diff --git a/2018/5xxx/CVE-2018-5732.json b/2018/5xxx/CVE-2018-5732.json index e010a2ece42..16ddd024129 100644 --- a/2018/5xxx/CVE-2018-5732.json +++ b/2018/5xxx/CVE-2018-5732.json @@ -1,96 +1,96 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-officer@isc.org", - "DATE_PUBLIC": "2018-02-28T00:00:00.000Z", - "ID": "CVE-2018-5732", - "STATE": "PUBLIC", - "TITLE": "A specially constructed response from a malicious server can cause a buffer overflow in dhclient" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "ISC DHCP", - "version": { - "version_data": [ - { - "version_name": "ISC DHCP", - "version_value": "4.1.0 -> 4.1-ESV-R15, 4.2.0 -> 4.2.8, 4.3.0 -> 4.3.6, 4.4.0" - } - ] - } - } - ] - }, - "vendor_name": "ISC" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "ISC would like to thank Felix Wilhelm, Google Security Team, for reporting this vulnerability." - } - ], - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Failure to properly bounds-check a buffer used for processing DHCP options allows a malicious server (or an entity masquerading as a server) to cause a buffer overflow (and resulting crash) in dhclient by sending a response containing a specially constructed options section.\n\nAffects ISC DHCP versions 4.1.0 -> 4.1-ESV-R15, 4.2.0 -> 4.2.8, 4.3.0 -> 4.3.6, 4.4.0" - } - ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "HIGH", - "baseScore": 7.5, - "baseSeverity": "HIGH", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "version": "3.0" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Affected versions of dhclient should crash due to an out-of-bounds memory access if they receive and process a triggering response packet. However, buffer overflow outcomes can vary by operating system, and outcomes such as remote code execution may be possible in some circumstances. Where they are present, operating system mitigation strategies such as address space layout randomization (ASLR) should make it difficult to leverage this vulnerability to achieve remote code execution, but we cannot rule it out as impossible. The safest course is to patch dhclient so that the buffer overflow cannot occur." - } + "CVE_data_meta": { + "ASSIGNER": "security-officer@isc.org", + "DATE_PUBLIC": "2018-02-28T00:00:00.000Z", + "ID": "CVE-2018-5732", + "STATE": "PUBLIC", + "TITLE": "A specially constructed response from a malicious server can cause a buffer overflow in dhclient" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "ISC DHCP", + "version": { + "version_data": [ + { + "version_name": "ISC DHCP", + "version_value": "4.1.0 -> 4.1-ESV-R15, 4.2.0 -> 4.2.8, 4.3.0 -> 4.3.6, 4.4.0" + } + ] + } + } + ] + }, + "vendor_name": "ISC" + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://kb.isc.org/docs/aa-01565", - "refsource": "CONFIRM", - "url": "https://kb.isc.org/docs/aa-01565" - } - ] - }, - "solution": [ - { - "lang": "eng", - "value": "Upgrade to the patched release most closely related to your current version of DHCP. ISC DHCP releases are available from https://www.isc.org/downloads.\n\n >= DHCP 4.1-ESV-R15-P1\n >= DHCP 4.3.6-P1\n >= DHCP 4.4.1" - } - ], - "source": { - "discovery": "EXTERNAL" - } + } + }, + "credit": [ + { + "lang": "eng", + "value": "ISC would like to thank Felix Wilhelm, Google Security Team, for reporting this vulnerability." + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Failure to properly bounds-check a buffer used for processing DHCP options allows a malicious server (or an entity masquerading as a server) to cause a buffer overflow (and resulting crash) in dhclient by sending a response containing a specially constructed options section. Affects ISC DHCP versions 4.1.0 -> 4.1-ESV-R15, 4.2.0 -> 4.2.8, 4.3.0 -> 4.3.6, 4.4.0" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Affected versions of dhclient should crash due to an out-of-bounds memory access if they receive and process a triggering response packet. However, buffer overflow outcomes can vary by operating system, and outcomes such as remote code execution may be possible in some circumstances. Where they are present, operating system mitigation strategies such as address space layout randomization (ASLR) should make it difficult to leverage this vulnerability to achieve remote code execution, but we cannot rule it out as impossible. The safest course is to patch dhclient so that the buffer overflow cannot occur." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://kb.isc.org/docs/aa-01565", + "refsource": "CONFIRM", + "url": "https://kb.isc.org/docs/aa-01565" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "Upgrade to the patched release most closely related to your current version of DHCP. ISC DHCP releases are available from https://www.isc.org/downloads.\n\n >= DHCP 4.1-ESV-R15-P1\n >= DHCP 4.3.6-P1\n >= DHCP 4.4.1" + } + ], + "source": { + "discovery": "EXTERNAL" + } } \ No newline at end of file diff --git a/2018/5xxx/CVE-2018-5743.json b/2018/5xxx/CVE-2018-5743.json index e159ecf8465..1b533e1d1db 100644 --- a/2018/5xxx/CVE-2018-5743.json +++ b/2018/5xxx/CVE-2018-5743.json @@ -43,7 +43,7 @@ "description_data": [ { "lang": "eng", - "value": "By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conservative value for most servers. Unfortunately, the code which was intended to limit the number of simultaneous connections contained an error which could be exploited to grow the number of simultaneous connections beyond this limit.\n\nVersions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.6, 9.12.0 -> 9.12.4, 9.14.0. BIND 9 Supported Preview Edition versions 9.9.3-S1 -> 9.11.5-S3, and 9.11.5-S5. Versions 9.13.0 -> 9.13.7 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2018-5743." + "value": "By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conservative value for most servers. Unfortunately, the code which was intended to limit the number of simultaneous connections contained an error which could be exploited to grow the number of simultaneous connections beyond this limit. Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.6, 9.12.0 -> 9.12.4, 9.14.0. BIND 9 Supported Preview Edition versions 9.9.3-S1 -> 9.11.5-S3, and 9.11.5-S5. Versions 9.13.0 -> 9.13.7 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2018-5743." } ] }, diff --git a/2018/5xxx/CVE-2018-5744.json b/2018/5xxx/CVE-2018-5744.json index f339278d8dd..d832c00a6f9 100644 --- a/2018/5xxx/CVE-2018-5744.json +++ b/2018/5xxx/CVE-2018-5744.json @@ -1,96 +1,96 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-officer@isc.org", - "DATE_PUBLIC": "2019-02-21T00:00:00.000Z", - "ID": "CVE-2018-5744", - "STATE": "PUBLIC", - "TITLE": "A specially crafted packet can cause named to leak memory" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "BIND 9", - "version": { - "version_data": [ - { - "version_name": "BIND 9", - "version_value": "BIND 9.10.7 -> 9.10.8-P1, 9.11.3 -> 9.11.5-P1, 9.12.0 -> 9.12.3-P1, and versions 9.10.7-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -> 9.13.6 of the 9.13 development branch are also affected." - } - ] - } - } - ] - }, - "vendor_name": "ISC" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "ISC would like to thank Toshifumi Sakaguchi for reporting this issue to us." - } - ], - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A failure to free memory can occur when processing messages having a specific combination of EDNS options.\n\nVersions affected are: BIND 9.10.7 -> 9.10.8-P1, 9.11.3 -> 9.11.5-P1, 9.12.0 -> 9.12.3-P1, and versions 9.10.7-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -> 9.13.6 of the 9.13 development branch are also affected." - } - ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "HIGH", - "baseScore": 7.5, - "baseSeverity": "HIGH", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "version": "3.0" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "By exploiting this condition, an attacker can potentially cause named's memory use to grow without bounds until all memory available to the process is exhausted. Typically a server process is limited as to the amount of memory it can use but if the named process is not limited by the operating system all free memory on the server could be exhausted." - } + "CVE_data_meta": { + "ASSIGNER": "security-officer@isc.org", + "DATE_PUBLIC": "2019-02-21T00:00:00.000Z", + "ID": "CVE-2018-5744", + "STATE": "PUBLIC", + "TITLE": "A specially crafted packet can cause named to leak memory" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "BIND 9", + "version": { + "version_data": [ + { + "version_name": "BIND 9", + "version_value": "BIND 9.10.7 -> 9.10.8-P1, 9.11.3 -> 9.11.5-P1, 9.12.0 -> 9.12.3-P1, and versions 9.10.7-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -> 9.13.6 of the 9.13 development branch are also affected." + } + ] + } + } + ] + }, + "vendor_name": "ISC" + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://kb.isc.org/docs/cve-2018-5744", - "refsource": "CONFIRM", - "url": "https://kb.isc.org/docs/cve-2018-5744" - } - ] - }, - "solution": [ - { - "lang": "eng", - "value": "Upgrade to a version of BIND containing a fix for the memory leak.\n\n >= BIND 9.11.5-P4\n >= BIND 9.12.3-P4\n" - } - ], - "source": { - "discovery": "EXTERNAL" - } + } + }, + "credit": [ + { + "lang": "eng", + "value": "ISC would like to thank Toshifumi Sakaguchi for reporting this issue to us." + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A failure to free memory can occur when processing messages having a specific combination of EDNS options. Versions affected are: BIND 9.10.7 -> 9.10.8-P1, 9.11.3 -> 9.11.5-P1, 9.12.0 -> 9.12.3-P1, and versions 9.10.7-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -> 9.13.6 of the 9.13 development branch are also affected." + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "By exploiting this condition, an attacker can potentially cause named's memory use to grow without bounds until all memory available to the process is exhausted. Typically a server process is limited as to the amount of memory it can use but if the named process is not limited by the operating system all free memory on the server could be exhausted." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://kb.isc.org/docs/cve-2018-5744", + "refsource": "CONFIRM", + "url": "https://kb.isc.org/docs/cve-2018-5744" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "Upgrade to a version of BIND containing a fix for the memory leak.\n\n >= BIND 9.11.5-P4\n >= BIND 9.12.3-P4\n" + } + ], + "source": { + "discovery": "EXTERNAL" + } } \ No newline at end of file diff --git a/2018/5xxx/CVE-2018-5745.json b/2018/5xxx/CVE-2018-5745.json index 5686f33032a..60bae6f4aab 100644 --- a/2018/5xxx/CVE-2018-5745.json +++ b/2018/5xxx/CVE-2018-5745.json @@ -1,90 +1,90 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-officer@isc.org", - "DATE_PUBLIC": "2019-02-21T00:00:00.000Z", - "ID": "CVE-2018-5745", - "STATE": "PUBLIC", - "TITLE": "An assertion failure can occur if a trust anchor rolls over to an unsupported key algorithm when using managed-keys" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "BIND 9", - "version": { - "version_data": [ - { - "version_name": "BIND 9", - "version_value": "BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P1, 9.12.0 -> 9.12.3-P1, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -> 9.13.6 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2018-5745." - } - ] - } - } - ] - }, - "vendor_name": "ISC" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "\"managed-keys\" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation. Due to an error in the managed-keys feature it is possible for a BIND server which uses managed-keys to exit due to an assertion failure if, during key rollover, a trust anchor's keys are replaced with keys which use an unsupported algorithm.\n\nVersions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P1, 9.12.0 -> 9.12.3-P1, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -> 9.13.6 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2018-5745." - } - ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "HIGH", - "baseScore": 4.9, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "privilegesRequired": "HIGH", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", - "version": "3.0" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "This particular vulnerability would be very difficult for an arbitrary attacker to use because it requires an operator to have BIND configured to use a trust anchor managed by the attacker. However, if successfully exercised, the defect will cause named to deliberately exit after encountering an assertion failure.\n\nIt is more likely, perhaps, that this bug could be encountered accidentally, as not all versions of BIND support the same set of cryptographic algorithms. Specifically, recent branches of BIND have begun deliberately removing support for cryptographic algorithms that are now deprecated (for example because they are no longer considered sufficiently secure.) This vulnerability could be encountered if a resolver running a version of BIND which has removed support for deprecated algorithms is configured to use a trust anchor which elects to change algorithm types to one of those deprecated algorithms.