Log

CVE-2017-18013 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Denial of service
Description
+ A null-pointer dereference issue has been found in libtiff before 4.0.10, in the TIFFPrintDirectory() function in tiffinfo.c, while parsing the "1 Strips: " section of a crafted image, as demonstrated by a tiffinfo tool crash.
References
+ http://bugzilla.maptools.org/show_bug.cgi?id=2770
+ https://gitlab.com/libtiff/libtiff/commit/c6f41df7b581402dfba3c19a1e3df4454c551a01
Notes
CVE-2017-18021 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Private key recovery
Description
+ It was discovered that QtPass before 1.2.1, when using the built-in password generator, generates possibly predictable and enumerable passwords. This only applies to the QtPass GUI. The generator used libc's random(), seeded with srand(msecs), where msecs is not the msecs since 1970 (not that that'd be secure anyway), but rather the msecs since the last second. This means there are only 1000 different sequences of generated passwords.
References
+ http://www.openwall.com/lists/oss-security/2018/01/05/5
+ https://lists.zx2c4.com/pipermail/password-store/2018-January/003165.html
+ https://github.com/IJHack/QtPass/issues/338
+ https://github.com/IJHack/QtPass/commit/e7bd0651335e1bf4f01512d1555fe0b960ff1787
Notes
+ It is advised to change all your passwords and regenerate them using a secure utility such as pass, or update to the latest version of QtPass and regenerate from there.
CVE-2017-18078 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Local
Type
+ Access restriction bypass
Description
+ systemd-tmpfiles in systemd before 237 attempts to support ownership/permission changes on hardlinked files even if the fs.protected_hardlinks sysctl is turned off, which allows local users to bypass intended access restrictions via vectors involving a hard link to a file for which the user lacks write access, as demonstrated by changing the ownership of the /etc/passwd file.
References
+ https://www.exploit-db.com/exploits/43935/
+ https://github.com/systemd/systemd/issues/7736
Notes
CVE-2017-18183 created at 25 Sep 2019 19:31:40
Severity
+ Low
Remote
+ Local
Type
+ Denial of service
Description
+ An issue was discovered in QPDF before 7.0.0. There is an infinite loop in the QPDFWriter::enqueueObject() function in libqpdf/QPDFWriter.cc.
References
+ https://github.com/qpdf/qpdf/commit/8249a26d69f72b9cda584c14cc3f12769985e481
+ https://github.com/qpdf/qpdf/issues/143
Notes
CVE-2017-18184 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Local
Type
+ Arbitrary command execution
Description
+ An issue was discovered in QPDF before 7.0.0. There is a stack-based out-of-bounds read in the function iterate_rc4 in QPDF_encryption.cc.
References
+ https://github.com/qpdf/qpdf/commit/dea704f0ab7f625e1e7b3f9a1110b45b63157317
+ https://github.com/qpdf/qpdf/issues/147
Notes
CVE-2017-18185 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Local
Type
+ Information disclosure
Description
+ An issue was discovered in QPDF before 7.0.0. There is a large heap-based out-of-bounds read in the Pl_Buffer::write function in Pl_Buffer.cc. It is caused by an integer overflow in the PNG filter.
References
+ https://github.com/qpdf/qpdf/issues/150
+ https://github.com/qpdf/qpdf/commit/1868a10f8b06631362618bfc85ca8646da4b4b71
+ https://github.com/qpdf/qpdf/commit/ec7d74a386c0b2f38990079c3b0d2a2b30be0e71
Notes
CVE-2017-18186 created at 25 Sep 2019 19:31:40
Severity
+ Low
Remote
+ Local
Type
+ Denial of service
Description
+ An issue was discovered in QPDF before 7.0.0. There is an infinite loop due to looping xref tables in QPDF.cc.
References
+ https://github.com/qpdf/qpdf/commit/85f05cc57ffa0a863d9d9b23e73acea9410b2937
+ https://github.com/qpdf/qpdf/issues/149
Notes
CVE-2017-18189 created at 25 Sep 2019 19:31:40
Severity
+ Low
Remote
+ Local
Type
+ Denial of service
Description
+ In the startread function in xa.c in Sound eXchange (SoX) through 14.4.2, a corrupt header specifying zero channels triggers an infinite loop with a resultant NULL pointer dereference, which may allow a remote attacker to cause a denial-of-service.
References
+ https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881121
+ https://public-inbox.org/sox-devel/20171109114554.16297-1-mans@mansr.com/raw
Notes
CVE-2017-18198 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Denial of service
Description
+ print_iso9660_recurse in iso-info.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted iso file.
References
+ https://savannah.gnu.org/bugs/?52265
Notes
CVE-2017-18199 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Denial of service
Description
+ realloc_symlink in rock.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (NULL Pointer Dereference) via a crafted iso file.
References
+ https://savannah.gnu.org/bugs/?52264
Notes