Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2019-AVI-014
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Centreon | Web | SRC Series Application Server et Web Administrator versions antérieures à 4.12.0-R1 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 sur vMX Series | ||
| Juniper Networks | Junos OS | Junos OS versions 14.1X53, 15.1, 15.1X53, 16.1, 17.1, 17.2, 17.3, 17.4, 18.1 sur EX2300/EX3400, EX2300/EX3400 series, EX4600, QFX3K series, QFX5200/QFX5110 series et QFX5k series | ||
| Juniper Networks | Junos OS | Junos OS versions 14.1X53, 15.1, 15.1X53 sur EX Virtual Chassis Platforms, MX Virtual Chassis Platforms et QFX Virtual Chassis Platforms | ||
| Juniper Networks | Junos OS | Junos OS versions 12.1X46, 12.3, 12.3X48, 14.1X53, 15.1, 15.1F, 15.1X49, 15.1X53, 16.1, 16.2, 17.1, 17.2, 17.2X75, 17.3, 17.4, 18.1, 18.2 et 18.2X75 | ||
| N/A | N/A | Juniper ATP | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53, 18.1, 18.2 sur EX2300 et EX3400 series | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1, 16.2, 17.1, 17.2, 17.3, 17.4, 18.1, 18.2 sur MX Series | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3X48, 15.1X49, 17.3, 17.4, 18.1 et 18.2 sur SRX Series | ||
| Juniper Networks | Junos Space | Junos Space | ||
| Juniper Networks | Junos OS | Junos OS versions 12.1X46, 12.3X48, 15.1X49 sur SRX Series | ||
| Juniper Networks | Junos OS | Tous produits et toutes plateformes exécutant Junos OS | ||
| Juniper Networks | Junos OS | Junos OS versions 17.2X75, 17.4, 18.1 et 18.2 sur QFX et PTX Series |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SRC Series Application Server et Web Administrator versions ant\u00e9rieures \u00e0 4.12.0-R1",
"product": {
"name": "Web",
"vendor": {
"name": "Centreon",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 sur vMX Series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.1X53, 15.1, 15.1X53, 16.1, 17.1, 17.2, 17.3, 17.4, 18.1 sur EX2300/EX3400, EX2300/EX3400 series, EX4600, QFX3K series, QFX5200/QFX5110 series et QFX5k series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.1X53, 15.1, 15.1X53 sur EX Virtual Chassis Platforms, MX Virtual Chassis Platforms et QFX Virtual Chassis Platforms",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.1X46, 12.3, 12.3X48, 14.1X53, 15.1, 15.1F, 15.1X49, 15.1X53, 16.1, 16.2, 17.1, 17.2, 17.2X75, 17.3, 17.4, 18.1, 18.2 et 18.2X75",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper ATP",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53, 18.1, 18.2 sur EX2300 et EX3400 series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1, 16.2, 17.1, 17.2, 17.3, 17.4, 18.1, 18.2 sur MX Series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3X48, 15.1X49, 17.3, 17.4, 18.1 et 18.2 sur SRX Series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos Space",
"product": {
"name": "Junos Space",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.1X46, 12.3X48, 15.1X49 sur SRX Series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Tous produits et toutes plateformes ex\u00e9cutant Junos OS",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.2X75, 17.4, 18.1 et 18.2 sur QFX et PTX Series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-0010",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0010"
},
{
"name": "CVE-2018-10901",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10901"
},
{
"name": "CVE-2018-0737",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0737"
},
{
"name": "CVE-2017-18258",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18258"
},
{
"name": "CVE-2018-5683",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5683"
},
{
"name": "CVE-2019-0003",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0003"
},
{
"name": "CVE-2019-0007",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0007"
},
{
"name": "CVE-2018-5391",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5391"
},
{
"name": "CVE-2017-13672",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13672"
},
{
"name": "CVE-2017-0861",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0861"
},
{
"name": "CVE-2018-7566",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7566"
},
{
"name": "CVE-2019-0027",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0027"
},
{
"name": "CVE-2019-0030",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0030"
},
{
"name": "CVE-2017-1000379",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000379"
},
{
"name": "CVE-2019-0001",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0001"
},
{
"name": "CVE-2018-14634",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14634"
},
{
"name": "CVE-2019-0002",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0002"
},
{
"name": "CVE-2019-0013",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0013"
},
{
"name": "CVE-2019-0023",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0023"
},
{
"name": "CVE-2016-4447",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4447"
},
{
"name": "CVE-2018-10675",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10675"
},
{
"name": "CVE-2016-4448",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4448"
},
{
"name": "CVE-2017-3137",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3137"
},
{
"name": "CVE-2015-1283",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1283"
},
{
"name": "CVE-2016-3705",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3705"
},
{
"name": "CVE-2017-3142",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3142"
},
{
"name": "CVE-2018-10872",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10872"
},
{
"name": "CVE-2019-0015",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0015"
},
{
"name": "CVE-2019-0005",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0005"
},
{
"name": "CVE-2019-0009",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0009"
},
{
"name": "CVE-2018-7858",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7858"
},
{
"name": "CVE-2019-0024",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0024"
},
{
"name": "CVE-2019-0025",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0025"
},
{
"name": "CVE-2017-3143",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3143"
},
{
"name": "CVE-2018-3620",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3620"
},
{
"name": "CVE-2017-7375",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7375"
},
{
"name": "CVE-2019-0011",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0011"
},
{
"name": "CVE-2018-3639",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3639"
},
{
"name": "CVE-2017-15265",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15265"
},
{
"name": "CVE-2019-0012",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0012"
},
{
"name": "CVE-2017-11610",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11610"
},
{
"name": "CVE-2018-5748",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5748"
},
{
"name": "CVE-2019-0004",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0004"
},
{
"name": "CVE-2019-0017",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0017"
},
{
"name": "CVE-2018-1126",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1126"
},
{
"name": "CVE-2018-3665",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3665"
},
{
"name": "CVE-2017-1000366",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000366"
},
{
"name": "CVE-2016-3627",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3627"
},
{
"name": "CVE-2018-12020",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12020"
},
{
"name": "CVE-2018-5390",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5390"
},
{
"name": "CVE-2016-2183",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2183"
},
{
"name": "CVE-2018-12384",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12384"
},
{
"name": "CVE-2018-10897",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10897"
},
{
"name": "CVE-2019-0021",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0021"
},
{
"name": "CVE-2018-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9251"
},
{
"name": "CVE-2019-0016",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0016"
},
{
"name": "CVE-2018-1124",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1124"
},
{
"name": "CVE-2018-8897",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8897"
},
{
"name": "CVE-2019-0022",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0022"
},
{
"name": "CVE-2017-1000364",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000364"
},
{
"name": "CVE-2018-0732",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0732"
},
{
"name": "CVE-2018-1050",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1050"
},
{
"name": "CVE-2019-0014",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0014"
},
{
"name": "CVE-2018-3693",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3693"
},
{
"name": "CVE-2018-10911",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10911"
},
{
"name": "CVE-2019-0026",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0026"
},
{
"name": "CVE-2019-0029",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0029"
},
{
"name": "CVE-2019-0020",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0020"
},
{
"name": "CVE-2018-5740",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5740"
},
{
"name": "CVE-2017-2619",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2619"
},
{
"name": "CVE-2019-0018",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0018"
},
{
"name": "CVE-2018-1000004",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000004"
},
{
"name": "CVE-2019-0006",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0006"
},
{
"name": "CVE-2016-4449",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4449"
},
{
"name": "CVE-2017-3136",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3136"
},
{
"name": "CVE-2011-3389",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3389"
},
{
"name": "CVE-2017-3145",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3145"
},
{
"name": "CVE-2018-1064",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1064"
},
{
"name": "CVE-2018-10301",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10301"
}
],
"links": [],
"reference": "CERTFR-2019-AVI-014",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-01-10T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10906 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10906\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10910 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10910\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10911 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10911\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10907 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10907\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10912 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10912\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10913 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10913\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10919 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10919\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10905 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10905\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10902 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10902\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10917 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10917\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10904 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10904\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10915 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10915\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10916 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10916\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10914 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10914\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10900 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10900\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10909 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10909\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10901 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10901\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10918 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10918\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10903 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10903\u0026cat=SIRT_1\u0026actp=LIST"
}
]
}
CVE-2017-1000366 (GCVE-0-2017-1000366)
Vulnerability from cvelistv5 – Published: 2017-06-19 16:00 – Updated: 2024-08-05 22:00
VLAI
EPSS
Summary
glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap memory but these issues are not directly exploitable, as such they have not been given a CVE. This affects glibc 2.25 and earlier.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
20 references
| URL | Tags |
|---|---|
| https://www.qualys.com/2017/06/19/stack-clash/sta… | x_refsource_MISC |
| http://www.securitytracker.com/id/1038712 | vdb-entryx_refsource_SECTRACK |
| https://www.exploit-db.com/exploits/42275/ | exploitx_refsource_EXPLOIT-DB |
| https://access.redhat.com/errata/RHSA-2017:1712 | vendor-advisoryx_refsource_REDHAT |
| https://www.suse.com/security/cve/CVE-2017-1000366/ | x_refsource_CONFIRM |
| https://access.redhat.com/errata/RHSA-2017:1479 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2017:1480 | vendor-advisoryx_refsource_REDHAT |
| http://www.securityfocus.com/bid/99127 | vdb-entryx_refsource_BID |
| https://www.exploit-db.com/exploits/42276/ | exploitx_refsource_EXPLOIT-DB |
| https://www.suse.com/support/kb/doc/?id=7020973 | x_refsource_CONFIRM |
| https://access.redhat.com/errata/RHSA-2017:1567 | vendor-advisoryx_refsource_REDHAT |
| https://www.exploit-db.com/exploits/42274/ | exploitx_refsource_EXPLOIT-DB |
| https://access.redhat.com/security/cve/CVE-2017-1000366 | x_refsource_CONFIRM |
| https://access.redhat.com/errata/RHSA-2017:1481 | vendor-advisoryx_refsource_REDHAT |
| http://www.debian.org/security/2017/dsa-3887 | vendor-advisoryx_refsource_DEBIAN |
| https://security.gentoo.org/glsa/201706-19 | vendor-advisoryx_refsource_GENTOO |
| https://kc.mcafee.com/corporate/index?page=conten… | x_refsource_CONFIRM |
| http://seclists.org/fulldisclosure/2019/Sep/7 | mailing-listx_refsource_FULLDISC |
| https://seclists.org/bugtraq/2019/Sep/7 | mailing-listx_refsource_BUGTRAQ |
| http://packetstormsecurity.com/files/154361/Cisco… | x_refsource_MISC |
Date Public
2017-06-19 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:00:39.873Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt"
},
{
"name": "1038712",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038712"
},
{
"name": "42275",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/42275/"
},
{
"name": "RHSA-2017:1712",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1712"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.suse.com/security/cve/CVE-2017-1000366/"
},
{
"name": "RHSA-2017:1479",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1479"
},
{
"name": "RHSA-2017:1480",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1480"
},
{
"name": "99127",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99127"
},
{
"name": "42276",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/42276/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.suse.com/support/kb/doc/?id=7020973"
},
{
"name": "RHSA-2017:1567",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1567"
},
{
"name": "42274",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/42274/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2017-1000366"
},
{
"name": "RHSA-2017:1481",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1481"
},
{
"name": "DSA-3887",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3887"
},
{
"name": "GLSA-201706-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201706-19"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10205"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-06-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap memory but these issues are not directly exploitable, as such they have not been given a CVE. This affects glibc 2.25 and earlier."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-05T01:06:07.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt"
},
{
"name": "1038712",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038712"
},
{
"name": "42275",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/42275/"
},
{
"name": "RHSA-2017:1712",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1712"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.suse.com/security/cve/CVE-2017-1000366/"
},
{
"name": "RHSA-2017:1479",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1479"
},
{
"name": "RHSA-2017:1480",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1480"
},
{
"name": "99127",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99127"
},
{
"name": "42276",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/42276/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.suse.com/support/kb/doc/?id=7020973"
},
{
"name": "RHSA-2017:1567",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1567"
},
{
"name": "42274",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/42274/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://access.redhat.com/security/cve/CVE-2017-1000366"
},
{
"name": "RHSA-2017:1481",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1481"
},
{
"name": "DSA-3887",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3887"
},
{
"name": "GLSA-201706-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201706-19"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10205"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-1000366",
"REQUESTER": "qsa@qualys.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap memory but these issues are not directly exploitable, as such they have not been given a CVE. This affects glibc 2.25 and earlier."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt",
"refsource": "MISC",
"url": "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt"
},
{
"name": "1038712",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038712"
},
{
"name": "42275",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/42275/"
},
{
"name": "RHSA-2017:1712",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1712"
},
{
"name": "https://www.suse.com/security/cve/CVE-2017-1000366/",
"refsource": "CONFIRM",
"url": "https://www.suse.com/security/cve/CVE-2017-1000366/"
},
{
"name": "RHSA-2017:1479",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1479"
},
{
"name": "RHSA-2017:1480",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1480"
},
{
"name": "99127",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99127"
},
{
"name": "42276",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/42276/"
},
{
"name": "https://www.suse.com/support/kb/doc/?id=7020973",
"refsource": "CONFIRM",
"url": "https://www.suse.com/support/kb/doc/?id=7020973"
},
{
"name": "RHSA-2017:1567",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1567"
},
{
"name": "42274",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/42274/"
},
{
"name": "https://access.redhat.com/security/cve/CVE-2017-1000366",
"refsource": "CONFIRM",
"url": "https://access.redhat.com/security/cve/CVE-2017-1000366"
},
{
"name": "RHSA-2017:1481",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1481"
},
{
"name": "DSA-3887",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3887"
},
{
"name": "GLSA-201706-19",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201706-19"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10205",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10205"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"name": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-1000366",
"datePublished": "2017-06-19T16:00:00.000Z",
"dateReserved": "2017-06-19T00:00:00.000Z",
"dateUpdated": "2024-08-05T22:00:39.873Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-1000379 (GCVE-0-2017-1000379)
Vulnerability from cvelistv5 – Published: 2017-06-19 16:00 – Updated: 2024-08-05 22:00
VLAI
EPSS
Summary
The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing attackers to more easily manipulate the stack. Linux Kernel version 4.11.5 is affected.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
17 references
| URL | Tags |
|---|---|
| https://access.redhat.com/errata/RHSA-2017:1491 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2017:1486 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2017:1489 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2017:1490 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/security/cve/CVE-2017-1000379 | x_refsource_CONFIRM |
| https://www.qualys.com/2017/06/19/stack-clash/sta… | x_refsource_MISC |
| https://access.redhat.com/errata/RHSA-2017:1482 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2017:1647 | vendor-advisoryx_refsource_REDHAT |
| http://www.securityfocus.com/bid/99284 | vdb-entryx_refsource_BID |
| https://www.exploit-db.com/exploits/42275/ | exploitx_refsource_EXPLOIT-DB |
| https://access.redhat.com/errata/RHSA-2017:1616 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2017:1712 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2017:1487 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2017:1484 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2017:1842 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2017:1485 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2017:1488 | vendor-advisoryx_refsource_REDHAT |
Date Public
2017-06-19 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:00:40.913Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:1491",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1491"
},
{
"name": "RHSA-2017:1486",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1486"
},
{
"name": "RHSA-2017:1489",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1489"
},
{
"name": "RHSA-2017:1490",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1490"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2017-1000379"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt"
},
{
"name": "RHSA-2017:1482",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1482"
},
{
"name": "RHSA-2017:1647",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1647"
},
{
"name": "99284",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99284"
},
{
"name": "42275",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/42275/"
