Page 90 of 744 results (0.009 seconds)

CVSS: 7.5EPSS: 4%CPEs: 7EXPL: 0

CVE-2015-7236 – rpcbind: Use-after-free vulnerability in PMAP_CALLIT

https://notcve.org/view.php?id=CVE-2015-7236

Use-after-free vulnerability in xprt_set_caller in rpcb_svc_com.c in rpcbind 0.2.1 and earlier allows remote attackers to cause a denial of service (daemon crash) via crafted packets, involving a PMAP_CALLIT code. Vulnerabilidad de uso después de liberación de memoria en xprt_set_caller en rpcb_svc_com.c en rpcbind 0.2.1 y versiones anteriores, permite a atacantes remotos provocar una denegación de servicio (caída del demonio) a través de paquetes manipulados, implicando un código PMAP_CALLIT. A use-after-free flaw related to the PMAP_CALLIT operation and TCP/UDP connections was discovered in rpcbind. A remote, unauthenticated attacker could possibly exploit this flaw to crash the rpcbind service (denial of service) by performing a series of UDP and TCP calls. • http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171030.html http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172152.html http://www.debian.org/security/2015/dsa-3366 http://www.openwall.com/lists/oss-security/2015/09/17/1 http://www.openwall.com/lists/oss-security/2015/09/17/6 http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html http://www& • CWE-416: Use After Free •

CVSS: 4.3EPSS: 0%CPEs: 36EXPL: 0

CVE-2015-4020

https://notcve.org/view.php?id=CVE-2015-4020

RubyGems 2.0.x before 2.0.17, 2.2.x before 2.2.5, and 2.4.x before 2.4.8 does not validate the hostname when fetching gems or making API requests, which allows remote attackers to redirect requests to arbitrary domains via a crafted DNS SRV record with a domain that is suffixed with the original domain name, aka a "DNS hijack attack." NOTE: this vulnerability exists because to an incomplete fix for CVE-2015-3900. RubyGems 2.0.x en versiones anteriores a 2.0.17, 2.2.x en versiones anteriores a 2.2.5 y 2.4.x en versiones anteriores a 2.4.8 no valida el nombre del host cuando recupera gemas o hace peticiones API, lo que permite a atacantes remotos redirigir peticiones a dominios arbitrarios mediante un registro DNS SRV con un dominio que está seguido del nombre del dominio original, también conocido como un "atacque de secuestro DNS". NOTA: esta vulnerabilidad existe debido a una solución incompleta para CVE-2015-3900. • http://blog.rubygems.org/2015/06/08/2.2.5-released.html http://blog.rubygems.org/2015/06/08/2.4.8-released.html http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www.securityfocus.com/bid/75431 https://github.com/rubygems/rubygems/commit/5c7bfb5 https://puppet.com/security/cve/CVE-2015-3900 https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-009/?fid=6478 https://www.trustwave.com/Resources/SpiderLabs-Blog/Attacking-Ruby • CWE-20: Improper Input Validation •

CVSS: 4.3EPSS: 0%CPEs: 9EXPL: 0

CVE-2015-6246 – wireshark: WaveAgent dissector crash (wnpa-sec-2015-26)

https://notcve.org/view.php?id=CVE-2015-6246

The dissect_wa_payload function in epan/dissectors/packet-waveagent.c in the WaveAgent dissector in Wireshark 1.12.x before 1.12.7 mishandles large tag values, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. Vulnerabilidad en la función dissect_wa_payload en epan/dissectors/packet-waveagent.c en el disector WaveAgent en Wireshark 1.12.x en versiones anteriores a 1.12.7, no maneja adecuadamente los valores de etiqueta grandes, lo que permite a atacantes remotos causar una denegación de servicio (caída de la aplicación) a través de un paquete manipulado. • http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168837.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165509.html http://lists.opensuse.org/opensuse-updates/2015-10/msg00053.html http://www.debian.org/security/2015/dsa-3367 http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http://www.securityfocus.com/bid/76381 http://www.securitytracker.com/id&# • CWE-20: Improper Input Validation •

CVSS: 4.3EPSS: 0%CPEs: 9EXPL: 0

CVE-2015-6248 – wireshark: Ptvcursor crash (wnpa-sec-2015-28)

https://notcve.org/view.php?id=CVE-2015-6248

The ptvcursor_add function in the ptvcursor implementation in epan/proto.c in Wireshark 1.12.x before 1.12.7 does not check whether the expected amount of data is available, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. Vulnerabilidad en la función ptvcursor_add en la implementación ptvcursor en epan/proto.c en Wireshark 1.12.x en versiones anteriores a 1.12.7, no comprueba si la cantidad de datos esperada está disponible, lo que permite a atacantes remotos causar una denegación de servicio (caída de la aplicación) a través de un paquete manipulado. • http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168837.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165509.html http://lists.opensuse.org/opensuse-updates/2015-10/msg00053.html http://www.debian.org/security/2015/dsa-3367 http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http://www.securityfocus.com/bid/76387 http://www.securitytracker.com/id&# • CWE-20: Improper Input Validation •

CVSS: 4.3EPSS: 0%CPEs: 8EXPL: 0

CVE-2015-6249

https://notcve.org/view.php?id=CVE-2015-6249

The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.12.x before 1.12.7 does not prevent the conflicting use of a table for both IPv4 and IPv6 addresses, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. Vulnerabilidad en la función dissect_wccp2r1_address_table_info en epan/dissectors/packet-wccp.c en el disector WCCP en Wireshark 1.12.x en versiones anteriores a 1.12.7, no impide el uso conflictivo de una tabla para las direcciones IPv4 y IPv6, lo que permite a atacantes remotos causar una denegación de servicio (caída de la aplicación) a través de un paquete manipulado. • http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168837.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165509.html http://lists.opensuse.org/opensuse-updates/2015-10/msg00053.html http://www.debian.org/security/2015/dsa-3367 http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www.securitytracker.com/id/1033272 http://www.wireshark.org/security/wnpa-sec-2015-29.html https://bugs.wireshark.org/bugzilla/show_bug.cgi& • CWE-20: Improper Input Validation •