CVSS: 8.8EPSS: 0%CPEs: 11EXPL: 0CVE-2016-7545 – policycoreutils: SELinux sandbox escape via TIOCSTI ioctl
https://notcve.org/view.php?id=CVE-2016-7545
14 Nov 2016 — SELinux policycoreutils allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call. SELinux policycoreutils permite a usuarios locales ejecutar comandos arbitrarios fuera de la sandbox a través de una llamada ioctl TIOCSTI manipulada. It was found that the sandbox tool provided in policycoreutils was vulnerable to a TIOCSTI ioctl attack. A specially crafted program executed via the sandbox command could use this flaw to execute arbitrary commands in the context ... • http://rhn.redhat.com/errata/RHSA-2016-2702.html • CWE-284: Improper Access Control •
CVSS: 3.3EPSS: 0%CPEs: 9EXPL: 0CVE-2016-4455 – subscription-manager: sensitive world readable files in /var/lib/rhsm/
https://notcve.org/view.php?id=CVE-2016-4455
04 Nov 2016 — The Subscription Manager package (aka subscription-manager) before 1.17.7-1 for Candlepin uses weak permissions (755) for subscription-manager cache directories, which allows local users to obtain sensitive information by reading files in the directories. El paquete Subscription Manager (también conocido como subscription-manager) en versiones anteriores a 1.17.7-1 para Candlepin utiliza permisos débiles (755) para los directorios de caché del subscription-manager, lo que permite a los usuarios locales obte... • http://rhn.redhat.com/errata/RHSA-2016-2592.html • CWE-264: Permissions, Privileges, and Access Controls CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2016-5405 – 389-ds-base: Password verification vulnerable to timing attack
https://notcve.org/view.php?id=CVE-2016-5405
04 Nov 2016 — 389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to obtain user passwords. 389 Directory Server en Red Hat Enterprise Linux Desktop versiones 6 a la 7, Red Hat Enterprise Linux HPC Node versiones 6 a la 7, servidor Red Hat Enterprise Linux versiones 6 a la 7 y Red Hat Enterprise Linux Las Workstation versiones 6 a la 7, ... • http://rhn.redhat.com/errata/RHSA-2016-2594.html • CWE-199: Information Management Errors CWE-385: Covert Timing Channel •
CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 0CVE-2016-5410 – firewalld: Firewall configuration can be modified by any logged in user
https://notcve.org/view.php?id=CVE-2016-5410
04 Nov 2016 — firewalld.py in firewalld before 0.4.3.3 allows local users to bypass authentication and modify firewall configurations via the (1) addPassthrough, (2) removePassthrough, (3) addEntry, (4) removeEntry, or (5) setEntries D-Bus API method. firewalld.py en firewalld en versiones anteriores a 0.4.3.3 permite a usuarios locales eludir la autenticación y modificar las configuraciones del firewall a través de (1) addPassthrough, (2) removePassthrough, (3) addEntry, (4) removeEntry o (5) setEntries D-Bus API method... • http://rhn.redhat.com/errata/RHSA-2016-2597.html • CWE-287: Improper Authentication CWE-306: Missing Authentication for Critical Function •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2016-5416 – 389-ds-base: ACI readable by anonymous user
https://notcve.org/view.php?id=CVE-2016-5416
04 Nov 2016 — 389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to read the default Access Control Instructions. 389 Directory Server en RedHat Enterprise Linux Desktop 6 hasta el 7, RedHat Enterprise Linux HPC node 6 hasta el 7, RedHat Enterprise Linux Server 6 hasta el 7, y RedHat Enterprise Linux WorkStation 6 hasta el 7 permite a u... • http://rhn.redhat.com/errata/RHSA-2016-2594.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2016-4992 – 389-ds-base: Information disclosure via repeated use of LDAP ADD operation
https://notcve.org/view.php?id=CVE-2016-4992
04 Nov 2016 — 389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to infer the existence of RDN component objects. Servidor de directorios en Red Hat Enterprise Linux de escritorio 6 a 7, Red Hat Enterprise Linux HPC de nodo 6 a 7, Servidor 6 a 7 de Red Hat Enterprise Linux y Red Hat Enterprise Linux Estación de trabajo 6 a 7 permite a a... • http://rhn.redhat.com/errata/RHSA-2016-2594.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2016-3099 – mod_nss: Invalid handling of +CIPHER operator
https://notcve.org/view.php?id=CVE-2016-3099
04 Nov 2016 — mod_ns in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows remote attackers to force the use of ciphers that were not intended to be enabled. mod_ns en Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7, permite a atacantes remotos forzar el uso de cifrados que no estaban destinados a ser habilitados. ... • http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183102.html • CWE-327: Use of a Broken or Risky Cryptographic Algorithm CWE-392: Missing Report of Error Condition •
CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 0CVE-2016-7050 – RESTEasy: SerializableProvider enabled by default and deserializes untrusted data
https://notcve.org/view.php?id=CVE-2016-7050
04 Nov 2016 — SerializableProvider in RESTEasy in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows remote attackers to execute arbitrary code. SerializablesProvider de RESTEasy en RedHat Enterprise Linux Desktop 7, RedHat Enterprise Linux HPC node 7, RedHat Enterprise Linux Server 7, y RedHat Enterprise Linux WorkStation 7 permite a un atacante remoto ejecutar código arbitrario. It was discovered that under certai... • http://rhn.redhat.com/errata/RHSA-2016-2604.html • CWE-502: Deserialization of Untrusted Data •
CVSS: 4.9EPSS: 0%CPEs: 5EXPL: 0CVE-2016-7091 – sudo: Possible info leak via INPUTRC
https://notcve.org/view.php?id=CVE-2016-7091
04 Nov 2016 — sudo: It was discovered that the default sudo configuration on Red Hat Enterprise Linux and possibly other Linux implementations preserves the value of INPUTRC which could lead to information disclosure. A local user with sudo access to a restricted program that uses readline could use this flaw to read content from specially formatted files with elevated privileges provided by sudo. sudo: Se ha descubierto que la configuración por defecto de sudo en Red Hat Enterprise Linux y posiblemente en otras implemen... • http://www.securityfocus.com/bid/92615 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 3%CPEs: 9EXPL: 0CVE-2016-6489 – nettle: RSA/DSA code is vulnerable to cache-timing related attacks
https://notcve.org/view.php?id=CVE-2016-6489
03 Nov 2016 — The RSA and DSA decryption code in Nettle makes it easier for attackers to discover private keys via a cache side channel attack. El código de descifrado RSA y DSA en Nettle facilita a los atacantes cubrir las claves privadas a través de un ataque de canal secundario de caché. It was found that nettle's RSA and DSA decryption code was vulnerable to cache-related side channel attacks. An attacker could use this flaw to recover the private key from a co-located virtual-machine instance. Nettle is a cryptograp... • http://rhn.redhat.com/errata/RHSA-2016-2582.html • CWE-203: Observable Discrepancy •