},
{
"name": "RHSA-2017:1616",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1616"
},
{
"name": "RHSA-2017:1712",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1712"
},
{
"name": "RHSA-2017:1487",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1487"
},
{
"name": "RHSA-2017:1484",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1484"
},
{
"name": "RHSA-2017:1842",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1842"
},
{
"name": "RHSA-2017:1485",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1485"
},
{
"name": "RHSA-2017:1488",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1488"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-06-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing attackers to more easily manipulate the stack. Linux Kernel version 4.11.5 is affected."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2017:1491",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1491"
},
{
"name": "RHSA-2017:1486",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1486"
},
{
"name": "RHSA-2017:1489",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1489"
},
{
"name": "RHSA-2017:1490",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1490"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://access.redhat.com/security/cve/CVE-2017-1000379"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt"
},
{
"name": "RHSA-2017:1482",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1482"
},
{
"name": "RHSA-2017:1647",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1647"
},
{
"name": "99284",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99284"
},
{
"name": "42275",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/42275/"
},
{
"name": "RHSA-2017:1616",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1616"
},
{
"name": "RHSA-2017:1712",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1712"
},
{
"name": "RHSA-2017:1487",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1487"
},
{
"name": "RHSA-2017:1484",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1484"
},
{
"name": "RHSA-2017:1842",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1842"
},
{
"name": "RHSA-2017:1485",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1485"
},
{
"name": "RHSA-2017:1488",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1488"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-1000379",
"REQUESTER": "qsa@qualys.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing attackers to more easily manipulate the stack. Linux Kernel version 4.11.5 is affected."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:1491",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1491"
},
{
"name": "RHSA-2017:1486",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1486"
},
{
"name": "RHSA-2017:1489",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1489"
},
{
"name": "RHSA-2017:1490",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1490"
},
{
"name": "https://access.redhat.com/security/cve/CVE-2017-1000379",
"refsource": "CONFIRM",
"url": "https://access.redhat.com/security/cve/CVE-2017-1000379"
},
{
"name": "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt",
"refsource": "MISC",
"url": "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt"
},
{
"name": "RHSA-2017:1482",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1482"
},
{
"name": "RHSA-2017:1647",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1647"
},
{
"name": "99284",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99284"
},
{
"name": "42275",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/42275/"
},
{
"name": "RHSA-2017:1616",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1616"
},
{
"name": "RHSA-2017:1712",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1712"
},
{
"name": "RHSA-2017:1487",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1487"
},
{
"name": "RHSA-2017:1484",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1484"
},
{
"name": "RHSA-2017:1842",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1842"
},
{
"name": "RHSA-2017:1485",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1485"
},
{
"name": "RHSA-2017:1488",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1488"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-1000379",
"datePublished": "2017-06-19T16:00:00.000Z",
"dateReserved": "2017-06-13T00:00:00.000Z",
"dateUpdated": "2024-08-05T22:00:40.913Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11610 (GCVE-0-2017-11610)
Vulnerability from cvelistv5 – Published: 2017-08-23 14:00 – Updated: 2024-08-05 18:12
VLAI
EPSS
Summary
The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows remote authenticated users to execute arbitrary commands via a crafted XML-RPC request, related to nested supervisord namespace lookups.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
12 references
| URL | Tags |
|---|---|
| https://access.redhat.com/errata/RHSA-2017:3005 | vendor-advisoryx_refsource_REDHAT |
| https://github.com/Supervisor/supervisor/blob/3.3… | x_refsource_CONFIRM |
| https://github.com/Supervisor/supervisor/blob/3.0… | x_refsource_CONFIRM |
| https://github.com/Supervisor/supervisor/blob/3.2… | x_refsource_CONFIRM |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| https://github.com/Supervisor/supervisor/blob/3.1… | x_refsource_CONFIRM |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| http://www.debian.org/security/2017/dsa-3942 | vendor-advisoryx_refsource_DEBIAN |
| https://github.com/Supervisor/supervisor/issues/964 | x_refsource_CONFIRM |
| https://www.exploit-db.com/exploits/42779/ | exploitx_refsource_EXPLOIT-DB |
| https://security.gentoo.org/glsa/201709-06 | vendor-advisoryx_refsource_GENTOO |
Date Public
2017-07-24 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:12:40.456Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:3005",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3005"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Supervisor/supervisor/blob/3.3.3/CHANGES.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Supervisor/supervisor/blob/3.0.1/CHANGES.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Supervisor/supervisor/blob/3.2.4/CHANGES.txt"
},
{
"name": "FEDORA-2017-307eab89e1",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4GMSCGMM477N64Z3BM34RWYBGSLK466B/"
},
{
"name": "FEDORA-2017-85eb9f7a36",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DTPDZV4ZRICDYAYZVUHSYZAYDLRMG2IM/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Supervisor/supervisor/blob/3.1.4/CHANGES.txt"
},
{
"name": "FEDORA-2017-713430fb15",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JXGWOJNSWWK2TTWQJZJUP66FLFIWDMBQ/"
},
{
"name": "DSA-3942",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3942"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Supervisor/supervisor/issues/964"
},
{
"name": "42779",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/42779/"
},
{
"name": "GLSA-201709-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201709-06"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-07-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows remote authenticated users to execute arbitrary commands via a crafted XML-RPC request, related to nested supervisord namespace lookups."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-01T21:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2017:3005",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3005"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Supervisor/supervisor/blob/3.3.3/CHANGES.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Supervisor/supervisor/blob/3.0.1/CHANGES.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Supervisor/supervisor/blob/3.2.4/CHANGES.txt"
},
{
"name": "FEDORA-2017-307eab89e1",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4GMSCGMM477N64Z3BM34RWYBGSLK466B/"
},
{
"name": "FEDORA-2017-85eb9f7a36",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DTPDZV4ZRICDYAYZVUHSYZAYDLRMG2IM/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Supervisor/supervisor/blob/3.1.4/CHANGES.txt"
},
{
"name": "FEDORA-2017-713430fb15",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JXGWOJNSWWK2TTWQJZJUP66FLFIWDMBQ/"
},
{
"name": "DSA-3942",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3942"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Supervisor/supervisor/issues/964"
},
{
"name": "42779",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/42779/"
},
{
"name": "GLSA-201709-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201709-06"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-11610",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows remote authenticated users to execute arbitrary commands via a crafted XML-RPC request, related to nested supervisord namespace lookups."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:3005",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3005"
},
{
"name": "https://github.com/Supervisor/supervisor/blob/3.3.3/CHANGES.txt",
"refsource": "CONFIRM",
"url": "https://github.com/Supervisor/supervisor/blob/3.3.3/CHANGES.txt"
},
{
"name": "https://github.com/Supervisor/supervisor/blob/3.0.1/CHANGES.txt",
"refsource": "CONFIRM",
"url": "https://github.com/Supervisor/supervisor/blob/3.0.1/CHANGES.txt"
},
{
"name": "https://github.com/Supervisor/supervisor/blob/3.2.4/CHANGES.txt",
"refsource": "CONFIRM",
"url": "https://github.com/Supervisor/supervisor/blob/3.2.4/CHANGES.txt"
},
{
"name": "FEDORA-2017-307eab89e1",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4GMSCGMM477N64Z3BM34RWYBGSLK466B/"
},
{
"name": "FEDORA-2017-85eb9f7a36",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DTPDZV4ZRICDYAYZVUHSYZAYDLRMG2IM/"
},
{
"name": "https://github.com/Supervisor/supervisor/blob/3.1.4/CHANGES.txt",
"refsource": "CONFIRM",
"url": "https://github.com/Supervisor/supervisor/blob/3.1.4/CHANGES.txt"
},
{
"name": "FEDORA-2017-713430fb15",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXGWOJNSWWK2TTWQJZJUP66FLFIWDMBQ/"
},
{
"name": "DSA-3942",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3942"
},
{
"name": "https://github.com/Supervisor/supervisor/issues/964",
"refsource": "CONFIRM",
"url": "https://github.com/Supervisor/supervisor/issues/964"
},
{
"name": "42779",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/42779/"
},
{
"name": "GLSA-201709-06",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201709-06"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-11610",
"datePublished": "2017-08-23T14:00:00.000Z",
"dateReserved": "2017-07-24T00:00:00.000Z",
"dateUpdated": "2024-08-05T18:12:40.456Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-13672 (GCVE-0-2017-13672)
Vulnerability from cvelistv5 – Published: 2017-09-01 13:00 – Updated: 2024-08-05 19:05
VLAI
EPSS
Summary
QEMU (aka Quick Emulator), when built with the VGA display emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors involving display update.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
11 references
| URL | Tags |
|---|---|
| https://access.redhat.com/errata/RHSA-2018:2162 | vendor-advisoryx_refsource_REDHAT |
| https://lists.gnu.org/archive/html/qemu-devel/201… | mailing-listx_refsource_MLIST |
| https://access.redhat.com/errata/RHSA-2018:0816 | vendor-advisoryx_refsource_REDHAT |
| http://www.debian.org/security/2017/dsa-3991 | vendor-advisoryx_refsource_DEBIAN |
| https://access.redhat.com/errata/RHSA-2018:1104 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2018:1113 | vendor-advisoryx_refsource_REDHAT |
| https://usn.ubuntu.com/3575-1/ | vendor-advisoryx_refsource_UBUNTU |
| https://bugzilla.redhat.com/show_bug.cgi?id=1486560 | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/100540 | vdb-entryx_refsource_BID |
| http://www.openwall.com/lists/oss-security/2017/08/30/3 | mailing-listx_refsource_MLIST |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
Date Public
2017-08-24 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:05:19.177Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2018:2162",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2162"
},
{
"name": "[qemu-devel] 20170824 [PATCH] vga: stop passing pointers to vga_draw_line* functions",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.gnu.org/archive/html/qemu-devel/2017-08/msg04684.html"
},
{
"name": "RHSA-2018:0816",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0816"
},
{
"name": "DSA-3991",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3991"
},
{
"name": "RHSA-2018:1104",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1104"
},
{
"name": "RHSA-2018:1113",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1113"
},
{
"name": "USN-3575-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3575-1/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1486560"
},
{
"name": "100540",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100540"
},
{
"name": "[oss-security] 20170830 CVE-2017-13672 Qemu: vga: OOB read access during display update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2017/08/30/3"
},
{
"name": "openSUSE-SU-2019:1074",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-08-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "QEMU (aka Quick Emulator), when built with the VGA display emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors involving display update."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-29T00:06:05.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2018:2162",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2162"
},
{
"name": "[qemu-devel] 20170824 [PATCH] vga: stop passing pointers to vga_draw_line* functions",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.gnu.org/archive/html/qemu-devel/2017-08/msg04684.html"
},
{
"name": "RHSA-2018:0816",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0816"
},
{
"name": "DSA-3991",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3991"
},
{
"name": "RHSA-2018:1104",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1104"
},
{
"name": "RHSA-2018:1113",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1113"
},
{
"name": "USN-3575-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3575-1/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1486560"
},
{
"name": "100540",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100540"
},
{
"name": "[oss-security] 20170830 CVE-2017-13672 Qemu: vga: OOB read access during display update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2017/08/30/3"
},
{
"name": "openSUSE-SU-2019:1074",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-13672",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "QEMU (aka Quick Emulator), when built with the VGA display emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors involving display update."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2018:2162",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2162"
},
{
"name": "[qemu-devel] 20170824 [PATCH] vga: stop passing pointers to vga_draw_line* functions",
"refsource": "MLIST",
"url": "https://lists.gnu.org/archive/html/qemu-devel/2017-08/msg04684.html"
},
{
"name": "RHSA-2018:0816",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0816"
},
{
"name": "DSA-3991",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3991"
},
{
"name": "RHSA-2018:1104",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1104"
},
{
"name": "RHSA-2018:1113",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1113"
},
{
"name": "USN-3575-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3575-1/"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1486560",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1486560"
},
{
"name": "100540",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100540"
},
{
"name": "[oss-security] 20170830 CVE-2017-13672 Qemu: vga: OOB read access during display update",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/08/30/3"
},
{
"name": "openSUSE-SU-2019:1074",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-13672",
"datePublished": "2017-09-01T13:00:00.000Z",
"dateReserved": "2017-08-24T00:00:00.000Z",
"dateUpdated": "2024-08-05T19:05:19.177Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-15265 (GCVE-0-2017-15265)
Vulnerability from cvelistv5 – Published: 2017-10-16 18:00 – Updated: 2024-08-05 19:50
VLAI
EPSS
Summary
Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq_ports.c.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
22 references
| URL | Tags |
|---|---|
| http://www.openwall.com/lists/oss-security/2017/10/11/3 | mailing-listx_refsource_MLIST |
| http://www.securityfocus.com/bid/101288 | vdb-entryx_refsource_BID |
| https://lists.debian.org/debian-lts-announce/2017… | mailing-listx_refsource_MLIST |
| https://access.redhat.com/errata/RHSA-2018:2390 | vendor-advisoryx_refsource_REDHAT |
| http://www.securitytracker.com/id/1039561 | vdb-entryx_refsource_SECTRACK |
| https://access.redhat.com/errata/RHSA-2018:1062 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2018:3823 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2018:0676 | vendor-advisoryx_refsource_REDHAT |
| http://mailman.alsa-project.org/pipermail/alsa-de… | mailing-listx_refsource_MLIST |
| https://access.redhat.com/errata/RHSA-2018:1170 | vendor-advisoryx_refsource_REDHAT |
| https://usn.ubuntu.com/3698-1/ | vendor-advisoryx_refsource_UBUNTU |
| https://access.redhat.com/errata/RHSA-2018:1130 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2018:3822 | vendor-advisoryx_refsource_REDHAT |
| https://usn.ubuntu.com/3698-2/ | vendor-advisoryx_refsource_UBUNTU |
| https://www.oracle.com/security-alerts/cpujul2020.html | x_refsource_MISC |
| https://www.oracle.com/technetwork/security-advis… | x_refsource_MISC |
| https://help.ecostruxureit.com/display/public/UAD… | x_refsource_CONFIRM |
| https://github.com/torvalds/linux/commit/71105998… | x_refsource_CONFIRM |
| http://git.kernel.org/cgit/linux/kernel/git/torva… | x_refsource_CONFIRM |
| http://www.kernel.org/pub/linux/kernel/v4.x/Chang… | x_refsource_CONFIRM |
| https://bugzilla.suse.com/show_bug.cgi?id=1062520 | x_refsource_CONFIRM |
| https://source.android.com/security/bulletin/2018-02-01 | x_refsource_CONFIRM |
Date Public
2017-10-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:50:16.603Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20171011 Linux kernel: alsa: use-after-free in /dev/snd/seq CVE-2017-15265",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2017/10/11/3"
},
{
"name": "101288",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101288"
},
{
"name": "[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html"
},
{
"name": "RHSA-2018:2390",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2390"
},
{
"name": "1039561",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039561"
},
{
"name": "RHSA-2018:1062",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1062"
},
{
"name": "RHSA-2018:3823",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3823"
},
{
"name": "RHSA-2018:0676",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0676"
},
{
"name": "[alsa-devel] 20171011 [PATCH] ALSA: seq: Fix use-after-free at creating a port",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://mailman.alsa-project.org/pipermail/alsa-devel/2017-October/126292.html"
},
{
"name": "RHSA-2018:1170",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1170"
},
{
"name": "USN-3698-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3698-1/"
},
{
"name": "RHSA-2018:1130",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1130"
},
{
"name": "RHSA-2018:3822",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3822"
},
{
"name": "USN-3698-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3698-2/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/71105998845fb012937332fe2e806d443c09e026"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=71105998845fb012937332fe2e806d443c09e026"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.8"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1062520"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2018-02-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-10-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq_ports.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-15T02:22:55.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20171011 Linux kernel: alsa: use-after-free in /dev/snd/seq CVE-2017-15265",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2017/10/11/3"
},
{
"name": "101288",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101288"
},
{
"name": "[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html"
},
{
"name": "RHSA-2018:2390",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2390"
},
{
"name": "1039561",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039561"
},
{
"name": "RHSA-2018:1062",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1062"
},
{
"name": "RHSA-2018:3823",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3823"
},
{
"name": "RHSA-2018:0676",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0676"
},
{
"name": "[alsa-devel] 20171011 [PATCH] ALSA: seq: Fix use-after-free at creating a port",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://mailman.alsa-project.org/pipermail/alsa-devel/2017-October/126292.html"
},
{
"name": "RHSA-2018:1170",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1170"
},
{
"name": "USN-3698-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3698-1/"
},
{
"name": "RHSA-2018:1130",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1130"
},
{
"name": "RHSA-2018:3822",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3822"
},
{
"name": "USN-3698-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3698-2/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/71105998845fb012937332fe2e806d443c09e026"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=71105998845fb012937332fe2e806d443c09e026"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.8"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1062520"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2018-02-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15265",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq_ports.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20171011 Linux kernel: alsa: use-after-free in /dev/snd/seq CVE-2017-15265",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/10/11/3"
},
{
"name": "101288",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101288"
},
{
"name": "[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html"
},
{
"name": "RHSA-2018:2390",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2390"
},
{
"name": "1039561",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039561"
},
{
"name": "RHSA-2018:1062",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1062"
},
{
"name": "RHSA-2018:3823",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3823"
},
{
"name": "RHSA-2018:0676",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0676"
},
{
"name": "[alsa-devel] 20171011 [PATCH] ALSA: seq: Fix use-after-free at creating a port",
"refsource": "MLIST",
"url": "http://mailman.alsa-project.org/pipermail/alsa-devel/2017-October/126292.html"
},
{
"name": "RHSA-2018:1170",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1170"
},
{
"name": "USN-3698-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3698-1/"
},
{
"name": "RHSA-2018:1130",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1130"
},
{
"name": "RHSA-2018:3822",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3822"
},
{
"name": "USN-3698-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3698-2/"
},
{
"name": "https://www.oracle.com/security-alerts/cpujul2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
"refsource": "MISC",
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
"refsource": "CONFIRM",
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "https://github.com/torvalds/linux/commit/71105998845fb012937332fe2e806d443c09e026",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/71105998845fb012937332fe2e806d443c09e026"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=71105998845fb012937332fe2e806d443c09e026",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=71105998845fb012937332fe2e806d443c09e026"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.8",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.8"
},
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1062520",
"refsource": "CONFIRM",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1062520"
},
{
"name": "https://source.android.com/security/bulletin/2018-02-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2018-02-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15265",
"datePublished": "2017-10-16T18:00:00.000Z",
"dateReserved": "2017-10-11T00:00:00.000Z",
"dateUpdated": "2024-08-05T19:50:16.603Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-18258 (GCVE-0-2017-18258)
Vulnerability from cvelistv5 – Published: 2018-04-08 17:00 – Updated: 2024-08-05 21:13
VLAI
EPSS
Summary
The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://lists.debian.org/debian-lts-announce/2018… | mailing-listx_refsource_MLIST |
| https://usn.ubuntu.com/3739-1/ | vendor-advisoryx_refsource_UBUNTU |
| https://git.gnome.org/browse/libxml2/commit/?id=e… | x_refsource_MISC |
| https://kc.mcafee.com/corporate/index?page=conten… | x_refsource_CONFIRM |
| https://security.netapp.com/advisory/ntap-2019071… | x_refsource_CONFIRM |
| https://lists.debian.org/debian-lts-announce/2020… | mailing-listx_refsource_MLIST |
Date Public
2018-04-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:13:49.300Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[debian-lts-announce] 20180927 [SECURITY] [DLA 1524-1] libxml2 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00035.html"
},
{
"name": "USN-3739-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3739-1/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.gnome.org/browse/libxml2/commit/?id=e2a9122b8dde53d320750451e9907a7dcb2ca8bb"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10284"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20190719-0001/"
},
{
"name": "[debian-lts-announce] 20200909 [SECURITY] [DLA 2369-1] libxml2 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-04-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-10T00:06:22.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[debian-lts-announce] 20180927 [SECURITY] [DLA 1524-1] libxml2 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00035.html"
},
{
"name": "USN-3739-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3739-1/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.gnome.org/browse/libxml2/commit/?id=e2a9122b8dde53d320750451e9907a7dcb2ca8bb"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10284"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20190719-0001/"
},
{
"name": "[debian-lts-announce] 20200909 [SECURITY] [DLA 2369-1] libxml2 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18258",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[debian-lts-announce] 20180927 [SECURITY] [DLA 1524-1] libxml2 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00035.html"
},
{
"name": "USN-3739-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3739-1/"
},
{
"name": "https://git.gnome.org/browse/libxml2/commit/?id=e2a9122b8dde53d320750451e9907a7dcb2ca8bb",
"refsource": "MISC",
"url": "https://git.gnome.org/browse/libxml2/commit/?id=e2a9122b8dde53d320750451e9907a7dcb2ca8bb"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10284",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10284"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190719-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190719-0001/"
},
{
"name": "[debian-lts-announce] 20200909 [SECURITY] [DLA 2369-1] libxml2 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-18258",
"datePublished": "2018-04-08T17:00:00.000Z",
"dateReserved": "2018-04-08T00:00:00.000Z",
"dateUpdated": "2024-08-05T21:13:49.300Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2619 (GCVE-0-2017-2619)
Vulnerability from cvelistv5 – Published: 2018-03-12 15:00 – Updated: 2024-09-17 00:45
VLAI
EPSS
Summary
Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition.
Severity
No CVSS data available.
CWE
Assigner
References
11 references
| URL | Tags |
|---|---|
| https://access.redhat.com/errata/RHSA-2017:2778 | vendor-advisoryx_refsource_REDHAT |
| https://www.debian.org/security/2017/dsa-3816 | vendor-advisoryx_refsource_DEBIAN |
| http://www.securityfocus.com/bid/97033 | vdb-entryx_refsource_BID |
| https://www.exploit-db.com/exploits/41740/ | exploitx_refsource_EXPLOIT-DB |
| http://www.securitytracker.com/id/1038117 | vdb-entryx_refsource_SECTRACK |
| https://access.redhat.com/errata/RHSA-2017:2338 | vendor-advisoryx_refsource_REDHAT |
| https://www.samba.org/samba/security/CVE-2017-2619.html | x_refsource_CONFIRM |
| https://bugzilla.redhat.com/show_bug.cgi?id=1429472 | x_refsource_CONFIRM |
| https://access.redhat.com/errata/RHSA-2017:1265 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2017:2789 | vendor-advisoryx_refsource_REDHAT |
| https://h20566.www2.hpe.com/hpsc/doc/public/displ… | x_refsource_CONFIRM |
Impacted products
Date Public
2017-03-27 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:02:07.264Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:2778",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2778"
},
{
"name": "DSA-3816",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2017/dsa-3816"
},
{
"name": "97033",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97033"
},
{
"name": "41740",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/41740/"
},
{
"name": "1038117",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038117"
},
{
"name": "RHSA-2017:2338",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2338"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.samba.org/samba/security/CVE-2017-2619.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429472"
},
{
"name": "RHSA-2017:1265",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1265"
},
{
"name": "RHSA-2017:2789",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2789"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbns03755en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "samba",
"vendor": "Samba",
"versions": [
{
"status": "affected",
"version": "4.6.1"
},
{
"status": "affected",
"version": "4.5.7"
},
{
"status": "affected",
"version": "4.4.11"
}
]
}
],
"datePublic": "2017-03-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-362",
"description": "CWE-362",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-13T09:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2017:2778",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2778"
},
{
"name": "DSA-3816",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2017/dsa-3816"
},
{
"name": "97033",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97033"
},
{
"name": "41740",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/41740/"
},
{
"name": "1038117",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038117"
},
{
"name": "RHSA-2017:2338",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2338"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.samba.org/samba/security/CVE-2017-2619.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429472"
},
{
"name": "RHSA-2017:1265",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1265"
},
{
"name": "RHSA-2017:2789",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2789"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbns03755en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"DATE_PUBLIC": "2017-03-27T00:00:00",
"ID": "CVE-2017-2619",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "samba",
"version": {
"version_data": [
{
"version_value": "4.6.1"
},
{
"version_value": "4.5.7"
},
{
"version_value": "4.4.11"
}
]
}
}
]
},
"vendor_name": "Samba"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-362"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:2778",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2778"
},
{
"name": "DSA-3816",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2017/dsa-3816"
},
{
"name": "97033",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97033"
},
{
"name": "41740",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/41740/"
},
{
"name": "1038117",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038117"
},
{
"name": "RHSA-2017:2338",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2338"
},
{
"name": "https://www.samba.org/samba/security/CVE-2017-2619.html",
"refsource": "CONFIRM",
"url": "https://www.samba.org/samba/security/CVE-2017-2619.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1429472",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429472"
},
{
"name": "RHSA-2017:1265",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1265"
},
{
"name": "RHSA-2017:2789",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2789"
},
{
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbns03755en_us",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbns03755en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2017-2619",
"datePublished": "2018-03-12T15:00:00.000Z",
"dateReserved": "2016-12-01T00:00:00.000Z",
"dateUpdated": "2024-09-17T00:45:45.569Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3136 (GCVE-0-2017-3136)
Vulnerability from cvelistv5 – Published: 2019-01-16 20:00 – Updated: 2024-09-17 00:51
VLAI
EPSS
Title
An error handling synthesized records could cause an assertion failure when using DNS64 with "break-dnssec yes;"
Summary
A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use the DNS64 feature and other preconditions were met. Affects BIND 9.8.0 -> 9.8.8-P1, 9.9.0 -> 9.9.9-P6, 9.9.10b1->9.9.10rc1, 9.10.0 -> 9.10.4-P6, 9.10.5b1->9.10.5rc1, 9.11.0 -> 9.11.0-P3, 9.11.1b1->9.11.1rc1, 9.9.3-S1 -> 9.9.9-S8.
Severity
5.9 (Medium)
CWE
- Servers are at risk if they are configured to use DNS64 and if the option "break-dnssec yes;" is in use.
Assigner
References
11 references
| URL | Tags |
|---|---|
| https://access.redhat.com/errata/RHSA-2017:1095 | vendor-advisoryx_refsource_REDHAT |
| https://security.gentoo.org/glsa/201708-01 | vendor-advisoryx_refsource_GENTOO |
| https://security.netapp.com/advisory/ntap-2018080… | x_refsource_CONFIRM |
| https://h20566.www2.hpe.com/hpsc/doc/public/displ… | x_refsource_CONFIRM |
| https://www.debian.org/security/2017/dsa-3854 | vendor-advisoryx_refsource_DEBIAN |
| http://www.securitytracker.com/id/1038259 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/bid/97653 | vdb-entryx_refsource_BID |
| https://access.redhat.com/errata/RHSA-2017:1105 | vendor-advisoryx_refsource_REDHAT |
| https://kb.isc.org/docs/aa-01465 | x_refsource_CONFIRM |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
Impacted products
Date Public
2017-03-12 00:00
Credits
ISC would like to thank Oleg Gorokhov of Yandex for making us aware of this vulnerability.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:28.169Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:1095",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1095"
},
{
"name": "GLSA-201708-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180802-0002/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03747en_us"
},
{
"name": "DSA-3854",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2017/dsa-3854"
},
{
"name": "1038259",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038259"
},
{
"name": "97653",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97653"
},
{
"name": "RHSA-2017:1105",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1105"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.isc.org/docs/aa-01465"
},
{
"name": "openSUSE-SU-2020:1699",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"
},
{
"name": "openSUSE-SU-2020:1701",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIND 9",
"vendor": "ISC",
"versions": [
{
"status": "affected",
"version": "9.8.0 -\u003e 9.8.8-P1, 9.9.0 -\u003e 9.9.9-P6, 9.9.10b1-\u003e9.9.10rc1, 9.10.0 -\u003e 9.10.4-P6, 9.10.5b1-\u003e9.10.5rc1, 9.11.0 -\u003e 9.11.0-P3, 9.11.1b1-\u003e9.11.1rc1, 9.9.3-S1 -\u003e 9.9.9-S8"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "ISC would like to thank Oleg Gorokhov of Yandex for making us aware of this vulnerability."
}
],
"datePublic": "2017-03-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use the DNS64 feature and other preconditions were met. Affects BIND 9.8.0 -\u003e 9.8.8-P1, 9.9.0 -\u003e 9.9.9-P6, 9.9.10b1-\u003e9.9.10rc1, 9.10.0 -\u003e 9.10.4-P6, 9.10.5b1-\u003e9.10.5rc1, 9.11.0 -\u003e 9.11.0-P3, 9.11.1b1-\u003e9.11.1rc1, 9.9.3-S1 -\u003e 9.9.9-S8."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Servers are at risk if they are configured to use DNS64 and if the option \"break-dnssec yes;\" is in use.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-20T11:06:37.000Z",
"orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"shortName": "isc"
},
"references": [
{
"name": "RHSA-2017:1095",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1095"
},
{
"name": "GLSA-201708-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180802-0002/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03747en_us"
},
{
"name": "DSA-3854",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2017/dsa-3854"
},
{
"name": "1038259",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038259"
},
{
"name": "97653",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97653"
},
{
"name": "RHSA-2017:1105",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1105"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.isc.org/docs/aa-01465"
},
{
"name": "openSUSE-SU-2020:1699",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"
},
{
"name": "openSUSE-SU-2020:1701",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND. These can all be downloaded from http://www.isc.org/downloads.\n\n BIND 9 version 9.9.9-P8\n BIND 9 version 9.10.4-P8\n BIND 9 version 9.11.0-P5\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9 version 9.9.9-S10\n\nNew maintenance releases of BIND are also scheduled which contain the fix for this vulnerability. In addition to the security releases listed above, fixes for this vulnerability are also included in these release candidate versions:\n\n BIND 9 version 9.9.10rc3\n BIND 9 version 9.10.5rc3\n BIND 9 version 9.11.1rc3"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "An error handling synthesized records could cause an assertion failure when using DNS64 with \"break-dnssec yes;\"",
"workarounds": [
{
"lang": "en",
"value": "Servers which have configurations which require DNS64 and \"break-dnssec yes;\" should upgrade. Servers which are not using these features in conjunction are not at risk from this defect."
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-officer@isc.org",
"DATE_PUBLIC": "2017-03-12T00:00:00.000Z",
"ID": "CVE-2017-3136",
"STATE": "PUBLIC",
"TITLE": "An error handling synthesized records could cause an assertion failure when using DNS64 with \"break-dnssec yes;\""
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIND 9",
"version": {
"version_data": [
{
"version_value": "9.8.0 -\u003e 9.8.8-P1, 9.9.0 -\u003e 9.9.9-P6, 9.9.10b1-\u003e9.9.10rc1, 9.10.0 -\u003e 9.10.4-P6, 9.10.5b1-\u003e9.10.5rc1, 9.11.0 -\u003e 9.11.0-P3, 9.11.1b1-\u003e9.11.1rc1, 9.9.3-S1 -\u003e 9.9.9-S8"
}
]
}
}
]
},
"vendor_name": "ISC"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "ISC would like to thank Oleg Gorokhov of Yandex for making us aware of this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use the DNS64 feature and other preconditions were met. Affects BIND 9.8.0 -\u003e 9.8.8-P1, 9.9.0 -\u003e 9.9.9-P6, 9.9.10b1-\u003e9.9.10rc1, 9.10.0 -\u003e 9.10.4-P6, 9.10.5b1-\u003e9.10.5rc1, 9.11.0 -\u003e 9.11.0-P3, 9.11.1b1-\u003e9.11.1rc1, 9.9.3-S1 -\u003e 9.9.9-S8."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Servers are at risk if they are configured to use DNS64 and if the option \"break-dnssec yes;\" is in use."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:1095",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1095"
},
{
"name": "GLSA-201708-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180802-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180802-0002/"
},
{
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03747en_us",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03747en_us"
},
{
"name": "DSA-3854",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2017/dsa-3854"
},
{
"name": "1038259",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038259"
},
{
"name": "97653",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97653"
},
{
"name": "RHSA-2017:1105",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1105"
},
{
"name": "https://kb.isc.org/docs/aa-01465",
"refsource": "CONFIRM",
"url": "https://kb.isc.org/docs/aa-01465"
},
{
"name": "openSUSE-SU-2020:1699",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"
},
{
"name": "openSUSE-SU-2020:1701",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND. These can all be downloaded from http://www.isc.org/downloads.\n\n BIND 9 version 9.9.9-P8\n BIND 9 version 9.10.4-P8\n BIND 9 version 9.11.0-P5\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9 version 9.9.9-S10\n\nNew maintenance releases of BIND are also scheduled which contain the fix for this vulnerability. In addition to the security releases listed above, fixes for this vulnerability are also included in these release candidate versions:\n\n BIND 9 version 9.9.10rc3\n BIND 9 version 9.10.5rc3\n BIND 9 version 9.11.1rc3"
}
],
"source": {
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "Servers which have configurations which require DNS64 and \"break-dnssec yes;\" should upgrade. Servers which are not using these features in conjunction are not at risk from this defect."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"assignerShortName": "isc",
"cveId": "CVE-2017-3136",
"datePublished": "2019-01-16T20:00:00.000Z",
"dateReserved": "2016-12-02T00:00:00.000Z",
"dateUpdated": "2024-09-17T00:51:35.181Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3137 (GCVE-0-2017-3137)
Vulnerability from cvelistv5 – Published: 2019-01-16 20:00 – Updated: 2024-09-17 01:02
VLAI
EPSS
Title
A response packet can cause a resolver to terminate when processing an answer containing a CNAME or DNAME
Summary
Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could lead to a situation in which named would exit with an assertion failure when processing a response in which records occurred in an unusual order. Affects BIND 9.9.9-P6, 9.9.10b1->9.9.10rc1, 9.10.4-P6, 9.10.5b1->9.10.5rc1, 9.11.0-P3, 9.11.1b1->9.11.1rc1, and 9.9.9-S8.
Severity
7.5 (High)
CWE
- A server which is performing recursion can be forced to exit with an assertion failure if it can be caused to receive a response containing CNAME or DNAME resource records with certain ordering. An attacker can cause a denial of service by exploiting this condition. Recursive resolvers are at highest risk but authoritative servers are theoretically vulnerable if they perform recursion.
Assigner
References
11 references
| URL | Tags |
|---|---|
| https://access.redhat.com/errata/RHSA-2017:1095 | vendor-advisoryx_refsource_REDHAT |
| https://security.gentoo.org/glsa/201708-01 | vendor-advisoryx_refsource_GENTOO |
| http://www.securitytracker.com/id/1038258 | vdb-entryx_refsource_SECTRACK |
| https://security.netapp.com/advisory/ntap-2018080… | x_refsource_CONFIRM |
| http://www.securitytracker.com/id/1040195 | vdb-entryx_refsource_SECTRACK |
| https://access.redhat.com/errata/RHSA-2017:1582 | vendor-advisoryx_refsource_REDHAT |
| https://www.debian.org/security/2017/dsa-3854 | vendor-advisoryx_refsource_DEBIAN |
| https://access.redhat.com/errata/RHSA-2017:1583 | vendor-advisoryx_refsource_REDHAT |
| http://www.securityfocus.com/bid/97651 | vdb-entryx_refsource_BID |
| https://access.redhat.com/errata/RHSA-2017:1105 | vendor-advisoryx_refsource_REDHAT |
| https://kb.isc.org/docs/aa-01466 | x_refsource_CONFIRM |
Impacted products
Date Public
2017-03-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:28.234Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:1095",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1095"
},
{
"name": "GLSA-201708-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"name": "1038258",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038258"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180802-0002/"
},
{
"name": "1040195",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040195"
},
{
"name": "RHSA-2017:1582",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1582"
},
{
"name": "DSA-3854",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2017/dsa-3854"
},
{
"name": "RHSA-2017:1583",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1583"
},
{
"name": "97651",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97651"
},
{
"name": "RHSA-2017:1105",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1105"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.isc.org/docs/aa-01466"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIND 9",
"vendor": "ISC",
"versions": [
{
"status": "affected",
"version": "9.9.9-P6, 9.9.10b1-\u003e9.9.10rc1, 9.10.4-P6, 9.10.5b1-\u003e9.10.5rc1, 9.11.0-P3, 9.11.1b1-\u003e9.11.1rc1, and 9.9.9-S8"
}
]
}
],
"datePublic": "2017-03-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could lead to a situation in which named would exit with an assertion failure when processing a response in which records occurred in an unusual order. Affects BIND 9.9.9-P6, 9.9.10b1-\u003e9.9.10rc1, 9.10.4-P6, 9.10.5b1-\u003e9.10.5rc1, 9.11.0-P3, 9.11.1b1-\u003e9.11.1rc1, and 9.9.9-S8."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A server which is performing recursion can be forced to exit with an assertion failure if it can be caused to receive a response containing CNAME or DNAME resource records with certain ordering. An attacker can cause a denial of service by exploiting this condition. Recursive resolvers are at highest risk but authoritative servers are theoretically vulnerable if they perform recursion.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-17T10:57:01.000Z",
"orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"shortName": "isc"
},
"references": [
{
"name": "RHSA-2017:1095",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1095"
},
{
"name": "GLSA-201708-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"name": "1038258",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038258"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180802-0002/"
},
{
"name": "1040195",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040195"
},
{
"name": "RHSA-2017:1582",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1582"
},
{
"name": "DSA-3854",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2017/dsa-3854"
},
{
"name": "RHSA-2017:1583",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1583"
},
{
"name": "97651",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97651"
},
{
"name": "RHSA-2017:1105",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1105"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.isc.org/docs/aa-01466"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND. These can all be downloaded from http://www.isc.org/downloads.\n\n BIND 9 version 9.9.9-P8\n BIND 9 version 9.10.4-P8\n BIND 9 version 9.11.0-P5\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9 version 9.9.9-S10\n\nNew maintenance releases of BIND are also scheduled which contain the fix for this vulnerability. In addition to the security releases listed above, fixes for this vulnerability are also included in these release candidate versions:\n\n BIND 9 version 9.9.10rc3\n BIND 9 version 9.10.5rc3\n BIND 9 version 9.11.1rc3"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "A response packet can cause a resolver to terminate when processing an answer containing a CNAME or DNAME",
"workarounds": [
{
"lang": "en",
"value": "None known."
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-officer@isc.org",
"DATE_PUBLIC": "2017-03-12T00:00:00.000Z",
"ID": "CVE-2017-3137",
"STATE": "PUBLIC",
"TITLE": "A response packet can cause a resolver to terminate when processing an answer containing a CNAME or DNAME"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIND 9",
"version": {
"version_data": [
{
"version_value": "9.9.9-P6, 9.9.10b1-\u003e9.9.10rc1, 9.10.4-P6, 9.10.5b1-\u003e9.10.5rc1, 9.11.0-P3, 9.11.1b1-\u003e9.11.1rc1, and 9.9.9-S8"
}
]
}
}
]
},
"vendor_name": "ISC"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could lead to a situation in which named would exit with an assertion failure when processing a response in which records occurred in an unusual order. Affects BIND 9.9.9-P6, 9.9.10b1-\u003e9.9.10rc1, 9.10.4-P6, 9.10.5b1-\u003e9.10.5rc1, 9.11.0-P3, 9.11.1b1-\u003e9.11.1rc1, and 9.9.9-S8."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A server which is performing recursion can be forced to exit with an assertion failure if it can be caused to receive a response containing CNAME or DNAME resource records with certain ordering. An attacker can cause a denial of service by exploiting this condition. Recursive resolvers are at highest risk but authoritative servers are theoretically vulnerable if they perform recursion."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:1095",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1095"
},
{
"name": "GLSA-201708-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"name": "1038258",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038258"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180802-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180802-0002/"
},
{
"name": "1040195",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040195"
},
{
"name": "RHSA-2017:1582",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1582"
},
{
"name": "DSA-3854",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2017/dsa-3854"
},
{
"name": "RHSA-2017:1583",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1583"
},
{
"name": "97651",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97651"
},
{
"name": "RHSA-2017:1105",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1105"
},
{
"name": "https://kb.isc.org/docs/aa-01466",
"refsource": "CONFIRM",
"url": "https://kb.isc.org/docs/aa-01466"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND. These can all be downloaded from http://www.isc.org/downloads.\n\n BIND 9 version 9.9.9-P8\n BIND 9 version 9.10.4-P8\n BIND 9 version 9.11.0-P5\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9 version 9.9.9-S10\n\nNew maintenance releases of BIND are also scheduled which contain the fix for this vulnerability. In addition to the security releases listed above, fixes for this vulnerability are also included in these release candidate versions:\n\n BIND 9 version 9.9.10rc3\n BIND 9 version 9.10.5rc3\n BIND 9 version 9.11.1rc3"
}
],
"source": {
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "None known."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"assignerShortName": "isc",
"cveId": "CVE-2017-3137",
"datePublished": "2019-01-16T20:00:00.000Z",
"dateReserved": "2016-12-02T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:02:07.037Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3142 (GCVE-0-2017-3142)
Vulnerability from cvelistv5 – Published: 2019-01-16 20:00 – Updated: 2024-09-16 17:08
VLAI
EPSS
Title
An error in TSIG authentication can permit unauthorized zone transfers
Summary
An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name may be able to circumvent TSIG authentication of AXFR requests via a carefully constructed request packet. A server that relies solely on TSIG keys for protection with no other ACL protection could be manipulated into: providing an AXFR of a zone to an unauthorized recipient or accepting bogus NOTIFY packets. Affects BIND 9.4.0->9.8.8, 9.9.0->9.9.10-P1, 9.10.0->9.10.5-P1, 9.11.0->9.11.1-P1, 9.9.3-S1->9.9.10-S2, 9.10.5-S1->9.10.5-S2.
