CVSS: 5.9EPSS: 0%CPEs: 205EXPL: 0CVE-2021-3449 – NULL pointer deref in signature_algorithms processing
https://notcve.org/view.php?id=CVE-2021-3449
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. • http://www.openwall.com/lists/oss-security/2021/03/27/1 http://www.openwall.com/lists/oss-security/2021/03/27/2 http://www.openwall.com/lists/oss-security/2021/03/28/3 http://www.openwall.com/lists/oss-security/2021/03/28/4 https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fb9fa6b51defd48157eeb207f52181f735d96148 https://kb.pulse • CWE-476: NULL Pointer Dereference •
CVSS: 9.0EPSS: 7%CPEs: 13EXPL: 1CVE-2020-9273
https://notcve.org/view.php?id=CVE-2020-9273
In ProFTPD 1.3.7, it is possible to corrupt the memory pool by interrupting the data transfer channel. This triggers a use-after-free in alloc_pool in pool.c, and possible remote code execution. En ProFTPD versión 1.3.7, es posible corromper los grupos de memoria mediante la interrupción del canal de transferencia de datos. Esto conlleva a un uso de la memoria previamente liberada en la función alloc_pool en el archivo pool.c, y una posible ejecución de código remota. • https://github.com/ptef/CVE-2020-9273 http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00002.html http://www.openwall.com/lists/oss-security/2021/08/25/1 http://www.openwall.com/lists/oss-security/2021/09/06/2 https://cert-portal.siemens.com/productcert/pdf/ssa-679335.pdf https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES https://github.com/proftpd/proftpd/issues/903 https://lists.debian.org/debian-lts-announce/2020/02/msg00022.html https:/& • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2020-9272
https://notcve.org/view.php?id=CVE-2020-9272
ProFTPD 1.3.7 has an out-of-bounds (OOB) read vulnerability in mod_cap via the cap_text.c cap_to_text function. ProFTPD versión 1.3.7, presenta una vulnerabilidad de lectura fuera de límites (OOB) en mod_cap por medio de la función cap_to_text del archivo cap_text.c. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00002.html https://cert-portal.siemens.com/productcert/pdf/ssa-679335.pdf https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES https://github.com/proftpd/proftpd/issues/902 https://security.gentoo.org/glsa/202003-35 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 1%CPEs: 152EXPL: 0CVE-2018-5391 – The Linux kernel, versions 3.9+, IP implementation is vulnerable to denial of service conditions with low rates of specially modified packets
https://notcve.org/view.php?id=CVE-2018-5391
The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size. El kernel de Linux en versiones a partir de la 3.9 es vulnerable a un ataque de denegación de servicio (DoS) con tasas bajas de paquetes especialmente modificados que apuntan hacia el reensamblado de fragmentos de IP. • http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-en http://www.openwall.com/lists/oss-security/2019/06/28/2 http://www.openwall.com/lists/oss-security/2019/07/06/3 http://www.openwall.com/lists/oss-security/2019/07/06/4 http://www.securityfocus.com/bid/105108 http://www.securitytracker.com/id/1041476 http://www.securitytracker.com/id/1041637 https://access.redhat.co • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption •