Log

CVE-2017-15115 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Local
Type
+ Privilege escalation
Description
+ It was found that in Linux kernel before 4.14 when peeling off an association to the socket in another network namespace, all transports in this association are not to be rehashed and keep use the old key in hashtable. A kernel would miss removing transports from hashtable when closing the socket and all transports are being freed. Later on a use-after-free issue could be caused when looking up an association and dereferencing the transports.
References
+ https://git.kernel.org/linus/df80cd9b28b9ebaa284a41df611dbf3a2d05ca74
+ https://bugzilla.redhat.com/show_bug.cgi?id=1513345
+ http://seclists.org/oss-sec/2017/q4/282
Notes
CVE-2017-15130 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Denial of service
Description
+ A denial of service flaw was found in dovecot before 2.2.34 and 2.3.0.1. An attacker able to generate random SNI server names could exploit TLS SNI configuration lookups, leading to excessive memory usage, causing imap-login/pop3-login VSZ limit to be reached and the process restarted. This happens only if Dovecot config has local_name { } or local { } configuration blocks and attacker uses randomly generated SNI servernames.
References
+ https://www.dovecot.org/list/dovecot-news/2018-February/000370.html
Notes
CVE-2017-15132 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Denial of service
Description
+ A flaw was found in dovecot before 2.2.34 and 2.3.0.1. An abort of SASL authentication results in a memory leak in dovecot's auth client used by login processes. The leak has impact in high performance configuration where same login processes are reused and can cause the process to crash due to memory exhaustion.
References
+ https://www.dovecot.org/list/dovecot-news/2018-February/000370.html
+ https://github.com/dovecot/core/commit/1a29ed2f96da1be22fa5a4d96c7583aa81b8b060
Notes
CVE-2017-15189 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Denial of service
Description
+ An infinite loop flaw has been discovered in wireshark before 2.4.2 in the DOCSIS dissector leading to excessive consumption of CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
References
+ https://www.wireshark.org/security/wnpa-sec-2017-46.html
+ https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14080
+ https://code.wireshark.org/review/#/c/23663/
Notes
CVE-2017-15190 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Denial of service
Description
+ A stack pointer use after scope flaw has been discovered in wireshark before 2.4.2 in the RTSP dissector leading to application crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
References
+ https://www.wireshark.org/security/wnpa-sec-2017-45.html
+ https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14077
+ https://code.wireshark.org/review/#/c/23635/
Notes
CVE-2017-15191 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Denial of service
Description
+ A length check flaw has been discovered in wireshark before 2.4.2 in the BT ATT dissector when 7bit strings were decoded leading to application crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
References
+ https://www.wireshark.org/security/wnpa-sec-2017-44.html
+ https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14068
+ https://code.wireshark.org/review/#/c/23591/
Notes
CVE-2017-15192 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Denial of service
Description
+ A flaw has been discovered in wireshark before 2.4.2 in the BT ATT dissector leading to application crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
References
+ https://www.wireshark.org/security/wnpa-sec-2017-42.html
+ https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14049
+ https://code.wireshark.org/review/#/c/23470/
Notes
CVE-2017-15193 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Denial of service
Description
+ A flaw has been discovered in wireshark before 2.4.2 in the MBIM dissector when pre sizing wmem arrays leading to resource consumption and application crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
References
+ https://www.wireshark.org/security/wnpa-sec-2017-43.html
+ https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14056
+ https://code.wireshark.org/review/#/c/23537/
Notes
CVE-2017-15213 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Cross-site scripting
Description
+ A stored XSS vulnerability in Flyspray before 1.0-rc6 allows an authenticated user to inject JavaScript to gain administrator privileges, via the real_name or email_address field in themes/CleanFS/templates/common.editallusers.tpl.
References
+ https://github.com/Flyspray/flyspray/commit/754ec5d04348ef7ecb8cb02ade976dc412b031f8
Notes
CVE-2017-15214 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Cross-site scripting
Description
+ A stored XSS vulnerability in Flyspray between 1.0-rc4 and 1.0-rc6 allows an authenticated user to inject JavaScript to gain administrator privileges and also to execute JavaScript against other users (including unauthenticated users), via the name, title, or id parameter of dokuwiki links in plugins/dokuwiki/lib/plugins/changelinks/syntax.php.
References
+ https://github.com/Flyspray/flyspray/commit/00cfae5661124f9d67ac6733db61b2bfee34dccc
Notes