
CVE-2017-15130 – Debian Security Advisory 4130-1
https://notcve.org/view.php?id=CVE-2017-15130
02 Mar 2018 — A denial of service flaw was found in dovecot before 2.2.34. An attacker able to generate random SNI server names could exploit TLS SNI configuration lookups, leading to excessive memory usage and the process to restart. Se ha descubierto un error de denegación de servicio (DoS) en dovecot en versiones anteriores a la 2.2.34. Un atacante que pueda generar nombres aleatorios del servidor SNI podría explotar las búsquedas de configuración TLS SNI, lo que conduce a un uso excesivo de memoria y al reinicio del ... • http://seclists.org/oss-sec/2018/q1/205 • CWE-400: Uncontrolled Resource Consumption •

CVE-2017-18209 – Ubuntu Security Notice USN-3681-1
https://notcve.org/view.php?id=CVE-2017-18209
01 Mar 2018 — In the GetOpenCLCachedFilesDirectory function in magick/opencl.c in ImageMagick 7.0.7, a NULL pointer dereference vulnerability occurs because a memory allocation result is not checked, related to GetOpenCLCacheDirectory. En la función GetOpenCLCachedFilesDirectory en magick/opencl.c en ImageMagick 7.0.7, una vulnerabilidad de desreferencia de puntero NULL ocurre debido a que no se comprueba un resultado de asignación de memoria. Esto se relaciona con GetOpenCLCacheDirectory. It was discovered that ImageMag... • http://www.securityfocus.com/bid/103218 • CWE-476: NULL Pointer Dereference •

CVE-2017-18211 – Ubuntu Security Notice USN-3681-1
https://notcve.org/view.php?id=CVE-2017-18211
01 Mar 2018 — In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function saveBinaryCLProgram in magick/opencl.c because a program-lookup result is not checked, related to CacheOpenCLKernel. En ImageMagick 7.0.7, se ha encontrado una vulnerabilidad de desreferencia de puntero NULL en la función saveBinaryCLProgram en magick/opencl.c debido a que no se comprueba un resultado de búsqueda de programa. Esto se relaciona con CacheOpenCLKernel. It was discovered that ImageMagick incorrectly handled... • http://www.securityfocus.com/bid/103220 • CWE-476: NULL Pointer Dereference •

CVE-2018-7584 – PHP 7.2.2 - 'php_stream_url_wrap_http_ex' Buffer Overflow
https://notcve.org/view.php?id=CVE-2018-7584
01 Mar 2018 — In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read while parsing an HTTP response in the php_stream_url_wrap_http_ex function in ext/standard/http_fopen_wrapper.c. This subsequently results in copying a large string. En PHP hasta la versión 5.6.33, versiones 7.0.x anteriores a la 7.0.28, versiones 7.1.x hasta la 7.1.14 y versiones 7.2.x hasta la 7.2.2, hay una sublectura de búfer basada en pila al analizar una respuesta HTTP en... • https://packetstorm.news/files/id/148068 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •

CVE-2018-5733 – A malicious client can overflow a reference counter in ISC dhcpd
https://notcve.org/view.php?id=CVE-2018-5733
01 Mar 2018 — A malicious client which is allowed to send very large amounts of traffic (billions of packets) to a DHCP server can eventually overflow a 32-bit reference counter, potentially causing dhcpd to crash. Affects ISC DHCP 4.1.0 -> 4.1-ESV-R15, 4.2.0 -> 4.2.8, 4.3.0 -> 4.3.6, 4.4.0. Un cliente malicioso al que se le permite enviar grandes cantidades de tráfico (miles de millones de paquetes) a un servidor DHCP puede terminar desbordando un contador de referencia de 32 bits, provocando el cierre inesperado de dhc... • http://www.securityfocus.com/bid/103188 • CWE-190: Integer Overflow or Wraparound •

CVE-2018-7184 – Ubuntu Security Notice USN-3707-1
https://notcve.org/view.php?id=CVE-2018-7184
01 Mar 2018 — ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating the "received" timestamp, which allows remote attackers to cause a denial of service (disruption) by sending a packet with a zero-origin timestamp causing the association to reset and setting the contents of the packet as the most recent timestamp. This issue is a result of an incomplete fix for CVE-2015-7704. ntpd en ntp, en versiones 4.2.8p4 anteriores a la 4.2.8p11, envía paquetes malos antes de actualizar la marca de tiempo "received"... • http://packetstormsecurity.com/files/146631/Slackware-Security-Advisory-ntp-Updates.html •

CVE-2018-7185 – Ubuntu Security Notice USN-3707-2
https://notcve.org/view.php?id=CVE-2018-7185
01 Mar 2018 — The protocol engine in ntp 4.2.6 before 4.2.8p11 allows a remote attackers to cause a denial of service (disruption) by continually sending a packet with a zero-origin timestamp and source IP address of the "other side" of an interleaved association causing the victim ntpd to reset its association. El motor de protocolo en ntp, en versiones 4.2.6 anteriores a la 4.2.8p11, permite que atacantes remotos provoquen una denegación de servicio (interrupción) mediante el envío continuado de un paquete con una marc... • http://packetstormsecurity.com/files/146631/Slackware-Security-Advisory-ntp-Updates.html •

CVE-2018-7550 – QEMU: i386: multiboot OOB access while loading kernel image
https://notcve.org/view.php?id=CVE-2018-7550
01 Mar 2018 — The load_multiboot function in hw/i386/multiboot.c in Quick Emulator (aka QEMU) allows local guest OS users to execute arbitrary code on the QEMU host via a mh_load_end_addr value greater than mh_bss_end_addr, which triggers an out-of-bounds read or write memory access. La función load_multiboot en hw/i386/multiboot.c en Quick Emulator (también conocido como QEMU) permite que usuarios locales invitados del sistema operativo ejecuten código arbitrario en el host QEMU mediante un valor mh_load_end_addr mayor ... • http://www.securityfocus.com/bid/103181 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •

CVE-2018-1304 – tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources
https://notcve.org/view.php?id=CVE-2018-1304
28 Feb 2018 — The URL pattern of "" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected. El patró... • https://github.com/knqyf263/CVE-2018-1304 • CWE-284: Improper Access Control •

CVE-2014-10071 – zsh: buffer overflow for very long fds in >& fd syntax
https://notcve.org/view.php?id=CVE-2014-10071
27 Feb 2018 — In exec.c in zsh before 5.0.7, there is a buffer overflow for very long fds in the ">& fd" syntax. En exec.c en zsh, en versiones anteriores a la 5.0.7, hay un desbordamiento de búfer para un fds muy largo en la sintaxis "> fd". A buffer overflow flaw was found in the zsh shell file descriptor redirection functionality. An attacker could use this flaw to cause a denial of service by crashing the user shell. It was discovered that Zsh incorrectly handled certain environment variables. • https://access.redhat.com/errata/RHSA-2018:3073 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •