CVSS: 9.1EPSS: 2%CPEs: 7EXPL: 2CVE-2009-1416 – GnuTLS 2.6.x - libgnutls lib/gnutls_pk.c DSA Key Storage Remote Spoofing
https://notcve.org/view.php?id=CVE-2009-1416
30 Apr 2009 — lib/gnutls_pk.c in libgnutls in GnuTLS 2.5.0 through 2.6.5 generates RSA keys stored in DSA structures, instead of the intended DSA keys, which might allow remote attackers to spoof signatures on certificates or have unspecified other impact by leveraging an invalid DSA key. lib/gnutls_pk.c en libgnutls en GnuTLS v2.5.0 hasta v2.6.5 genera claves RSA almacenados en estructuras DSA, en lugar de las claves DSA previstas, lo cual podría permitir a atacantes remotos suplantar firmas en los certificados o tener ... • https://www.exploit-db.com/exploits/32965 • CWE-310: Cryptographic Issues •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2009-1214
https://notcve.org/view.php?id=CVE-2009-1214
01 Apr 2009 — GNU screen 4.0.3 creates the /tmp/screen-exchange temporary file with world-readable permissions, which might allow local users to obtain sensitive session information. GNU Screen v4.0.3, crea el archivo temporal /tmp/screen-exchange con permisos de lectura, lo que permite a usuarios locales obtener información sensible. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=521123 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0CVE-2009-1215
https://notcve.org/view.php?id=CVE-2009-1215
01 Apr 2009 — Race condition in GNU screen 4.0.3 allows local users to create or overwrite arbitrary files via a symlink attack on the /tmp/screen-exchange temporary file. Condición de carrera en GNU screen v4.0.3, permite a usuarios locales crear y sobreescribir archivos de su elección a través de un ataque de enlace simbólico al archivo temporal /tmp/screen-exchange. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=521123 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 9.8EPSS: 11%CPEs: 1EXPL: 0CVE-2008-5078 – enscript: "epsf" special escape buffer overflows
https://notcve.org/view.php?id=CVE-2008-5078
19 Dec 2008 — Multiple buffer overflows in the (1) recognize_eps_file function (src/psgen.c) and (2) tilde_subst function (src/util.c) in GNU enscript 1.6.1, and possibly earlier, might allow remote attackers to execute arbitrary code via an epsf escape sequence with a long filename. Múltiples desbordamientos de búfer en las funciones (1) recognize_eps_file (src/psgen.c) y (2) tilde_subst (src/util.c) en GNU enscript vesión 1.6.1, y posiblemente anteriores, podría permitir a atacantes remotos ejecutar código arbitrario a... • http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.1EPSS: 0%CPEs: 25EXPL: 2CVE-2008-5659 – GNU Classpath 0.97.2 - 'gnu.java.security.util.PRNG' Class Entropy
https://notcve.org/view.php?id=CVE-2008-5659
17 Dec 2008 — The gnu.java.security.util.PRNG class in GNU Classpath 0.97.2 and earlier uses a predictable seed based on the system time, which makes it easier for context-dependent attackers to conduct brute force attacks against cryptographic routines that use this class for randomness, as demonstrated against DSA private keys. La clase gnu.java.security.util.PRNG en GNU Classpath 0.97.2 y versiones anteriores usa una semilla predecible basada en la hora del sistema, la cual hace más fácil para atacantes dependientes d... • https://www.exploit-db.com/exploits/32674 • CWE-310: Cryptographic Issues •
CVSS: 5.9EPSS: 0%CPEs: 13EXPL: 0CVE-2008-4989 – gnutls: certificate chain verification flaw
https://notcve.org/view.php?id=CVE-2008-4989
13 Nov 2008 — The _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls in GnuTLS before 2.6.1 trusts certificate chains in which the last certificate is an arbitrary trusted, self-signed certificate, which allows man-in-the-middle attackers to insert a spoofed certificate for any Distinguished Name (DN). La función _gnutls_x509_verify_certificate en lib/x509/verify.c en libgnutls en GnuTLS antes de v2.6.1 confía en las cadenas de certificado en las que el último certificado es un certificado de conf... • http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3215 • CWE-295: Improper Certificate Validation •
CVSS: 7.8EPSS: 61%CPEs: 2EXPL: 0CVE-2008-3863 – enscript: "setfilename" special escape buffer overflow
https://notcve.org/view.php?id=CVE-2008-3863
23 Oct 2008 — Stack-based buffer overflow in the read_special_escape function in src/psgen.c in GNU Enscript 1.6.1 and 1.6.4 beta, when the -e (aka special escapes processing) option is enabled, allows user-assisted remote attackers to execute arbitrary code via a crafted ASCII file, related to the setfilename command. Desbordamiento de búfer basado en la función read_special_escape en src/psgen.c en GNU Enscript 1.6.1 y 1.6.4 beta, cuando la opción -e (también conocido como procesado de escapados especiales) está habili... • http://lists.apple.com/archives/security-announce/2009/May/msg00002.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2008-4475
https://notcve.org/view.php?id=CVE-2008-4475
07 Oct 2008 — ibackup 2.27 allows local users to overwrite arbitrary files via a symlink attack on temporary files. ibackup 2.27 permite a los usuarios locales sobrescribir arbitrariamente archivos a través de un ataque de enlaces simbólicos en un fichero temporal no especificado. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496432 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.5EPSS: 1%CPEs: 14EXPL: 1CVE-2008-4100
https://notcve.org/view.php?id=CVE-2008-4100
18 Sep 2008 — GNU adns 1.4 and earlier uses a fixed source port and sequential transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447. NOTE: the vendor reports that this is intended behavior and is compatible with the product's intended role in a trusted environment. GNU adns 1.4 y versiones anteriores que utilizan un puerto de origen fijo e IDs de transacciones secuenciales, el cual hace más fácil a los atacantes remotos envenenar... • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492698 • CWE-16: Configuration •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2008-3916 – ed: Heap-based buffer overflow (arb. code execution)
https://notcve.org/view.php?id=CVE-2008-3916
04 Sep 2008 — Heap-based buffer overflow in the strip_escapes function in signal.c in GNU ed before 1.0 allows context-dependent or user-assisted attackers to execute arbitrary code via a long filename. NOTE: since ed itself does not typically run with special privileges, this issue only crosses privilege boundaries when ed is invoked as a third-party component. Vulnerabilidad de desbordamiento de búfer basado en montículo en la Función strip_escapes en signal.c en GNU ed 1.0, permite a atacantes asistidos por el usuario... • http://lists.gnu.org/archive/html/bug-ed/2008-08/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •