CVSS: 7.4EPSS: 0%CPEs: 7EXPL: 0CVE-2021-3618
https://notcve.org/view.php?id=CVE-2021-3618
ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer. ALPACA es un ataque de confusión de contenido de protocolo de capa de aplicación, que explota servidores TLS que implementan diferentes protocolos pero que usan certificados compatibles, como certificados multidominio o comodín. Un atacante de tipo MiTM que tenga acceso al tráfico de la víctima en la capa TCP/IP puede redirigir el tráfico de un subdominio a otro, resultando en a una sesión TLS válida. • https://alpaca-attack.com https://bugzilla.redhat.com/show_bug.cgi?id=1975623 https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html • CWE-295: Improper Certificate Validation •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-0547
https://notcve.org/view.php?id=CVE-2022-0547
OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials. OpenVPN versiones 2.1 hasta v2.4.12 y versión v2.5.6, puede permitir una omisión de autenticación en los complementos de autenticación externa cuando más de uno de ellos hace uso de las respuestas de autenticación diferida, lo que permite que sea concedido acceso a un usuario externo con credenciales sólo parcialmente correctas • https://community.openvpn.net/openvpn/wiki/CVE-2022-0547 https://community.openvpn.net/openvpn/wiki/SecurityAnnouncements https://lists.debian.org/debian-lts-announce/2022/05/msg00002.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFXJ35WKPME4HYNQCQNAJHLCZOJL2SAE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R36OYC5SJ6FLPVAYJYYT4MOJ2I7MGYFF https://openvpn.net/community-downloads • CWE-287: Improper Authentication CWE-305: Authentication Bypass by Primary Weakness •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-27191 – golang: crash in a golang.org/x/crypto/ssh server
https://notcve.org/view.php?id=CVE-2022-27191
The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey. El paquete golang.org/x/crypto/ssh anterior a 0.0.0-20220314234659-1baeb1ce4c0b para Go permite a un atacante bloquear un servidor en ciertas circunstancias que implican AddHostKey A broken cryptographic algorithm flaw was found in golang.org/x/crypto/ssh. This issue causes a client to fail authentication with RSA keys to servers that reject signature algorithms based on SHA-2, enabling an attacker to crash the server, resulting in a loss of availability. • https://groups.google.com/g/golang-announce https://groups.google.com/g/golang-announce/c/-cp44ypCT5s https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF https://lists.fedoraproject.org/archives/list/package-announce%40lis • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 7.8EPSS: 0%CPEs: 54EXPL: 1CVE-2022-1011 – kernel: FUSE allows UAF reads of write() buffers, allowing theft of (partial) /etc/shadow hashes
https://notcve.org/view.php?id=CVE-2022-1011
A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation. Se ha encontrado un fallo de uso después de libre en el sistema de archivos FUSE del kernel de Linux en la forma en que un usuario activa write(). Este defecto permite a un usuario local obtener acceso no autorizado a los datos del sistema de archivos FUSE, lo que resulta en una escalada de privilegios Linux suffers from a vulnerability where FUSE allows use-after-free reads of write() buffers, allowing theft of (partial) /etc/shadow hashes. • https://github.com/xkaneiki/CVE-2022-1011 https://bugzilla.redhat.com/show_bug.cgi?id=2064855 https://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse.git/commit/?h=for-next https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html https://www.debian.org/security/2022/dsa-5173 https://www.oracle.com/security-alerts/cpujul2022.html https://access.redhat.com/security/cve/CVE-2022-1011 • CWE-416: Use After Free •
CVSS: 5.9EPSS: 0%CPEs: 6EXPL: 1CVE-2022-24302 – python-paramiko: Race condition in the write_private_key_file function
https://notcve.org/view.php?id=CVE-2022-24302
In Paramiko before 2.10.1, a race condition (between creation and chmod) in the write_private_key_file function could allow unauthorized information disclosure. En Paramiko versiones anteriores a 2.10.1, una condición de carrera (entre creation y chmod) en la función write_private_key_file podría permitir una divulgación de información no autorizada A race condition was found in Paramiko. This flaw allows unauthorized information disclosure from an attacker with access to the write_private_key_file. • https://github.com/paramiko/paramiko/blob/363a28d94cada17f012c1604a3c99c71a2bda003/paramiko/pkey.py#L546 https://lists.debian.org/debian-lts-announce/2022/03/msg00032.html https://lists.debian.org/debian-lts-announce/2022/09/msg00013.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LUEUEGILZ7MQXRSUF5VMMO4SWJQVPTQL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TPMKRUS4HO3P7NR7P4Y6CLHB4MBEE3AI https://lists.fedoraproject.org/archives/list/package& • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •