четвъртък, 30 април 2020 г.

Weekly Update: a new vulnerability is published on the National Vulnerability Database (28 items)


New vulnerabilities from the NVD: CVE-2012-0785

Hash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS before 1.424.2, and Jenkins Enterprise by CloudBees 1.424.x before 1.424.2.1 and 1.400.x before 1.400.0.11 could allow remote attackers to cause a considerable CPU load, aka "the Hash DoS attack."
Published at: February 24, 2020 at 07:15PM
View on website

February 24, 2020 at 10:04PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2015-0565

NaCl in 2015 allowed the CLFLUSH instruction, making rowhammer attacks possible.
Published at: February 25, 2020 at 10:15PM
View on website

February 26, 2020 at 12:04AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-17032

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.
Published at: February 26, 2020 at 07:15PM
View on website

February 26, 2020 at 10:22PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-17031

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.
Published at: February 26, 2020 at 07:15PM
View on website

February 26, 2020 at 10:22PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-17030

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.
Published at: February 26, 2020 at 07:15PM
View on website

February 26, 2020 at 10:22PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-17029

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.
Published at: February 26, 2020 at 07:15PM
View on website

February 26, 2020 at 10:22PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-17028

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.
Published at: February 26, 2020 at 07:15PM
View on website

February 26, 2020 at 10:22PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-17027

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.
Published at: February 26, 2020 at 07:15PM
View on website

February 26, 2020 at 10:22PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-12882

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
Published at: February 27, 2020 at 07:15AM
View on website

February 27, 2020 at 09:22AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-19668

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-17963. Reason: This candidate is a reservation duplicate of CVE-2018-17963. Notes: All CVE users should reference CVE-2018-17963 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
Published at: February 27, 2020 at 07:15AM
View on website

February 27, 2020 at 09:22AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-6371

Synchronet BBS 3.16c for Windows allows remote attackers to cause a denial of service (service crash) via a long string in the HTTP Referer header.
Published at: February 27, 2020 at 07:15AM
View on website

February 27, 2020 at 09:22AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-6363

** DISPUTED ** In the GD Graphics Library (aka LibGD) through 2.2.5, there is a heap-based buffer over-read in tiffWriter in gd_tiff.c. NOTE: the vendor says "In my opinion this issue should not have a CVE, since the GD and GD2 formats are documented to be 'obsolete, and should only be used for development and testing purposes.'"
Published at: February 27, 2020 at 07:15AM
View on website

February 27, 2020 at 09:22AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-5861

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-1000020. Reason: This candidate is a reservation duplicate of CVE-2017-1000020. Notes: All CVE users should reference CVE-2017-1000020 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
Published at: February 27, 2020 at 06:15AM
View on website

February 27, 2020 at 09:22AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2015-5686

Parts of the Puppet Enterprise Console 3.x were found to be susceptible to clickjacking and CSRF (Cross-Site Request Forgery) attacks. This would allow an attacker to redirect user input to an untrusted site or hijack a user session.
Published at: February 27, 2020 at 03:15AM
View on website

February 27, 2020 at 09:22AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-16900

Incorrect Access Control in Hunesion i-oneNet 3.0.6042.1200 allows the local user to access other user's information which is unauthorized via brute force.
Published at: February 27, 2020 at 08:15PM
View on website

February 27, 2020 at 10:22PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2015-2992

Apache Struts before 2.3.20 has a cross-site scripting (XSS) vulnerability.
Published at: February 27, 2020 at 08:15PM
View on website

February 27, 2020 at 10:22PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-8878

Information disclosure in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to acquire information on internal network devices' hostnames and MAC addresses by reading the custom_id variable on the blocking.asp page.
Published at: February 28, 2020 at 12:15AM
View on website

February 28, 2020 at 02:22AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-8877

Information disclosure in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to acquire information on internal network IP address ranges by reading the new_lan_ip variable on the error_page.htm page.
Published at: February 28, 2020 at 12:15AM
View on website

February 28, 2020 at 02:22AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-10064

hostapd before 2.6, in EAP mode, makes calls to the rand() and random() standard library functions without any preceding srand() or srandom() call, which results in inappropriate use of deterministic values. This was fixed in conjunction with CVE-2016-10743.
Published at: February 28, 2020 at 05:15PM
View on website

