CVSS: 7.5EPSS: 2%CPEs: 9EXPL: 2CVE-2023-29552 – Service Location Protocol (SLP) Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-29552
The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services. This could allow the attacker to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor. The Service Location Protocol (SLP) contains a denial-of-service (DoS) vulnerability that could allow an unauthenticated, remote attacker to register services and use spoofed UDP traffic to conduct a denial-of-service (DoS) attack with a significant amplification factor. • https://blogs.vmware.com/security/2023/04/vmware-response-to-cve-2023-29552-reflective-denial-of-service-dos-amplification-vulnerability-in-slp.html https://curesec.com/blog/article/CVE-2023-29552-Service-Location-Protocol-Denial-of-Service-Amplification-Attack-212.html https://datatracker.ietf.org/doc/html/rfc2608 https://github.com/curesec/slpload https://security.netapp.com/advisory/ntap-20230426-0001 https://www.bitsight.com/blog/new-high-severity-vulnerability-cve-2023-29552-discovered-service-location-protoco •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 1CVE-2022-45154 – supportconfig does not remove passwords in /etc/iscsi/iscsid.conf and /etc/target/lio_setup.sh
https://notcve.org/view.php?id=CVE-2022-45154
A Cleartext Storage of Sensitive Information vulnerability in suppportutils of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15, SUSE Linux Enterprise Server 15 SP3 allows attackers that get access to the support logs to gain knowledge of the stored credentials This issue affects: SUSE Linux Enterprise Server 12 supportutils version 3.0.10-95.51.1CWE-312: Cleartext Storage of Sensitive Information and prior versions. SUSE Linux Enterprise Server 15 supportutils version 3.1.21-150000.5.44.1 and prior versions. SUSE Linux Enterprise Server 15 SP3 supportutils version 3.1.21-150300.7.35.15.1 and prior versions. • https://bugzilla.suse.com/show_bug.cgi?id=1207598 • CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2022-45153 – saphanabootstrap-formula: Escalation to root for arbitrary users in hana/ha_cluster.sls
https://notcve.org/view.php?id=CVE-2022-45153
An Incorrect Default Permissions vulnerability in saphanabootstrap-formula of SUSE Linux Enterprise Module for SAP Applications 15-SP1, SUSE Linux Enterprise Server for SAP 12-SP5; openSUSE Leap 15.4 allows local attackers to escalate to root by manipulating the sudo configuration that is created. This issue affects: SUSE Linux Enterprise Module for SAP Applications 15-SP1 saphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e. SUSE Linux Enterprise Server for SAP 12-SP5 saphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e. openSUSE Leap 15.4 saphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e. • https://bugzilla.suse.com/show_bug.cgi?id=1205990 • CWE-276: Incorrect Default Permissions •
CVSS: 4.4EPSS: 0%CPEs: 4EXPL: 0CVE-2022-31252 – permissions: chkstat does not check for group-writable parent directories or target files in safeOpen()
https://notcve.org/view.php?id=CVE-2022-31252
A Incorrect Authorization vulnerability in chkstat of SUSE Linux Enterprise Server 12-SP5; openSUSE Leap 15.3, openSUSE Leap 15.4, openSUSE Leap Micro 5.2 did not consider group writable path components, allowing local attackers with access to a group what can write to a location included in the path to a privileged binary to influence path resolution. This issue affects: SUSE Linux Enterprise Server 12-SP5 permissions versions prior to 20170707. openSUSE Leap 15.3 permissions versions prior to 20200127. openSUSE Leap 15.4 permissions versions prior to 20201225. openSUSE Leap Micro 5.2 permissions versions prior to 20181225. Una vulnerabilidad de autorización incorrecta en chkstat de SUSE Linux Enterprise Server versión 12-SP5; openSUSE Leap versión 15.3, openSUSE Leap versión 15.4, openSUSE Leap Micro versión 5.2, no tenía en cuenta los componentes de la ruta de escritura del grupo, lo que permitía a atacantes locales con acceso a un grupo lo que puede escribir en una ubicación incluida en la ruta de un binario privilegiado para influir en la resolución de la ruta. Este problema afecta a: SUSE Linux Enterprise Server 12-SP5 versiones de permisos anteriores a 20170707. openSUSE Leap 15.3 versiones de permisos anteriores a 20200127. openSUSE Leap 15.4 versiones de permisos anteriores a 20201225. openSUSE Leap Micro 5.2 versiones de permisos anteriores a 20181225 • https://bugzilla.suse.com/show_bug.cgi?id=1203018 • CWE-863: Incorrect Authorization •
CVSS: 7.8EPSS: 0%CPEs: 60EXPL: 0CVE-2022-27239
https://notcve.org/view.php?id=CVE-2022-27239
In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges. En cifs-utils versiones hasta 6.14, un desbordamiento del búfer en la región stack de la memoria cuando es analizado el argumento de línea de comandos mount.cifs ip= podría conllevar a que atacantes locales obtuvieran privilegios de root • http://wiki.robotz.com/index.php/Linux_CIFS_Utils_and_Samba https://bugzilla.samba.org/show_bug.cgi?id=15025 https://bugzilla.suse.com/show_bug.cgi?id=1197216 https://github.com/piastry/cifs-utils/pull/7 https://github.com/piastry/cifs-utils/pull/7/commits/955fb147e97a6a74e1aaa65766de91e2c1479765 https://lists.debian.org/debian-lts-announce/2022/05/msg00020.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5WBOLMANBYJILXQKRRK7OCR774PXJAYY https://lists& • CWE-787: Out-of-bounds Write •