CVE-2008-1420 – vorbis: integer overflow in partvals computation
https://notcve.org/view.php?id=CVE-2008-1420
Integer overflow in residue partition value (aka partvals) evaluation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to execute arbitrary code via a crafted OGG file, which triggers a heap overflow. Desbordamiento de entero en la evaluación de valores en la partición de residuos (también conocido como partvals) en Xiph.org libvorbis 1.2.0 y versiones anteriores permite a atacantes remotos ejecutar código de su elección a través de ficheros OGG manipulados, lo cual dispara un desbordamiento heap. • http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html http://secunia.com/advisories/30234 http://secunia.com/advisories/30237 http://secunia.com/advisories/30247 http://secunia.com/advisories/30259 http://secunia.com/advisories/30479 http://secunia.com/advisories/30581 http://secunia.com/advisories/30820 http://secunia.com/advisories/32946 http://secunia.com/advisories/36463 http://security.gentoo.org/glsa/glsa-200806-09.xml http://www.debian.org/security • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVE-2008-1419 – vorbis: zero-dim codebooks can cause crash, infinite loop or heap overflow
https://notcve.org/view.php?id=CVE-2008-1419
Xiph.org libvorbis 1.2.0 and earlier does not properly handle a zero value for codebook.dim, which allows remote attackers to cause a denial of service (crash or infinite loop) or trigger an integer overflow. Xiph.org libvorbis 1.2.0 y versiones anteriores no maneja apropiadamente un valor cero de codebook.dim, lo cual permite a atacantes remotos provocar una denegación de servicio (caída o bucle infinito) o disparar un desbordamiento de entero. • http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html http://secunia.com/advisories/30234 http://secunia.com/advisories/30237 http://secunia.com/advisories/30247 http://secunia.com/advisories/30259 http://secunia.com/advisories/30479 http://secunia.com/advisories/30581 http://secunia.com/advisories/30820 http://secunia.com/advisories/32946 http://security.gentoo.org/glsa/glsa-200806-09.xml http://www.debian.org/security/2008/dsa-1591 http://www.mandri • CWE-20: Improper Input Validation CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVE-2008-1615 – kernel: ptrace: Unprivileged crash on x86_64 %cs corruption
https://notcve.org/view.php?id=CVE-2008-1615
Linux kernel 2.6.18, and possibly other versions, when running on AMD64 architectures, allows local users to cause a denial of service (crash) via certain ptrace calls. El kernel de Linux versión 2.6.18 y posiblemente otras versiones, cuando corren bajo arquitecturas AMD64, permite a usuarios locales provocar una denegación de servicio (caída) a través de determinadas llamadas ptrace. • http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00012.html http://secunia.com/advisories/30112 http://secunia.com/advisories/30252 http://secunia.com/advisories/30294 http://secunia.com • CWE-399: Resource Management Errors •
CVE-2007-6282 – IPSec ESP kernel panics
https://notcve.org/view.php?id=CVE-2007-6282
The IPsec implementation in Linux kernel before 2.6.25 allows remote routers to cause a denial of service (crash) via a fragmented ESP packet in which the first fragment does not contain the entire ESP header and IV. La implementación IPsec en el Kernel de Linux, versiones anteriores a la 2.6.25, permite a routers remotos provocar una denegación de servicio (caída) a través de un paquete ESP fragmentado en el que el primer fragmento no contiene la cabecera ESP y el IV (Vector de Inicialización) completos. • http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00002.html http://marc.info/?l=linux-netdev&m=120372380411259&w=2 http://secunia.com/advisories/30112 http://secunia.com/advisories/30294 http://secunia.com/advisories/30818 http://secunia.com/advisories/30890 http://secunia.com/advisories/30962 http://secunia.com/advisories • CWE-16: Configuration •
CVE-2008-1198 – initscripts: IPSec ifup script allows for aggressive IKE mode
https://notcve.org/view.php?id=CVE-2008-1198
The default IPSec ifup script in Red Hat Enterprise Linux 3 through 5 configures racoon to use aggressive IKE mode instead of main IKE mode, which makes it easier for remote attackers to conduct brute force attacks by sniffing an unencrypted preshared key (PSK) hash. La secuencia de comandos por defecto IPSec ifup en Red Hat Enterprise Linux de 3 a 5 configura racoon para utilizar el modo agresivo de IKE en vez del modo principal de IKE, lo que facilita a atacantes remotos llevar a cabo ataques de fuerza bruta husmeando una clave hash que no ha sido compartida sin encriptar (PSK). • http://secunia.com/advisories/48045 http://www.ernw.de/download/pskattack.pdf http://www.securitytracker.com/id?1019563 https://bugzilla.redhat.com/show_bug.cgi?id=435274 https://exchange.xforce.ibmcloud.com/vulnerabilities/41053 https://access.redhat.com/security/cve/CVE-2008-1198 •