February 28, 2020 at 08:22PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-15609

The kill-port-process package version < 2.2.0 is vulnerable to a Command Injection vulnerability.
Published at: February 28, 2020 at 10:15PM
View on website

February 29, 2020 at 12:22AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-10805

valib through 2.0.0 allows Internal Property Tampering. A maliciously crafted JavaScript object can bypass several inspection functions provided by valib. Valib uses a built-in function (hasOwnProperty) from the unsafe user-input to examine an object. It is possible for a crafted payload to overwrite this function to manipulate the inspection results to bypass security checks.
Published at: February 28, 2020 at 11:15PM
View on website

February 29, 2020 at 02:22AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-10804

serial-number through 1.3.0 allows execution of arbritary commands. The "cmdPrefix" argument in serialNumber function is used by the "exec" function without any validation.
Published at: February 28, 2020 at 11:15PM
View on website

February 29, 2020 at 02:22AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-10803

push-dir through 0.4.1 allows execution of arbritary commands. Arguments provided as part of the variable "opt.branch" is not validated before being provided to the "git" command within "index.js#L139". This could be abused by an attacker to inject arbitrary commands.
Published at: February 28, 2020 at 11:15PM
View on website

February 29, 2020 at 02:22AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-10802

giting version prior to 0.0.8 allows execution of arbritary commands. The first argument "repo" of function "pull()" is executed by the package without any validation.
Published at: February 28, 2020 at 11:15PM
View on website

February 29, 2020 at 02:22AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-10801

enpeem through 2.2.0 allows execution of arbitrary commands. The "options.dir" argument is provided to the "exec" function without any sanitization.
Published at: February 28, 2020 at 11:15PM
View on website

February 29, 2020 at 02:22AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-21035

In Qt through 5.14.1, the WebSocket implementation accepts up to 2GB for frames and 2GB for messages. Smaller limits cannot be configured. This makes it easier for attackers to cause a denial of service (memory consumption).
Published at: February 28, 2020 at 11:15PM
View on website

February 29, 2020 at 02:22AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2015-5361

Background For regular, unencrypted FTP traffic, the FTP ALG can inspect the unencrypted control channel and open related sessions for the FTP data channel. These related sessions (gates) are specific to source and destination IPs and ports of client and server. The design intent of the ftps-extensions option (which is disabled by default) is to provide similar functionality when the SRX secures the FTP/FTPS client. As the control channel is encrypted, the FTP ALG cannot inspect the port specific information and will open a wider TCP data channel (gate) from client IP to server IP on all destination TCP ports. In FTP/FTPS client environments to an enterprise network or the Internet, this is the desired behavior as it allows firewall policy to be written to FTP/FTPS servers on well-known control ports without using a policy with destination IP ANY and destination port ANY. Issue The ftps-extensions option is not intended or recommended where the SRX secures the FTPS server, as the wide data channel session (gate) will allow the FTPS client temporary access to all TCP ports on the FTPS server. The data session is associated to the control channel and will be closed when the control channel session closes. Depending on the configuration of the FTPS server, supporting load-balancer, and SRX inactivity-timeout values, the server/load-balancer and SRX may keep the control channel open for an extended period of time, allowing an FTPS client access for an equal duration.​ Note that the ftps-extensions option is not enabled by default.
Published at: February 29, 2020 at 01:15AM
View on website

February 29, 2020 at 04:22AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2015-3006

On the QFX3500 and QFX3600 platforms, the number of bytes collected from the RANDOM_INTERRUPT entropy source when the device boots up is insufficient, possibly leading to weak or duplicate SSH keys or self-signed SSL/TLS certificates. Entropy increases after the system has been up and running for some time, but immediately after boot, the entropy is very low. This issue only affects the QFX3500 and QFX3600 switches. No other Juniper Networks products or platforms are affected by this weak entropy vulnerability.
Published at: February 29, 2020 at 01:15AM
View on website

February 29, 2020 at 04:22AM

via National Vulnerability Database

Няма коментари:

Публикуване на коментар