\n\n Support for GOST was removed from BIND in 9.13.1.\n Support for DSA was removed from BIND in 9.13.4\n Support for RSAMD5 will be removed from future BIND releases in the 9.13 branch and higher.\n" - } + "CVE_data_meta": { + "ASSIGNER": "security-officer@isc.org", + "DATE_PUBLIC": "2019-02-21T00:00:00.000Z", + "ID": "CVE-2018-5745", + "STATE": "PUBLIC", + "TITLE": "An assertion failure can occur if a trust anchor rolls over to an unsupported key algorithm when using managed-keys" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "BIND 9", + "version": { + "version_data": [ + { + "version_name": "BIND 9", + "version_value": "BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P1, 9.12.0 -> 9.12.3-P1, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -> 9.13.6 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2018-5745." + } + ] + } + } + ] + }, + "vendor_name": "ISC" + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://kb.isc.org/docs/cve-2018-5745", - "refsource": "CONFIRM", - "url": "https://kb.isc.org/docs/cve-2018-5745" - } - ] - }, - "solution": [ - { - "lang": "eng", - "value": "Upgrade to a version of BIND containing a fix preventing the assertion failure.\n\n>= BIND 9.11.5-P4\n>= BIND 9.12.3-P4\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n>= BIND 9.11.5-S5\n" - } - ], - "source": { - "discovery": "INTERNAL" - } + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "\"managed-keys\" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation. Due to an error in the managed-keys feature it is possible for a BIND server which uses managed-keys to exit due to an assertion failure if, during key rollover, a trust anchor's keys are replaced with keys which use an unsupported algorithm. Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P1, 9.12.0 -> 9.12.3-P1, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -> 9.13.6 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2018-5745." + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 4.9, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "This particular vulnerability would be very difficult for an arbitrary attacker to use because it requires an operator to have BIND configured to use a trust anchor managed by the attacker. However, if successfully exercised, the defect will cause named to deliberately exit after encountering an assertion failure.\n\nIt is more likely, perhaps, that this bug could be encountered accidentally, as not all versions of BIND support the same set of cryptographic algorithms. Specifically, recent branches of BIND have begun deliberately removing support for cryptographic algorithms that are now deprecated (for example because they are no longer considered sufficiently secure.) This vulnerability could be encountered if a resolver running a version of BIND which has removed support for deprecated algorithms is configured to use a trust anchor which elects to change algorithm types to one of those deprecated algorithms.\n\n Support for GOST was removed from BIND in 9.13.1.\n Support for DSA was removed from BIND in 9.13.4\n Support for RSAMD5 will be removed from future BIND releases in the 9.13 branch and higher.\n" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://kb.isc.org/docs/cve-2018-5745", + "refsource": "CONFIRM", + "url": "https://kb.isc.org/docs/cve-2018-5745" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "Upgrade to a version of BIND containing a fix preventing the assertion failure.\n\n>= BIND 9.11.5-P4\n>= BIND 9.12.3-P4\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n>= BIND 9.11.5-S5\n" + } + ], + "source": { + "discovery": "INTERNAL" + } } \ No newline at end of file diff --git a/2019/11xxx/CVE-2019-11212.json b/2019/11xxx/CVE-2019-11212.json index f4628754db1..d817e84506e 100644 --- a/2019/11xxx/CVE-2019-11212.json +++ b/2019/11xxx/CVE-2019-11212.json @@ -41,7 +41,7 @@ "description_data": [ { "lang": "eng", - "value": "The MDM server component of TIBCO Software Inc's TIBCO MDM contains multiple vulnerabilities that theoretically allow an authenticated user with specific roles to perform cross-site scripting (XSS) attacks.