CVE-2019-3857 – libssh2: Integer overflow in SSH packet processing channel resulting in out of bounds write
https://notcve.org/view.php?id=CVE-2019-3857
An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server. Se ha descubierto un error de desbordamiento de enteros que podría conducir a una escritura fuera de límites en libssh2, en versiones anteriores a la 1.8.1, en la forma en la que se analizan los paquetes SSH_MSG_CHANNEL_REQUEST con una señal de salida. Un atacante remoto que comprometa un servidor SSH podría ser capaz de ejecutar código en el sistema del cliente cuando un usuario se conecta al servidor. An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html https://access.redhat.com/errata/RHSA-2019:0679 https://access.redhat.com/errata/RHSA-2019:1175 https://access.redhat.com/errata/RHSA-2019:1652 https://access.redhat.com/errata/RHSA-2019:1791 https://access.redhat.com/errata/RHSA-2019:1943 https://access.redhat.com/errata/RHSA-2019:2399 https://bugzilla.redhat.com/show_bug.cgi?id • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVE-2019-3855 – libssh2: Integer overflow in transport read resulting in out of bounds write
https://notcve.org/view.php?id=CVE-2019-3855
An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server. Se ha descubierto un error de desbordamiento de enteros que podría conducir a una escritura fuera de límites en libssh2, en versiones anteriores a la 1.8.1, en la forma en la que los paquetes se leen desde el servidor. Un atacante remoto que comprometa un servidor SSH podría ser capaz de ejecutar código en el sistema del cliente cuando un usuario se conecta al servidor An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server. • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html http://seclists.org/fulldisclosure/2019/Sep/42 http://www.openwall.com/lists/oss-security/2019/03/18/3 http://www.securityfocus.com/bid/107485 https://access.redhat.com/errata/RHSA-2019:0679 https://access.redhat.com/errata/RHSA-2019:1175 https:// • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVE-2019-3859
https://notcve.org/view.php?id=CVE-2019-3859
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory. Se ha descubierto un error de lectura fuera de límites en libssh2, en versiones anteriores a la 1.8.1, en las funciones _libssh2_packet_require y _libssh2_packet_requirev. Un atacante remoto que comprometa un servidor SSH podría ser capaz de provocar una denegación de servicio o una lectura de datos en la memoria del cliente. • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00102.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00103.html http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html http://www.openwall.com/lists/oss-security/2019/03/18/3 http://www.securityfocus.com/bid/107485 https://bugzilla • CWE-125: Out-of-bounds Read •
CVE-2019-5885
https://notcve.org/view.php?id=CVE-2019-5885
Matrix Synapse before 0.34.0.1, when the macaroon_secret_key authentication parameter is not set, uses a predictable value to derive a secret key and other secrets which could allow remote attackers to impersonate users. Matrix Synapse, en versiones anteriores a la 0.34.0.1, cuando el parámetro de autenticación macaroon_secret_key no se establece, emplea un valor predecible para obtener una clave secreta y otros secretos, lo que podría permitir que los atacantes remotos suplanten usuarios. • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/32Y6KD3OAHCG5P33HC2QEX3NUZOSXCGZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VMCLO5PUPBA756UKY72PKUWL4RRM4W6K https://matrix.org/blog/2019/01/10/critical-security-update-synapse-0-34-0-1-synapse-0-34-1-1 https://matrix.org/blog/2019/01/15/further-details-on-critical-security-update-in-synapse-affecting-all-versions-prior-to-0-34-1-cve-2019-5885 • CWE-330: Use of Insufficiently Random Values •
CVE-2018-18898
https://notcve.org/view.php?id=CVE-2018-18898
The email-ingestion feature in Best Practical Request Tracker 4.1.13 through 4.4 allows denial of service by remote attackers via an algorithmic complexity attack on email address parsing. La funcionalidad email-ingestion en Best Practical Request Tracker, desde la versión 4.1.3 hasta la 4.4 permite que los atacantes remotos provoquen una denegación de servicio mediante un ataque de complejidad algorítmica en el análisis de direcciones de correo electrónico. • https://bestpractical.com/download-page https://lists.debian.org/debian-lts-announce/2020/02/msg00009.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPJVDT77ZPRU5Z2BEMZM7EBY6WZHUATZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YR46PPHBEM76DNN4DEQMAYIKLCO3TQU2 https://usn.ubuntu.com/4517-1 • CWE-400: Uncontrolled Resource Consumption •