Severity
5.3 (Medium)
CWE
- An unauthorized AXFR (full zone transfer) permits an attacker to view the entire contents of a zone. Protection of zone contents is often a commercial or business requirement. If accepted, a NOTIFY sets the zone refresh interval to 'now'. If there is not already a refresh cycle in progress then named will initiate one by asking for the SOA RR from its list of masters. If there is already a refresh cycle in progress, then named will queue the new refresh request. If there is already a queued refresh request, the new NOTIFY will be discarded. Bogus notifications can't be used to force a zone transfer from a malicious server, but could trigger a high rate of zone refresh cycles.
Assigner
References
8 references
| URL | Tags |
|---|---|
| https://access.redhat.com/errata/RHSA-2017:1680 | vendor-advisoryx_refsource_REDHAT |
| https://h20566.www2.hpe.com/hpsc/doc/public/displ… | x_refsource_CONFIRM |
| https://access.redhat.com/errata/RHSA-2017:1679 | vendor-advisoryx_refsource_REDHAT |
| http://www.securityfocus.com/bid/99339 | vdb-entryx_refsource_BID |
| http://www.securitytracker.com/id/1038809 | vdb-entryx_refsource_SECTRACK |
| https://www.debian.org/security/2017/dsa-3904 | vendor-advisoryx_refsource_DEBIAN |
| https://kb.isc.org/docs/aa-01504 | x_refsource_CONFIRM |
| https://security.netapp.com/advisory/ntap-2019083… | x_refsource_CONFIRM |
Impacted products
Date Public
2017-06-29 00:00
Credits
ISC would like to thank Clément Berthaux from Synacktiv for reporting this issue.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:28.215Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:1680",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1680"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03772en_us"
},
{
"name": "RHSA-2017:1679",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1679"
},
{
"name": "99339",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99339"
},
{
"name": "1038809",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038809"
},
{
"name": "DSA-3904",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2017/dsa-3904"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.isc.org/docs/aa-01504"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20190830-0003/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIND 9",
"vendor": "ISC",
"versions": [
{
"status": "affected",
"version": "9.4.0-\u003e9.8.8, 9.9.0-\u003e9.9.10-P1, 9.10.0-\u003e9.10.5-P1, 9.11.0-\u003e9.11.1-P1, 9.9.3-S1-\u003e9.9.10-S2, 9.10.5-S1-\u003e9.10.5-S2"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "ISC would like to thank Cl\u00e9ment Berthaux from Synacktiv for reporting this issue."
}
],
"datePublic": "2017-06-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name may be able to circumvent TSIG authentication of AXFR requests via a carefully constructed request packet. A server that relies solely on TSIG keys for protection with no other ACL protection could be manipulated into: providing an AXFR of a zone to an unauthorized recipient or accepting bogus NOTIFY packets. Affects BIND 9.4.0-\u003e9.8.8, 9.9.0-\u003e9.9.10-P1, 9.10.0-\u003e9.10.5-P1, 9.11.0-\u003e9.11.1-P1, 9.9.3-S1-\u003e9.9.10-S2, 9.10.5-S1-\u003e9.10.5-S2."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "An unauthorized AXFR (full zone transfer) permits an attacker to view the entire contents of a zone. Protection of zone contents is often a commercial or business requirement. \nIf accepted, a NOTIFY sets the zone refresh interval to \u0027now\u0027. If there is not already a refresh cycle in progress then named will initiate one by asking for the SOA RR from its list of masters. If there is already a refresh cycle in progress, then named will queue the new refresh request. If there is already a queued refresh request, the new NOTIFY will be discarded. Bogus notifications can\u0027t be used to force a zone transfer from a malicious server, but could trigger a high rate of zone refresh cycles.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-30T16:06:09.000Z",
"orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"shortName": "isc"
},
"references": [
{
"name": "RHSA-2017:1680",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1680"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03772en_us"
},
{
"name": "RHSA-2017:1679",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1679"
},
{
"name": "99339",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99339"
},
{
"name": "1038809",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038809"
},
{
"name": "DSA-3904",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2017/dsa-3904"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.isc.org/docs/aa-01504"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20190830-0003/"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND. These can all be downloaded from http://www.isc.org/downloads.\n\n BIND 9 version 9.9.10-P2\n BIND 9 version 9.10.5-P2\n BIND 9 version 9.11.1-P2\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9 version 9.9.10-S3\n BIND 9 version 9.10.5-S3"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "An error in TSIG authentication can permit unauthorized zone transfers",
"workarounds": [
{
"lang": "en",
"value": "The effects of this vulnerability can be mitigated by using Access Control Lists (ACLs) that require both address range validation and use of TSIG authentication in conjunction. For information on how to configure this type of compound authentication control, please see: https://kb.isc.org/article/AA-00723/0/Using-Access-Control-Lists-ACLs-with-both-addresses-and-keys.html. (Note that this technique may not be effective against bogus NOTIFY packets if an attacker is able to reach the target DNS server whilst using a spoofed sending address)."
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-officer@isc.org",
"DATE_PUBLIC": "2017-06-29T00:00:00.000Z",
"ID": "CVE-2017-3142",
"STATE": "PUBLIC",
"TITLE": "An error in TSIG authentication can permit unauthorized zone transfers"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIND 9",
"version": {
"version_data": [
{
"version_value": "9.4.0-\u003e9.8.8, 9.9.0-\u003e9.9.10-P1, 9.10.0-\u003e9.10.5-P1, 9.11.0-\u003e9.11.1-P1, 9.9.3-S1-\u003e9.9.10-S2, 9.10.5-S1-\u003e9.10.5-S2"
}
]
}
}
]
},
"vendor_name": "ISC"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "ISC would like to thank Cl\u00e9ment Berthaux from Synacktiv for reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name may be able to circumvent TSIG authentication of AXFR requests via a carefully constructed request packet. A server that relies solely on TSIG keys for protection with no other ACL protection could be manipulated into: providing an AXFR of a zone to an unauthorized recipient or accepting bogus NOTIFY packets. Affects BIND 9.4.0-\u003e9.8.8, 9.9.0-\u003e9.9.10-P1, 9.10.0-\u003e9.10.5-P1, 9.11.0-\u003e9.11.1-P1, 9.9.3-S1-\u003e9.9.10-S2, 9.10.5-S1-\u003e9.10.5-S2."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An unauthorized AXFR (full zone transfer) permits an attacker to view the entire contents of a zone. Protection of zone contents is often a commercial or business requirement. \nIf accepted, a NOTIFY sets the zone refresh interval to \u0027now\u0027. If there is not already a refresh cycle in progress then named will initiate one by asking for the SOA RR from its list of masters. If there is already a refresh cycle in progress, then named will queue the new refresh request. If there is already a queued refresh request, the new NOTIFY will be discarded. Bogus notifications can\u0027t be used to force a zone transfer from a malicious server, but could trigger a high rate of zone refresh cycles."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:1680",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1680"
},
{
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03772en_us",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03772en_us"
},
{
"name": "RHSA-2017:1679",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1679"
},
{
"name": "99339",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99339"
},
{
"name": "1038809",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038809"
},
{
"name": "DSA-3904",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2017/dsa-3904"
},
{
"name": "https://kb.isc.org/docs/aa-01504",
"refsource": "CONFIRM",
"url": "https://kb.isc.org/docs/aa-01504"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190830-0003/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190830-0003/"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND. These can all be downloaded from http://www.isc.org/downloads.\n\n BIND 9 version 9.9.10-P2\n BIND 9 version 9.10.5-P2\n BIND 9 version 9.11.1-P2\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9 version 9.9.10-S3\n BIND 9 version 9.10.5-S3"
}
],
"source": {
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "The effects of this vulnerability can be mitigated by using Access Control Lists (ACLs) that require both address range validation and use of TSIG authentication in conjunction. For information on how to configure this type of compound authentication control, please see: https://kb.isc.org/article/AA-00723/0/Using-Access-Control-Lists-ACLs-with-both-addresses-and-keys.html. (Note that this technique may not be effective against bogus NOTIFY packets if an attacker is able to reach the target DNS server whilst using a spoofed sending address)."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"assignerShortName": "isc",
"cveId": "CVE-2017-3142",
"datePublished": "2019-01-16T20:00:00.000Z",
"dateReserved": "2016-12-02T00:00:00.000Z",
"dateUpdated": "2024-09-16T17:08:46.835Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…