CVE-2019-9211
https://notcve.org/view.php?id=CVE-2019-9211
There is a reachable assertion abort in the function write_long_string_missing_values() in data/sys-file-writer.c in libdata.a in GNU PSPP 1.2.0 that will lead to denial of service. Hay un aborto de aserción alcanzable en la función write_long_string_missing_values() en data/sys-file-writer.c en libdata.a en la versión 1.2.0 de GNU PSPP que conducirá a una denegación de servicio (DoS). • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00068.html http://www.securityfocus.com/bid/107190 https://bugzilla.redhat.com/show_bug.cgi?id=1683499 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3QC6VFE2D7M6ZJXBXRIO4JZPKY57CLV • CWE-617: Reachable Assertion •
CVE-2018-12122 – nodejs: Slowloris HTTP Denial of Service
https://notcve.org/view.php?id=CVE-2018-12122
Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Slowloris HTTP Denial of Service: An attacker can cause a Denial of Service (DoS) by sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time. Node.js: Todas las versiones anteriores a la 6.15.0, 8.14.0, 10.14.0 y 11.3.0: Denegación de servicio (DoS) HTTP mediante Slowloris. Un atacante puede provocar una denegación de servicio (DoS) enviando cabeceras muy lentamente, manteniendo las conexiones HTTP o HTTPS y los recursos asociados vivos durante un largo período de tiempo. It was found that Node.js HTTP server was vulnerable to a Slowloris type attack. An attacker could make long lived connections by sending bytes very slowly to the server, saturating its resource and possibly resulting in a denial of service. • http://www.securityfocus.com/bid/106043 https://access.redhat.com/errata/RHSA-2019:1821 https://nodejs.org/en/blog/vulnerability/november-2018-security-releases https://security.gentoo.org/glsa/202003-48 https://access.redhat.com/security/cve/CVE-2018-12122 https://bugzilla.redhat.com/show_bug.cgi?id=1661005 • CWE-400: Uncontrolled Resource Consumption •
CVE-2018-12116 – nodejs: HTTP request splitting
https://notcve.org/view.php?id=CVE-2018-12116
Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the `path` option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-defined HTTP request to made to the same server. Node.js: Todas las versiones anteriores a la 6.15.0 y 8.14.0: separación de petición HTTP. Si se puede convencer a Node.js para que emplee datos Unicode no saneados proporcionados por el usuario para la opción "path" de una petición HTTP, los datos pueden proporcionarse para desencadenar una segunda petición HTTP no esperada y definida por el usuario para el mismo servidor. • https://access.redhat.com/errata/RHSA-2019:1821 https://nodejs.org/en/blog/vulnerability/november-2018-security-releases https://security.gentoo.org/glsa/202003-48 https://access.redhat.com/security/cve/CVE-2018-12116 https://bugzilla.redhat.com/show_bug.cgi?id=1660998 • CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') CWE-115: Misinterpretation of Input •
CVE-2018-17962 – QEMU: pcnet: integer overflow leads to buffer overflow
https://notcve.org/view.php?id=CVE-2018-17962
Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used. Qemu tiene un desbordamiento de búfer en pcnet_receive en hw/net/pcnet.c debido a que se emplea un tipo de datos de enteros incorrecto. An integer overflow issue was found in the AMD PC-Net II NIC emulation in QEMU. It could occur while receiving packets, if the size value was greater than INT_MAX. Such overflow would lead to stack buffer overflow issue. • http://www.openwall.com/lists/oss-security/2018/10/08/1 https://access.redhat.com/errata/RHSA-2019:2892 https://access.redhat.com/security/cve/cve-2018-17962 https://linux.oracle.com/cve/CVE-2018-17962.html https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03268.html https://usn.ubuntu.com/3826-1 https://www.debian.org/security/2018/dsa-4338 https://www.suse.com/security/cve/CVE-2 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVE-2011-4862 – FreeBSD - Telnet Service Encryption Key ID Buffer Overflow
https://notcve.org/view.php?id=CVE-2011-4862
Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011. Desbordamiento de búfer basado en pila en libtelnet/encrypt.c en telnetd en FreeBSD v7.3 hasta v9.0, MIT Kerberos Version v5 Applications (también conocido como krb5-appl) v1.0.2 y anteriores, y Heimdal v1.5.1 y anteriores, permite a atacantes remotos ejecutar código de su elección a través de una clave de cifrado larga, como fue explotado en Diciembre 2011. Detect telnet services vulnerable to the encrypt option Key ID overflow (BSD-derived telnetd). • https://www.exploit-db.com/exploits/18369 https://www.exploit-db.com/exploits/18368 https://www.exploit-db.com/exploits/18280 https://github.com/hdbreaker/GO-CVE-2011-4862 https://github.com/kpawar2410/CVE-2011-4862 http://archives.neohapsis.com/archives/bugtraq/2011-12/0172.html http://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=665f1e73cdd9b38e2d2e11b8db9958a315935592 http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071627.html http://lists.fedoraproject.org/p • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •