. Existe una fuga de memoria que se desencadena en la función zzip_mem_disk_new en memdisk.c que provocaría un ataque de denegación de servicio. A memory leak was found in unzip-mem.c and unzzip-mem.c of ZZIPlib, up to v0.13.68, that could lead to resource exhaustion. • https://access.redhat.com/errata/RHSA-2018:3229 https://github.com/gdraheim/zziplib/issues/40 https://access.redhat.com/security/cve/CVE-2018-7727 https://bugzilla.redhat.com/show_bug.cgi?id=1554676 • CWE-772: Missing Release of Resource after Effective Lifetime •