\n\nThis issue affects TIBCO Software Inc.'s TIBCO MDM version 9.0.1 and prior versions; version 9.1.0." + "value": "The MDM server component of TIBCO Software Inc's TIBCO MDM contains multiple vulnerabilities that theoretically allow an authenticated user with specific roles to perform cross-site scripting (XSS) attacks. This issue affects TIBCO Software Inc.'s TIBCO MDM version 9.0.1 and prior versions; version 9.1.0." } ] }, @@ -80,10 +80,12 @@ "reference_data": [ { "refsource": "CONFIRM", + "name": "http://www.tibco.com/services/support/advisories", "url": "http://www.tibco.com/services/support/advisories" }, { "refsource": "CONFIRM", + "name": "https://www.tibco.com/support/advisories/2019/10/tibco-security-advisory-october-8-2019-tibco-mdm", "url": "https://www.tibco.com/support/advisories/2019/10/tibco-security-advisory-october-8-2019-tibco-mdm" } ] @@ -97,4 +99,4 @@ "source": { "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2019/11xxx/CVE-2019-11341.json b/2019/11xxx/CVE-2019-11341.json index 0e840b0c375..8d33c1b373e 100644 --- a/2019/11xxx/CVE-2019-11341.json +++ b/2019/11xxx/CVE-2019-11341.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-11341", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-11341", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "On certain Samsung P(9.0) phones, an attacker with physical access can start a TCP Dump capture without the user's knowledge. This feature of the Service Mode application is available after entering the *#9900# check code, but is protected by an OTP password. However, this password is created locally and (due to mishandling of cryptography) can be obtained easily by reversing the password creation logic." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://security.samsungmobile.com/securityUpdate.smsb", + "refsource": "MISC", + "name": "https://security.samsungmobile.com/securityUpdate.smsb" + }, + { + "url": "https://drfone.wondershare.com/unlock/samsung-galaxy-secret-code-list.html", + "refsource": "MISC", + "name": "https://drfone.wondershare.com/unlock/samsung-galaxy-secret-code-list.html" + }, + { + "refsource": "MISC", + "name": "https://twitter.com/fs0c131y/status/1115889065285562368", + "url": "https://twitter.com/fs0c131y/status/1115889065285562368" } ] } diff --git a/2019/14xxx/CVE-2019-14835.json b/2019/14xxx/CVE-2019-14835.json index 0ebc0061f56..f8ed5ae0a9b 100644 --- a/2019/14xxx/CVE-2019-14835.json +++ b/2019/14xxx/CVE-2019-14835.json @@ -203,6 +203,11 @@ "refsource": "MLIST", "name": "[oss-security] 20191003 Re: CVE-2019-14835: QEMU-KVM Guest to Host Kernel Escape Vulnerability: vhost/vhost_net kernel buffer overflow", "url": "http://www.openwall.com/lists/oss-security/2019/10/03/1" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20191009 Re: CVE-2019-14835: QEMU-KVM Guest to Host Kernel Escape Vulnerability: vhost/vhost_net kernel buffer overflow", + "url": "http://www.openwall.com/lists/oss-security/2019/10/09/3" } ] }, diff --git a/2019/17xxx/CVE-2019-17383.json b/2019/17xxx/CVE-2019-17383.json new file mode 100644 index 00000000000..4481ab7ccd1 --- /dev/null +++ b/2019/17xxx/CVE-2019-17383.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17383", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The netaddr gem before 2.0.4 for Ruby has misconfigured file permissions, such that a gem install may result in 0777 permissions in the target filesystem." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://rubygems.org/gems/netaddr/versions", + "refsource": "MISC", + "name": "https://rubygems.org/gems/netaddr/versions" + }, + { + "url": "https://github.com/dspinhirne/netaddr-rb/commit/3aac46c00a36e71905eaa619cb94d45bff6e3b51", + "refsource": "MISC", + "name": "https://github.com/dspinhirne/netaddr-rb/commit/3aac46c00a36e71905eaa619cb94d45bff6e3b51" + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3653.json b/2019/3xxx/CVE-2019-3653.json index 99d9cc7b134..1ba8b5e34f8 100644 --- a/2019/3xxx/CVE-2019-3653.json +++ b/2019/3xxx/CVE-2019-3653.json @@ -42,7 +42,7 @@ "description_data": [ { "lang": "eng", - "value": "Improper access control vulnerability in Configuration tool in McAfee Endpoint Security (ENS) Prior to 10.6.1 October 2019 Update allows local user to gain access to security configuration via unauthorized use of the configuration tool.\n" + "value": "Improper access control vulnerability in Configuration tool in McAfee Endpoint Security (ENS) Prior to 10.6.1 October 2019 Update allows local user to gain access to security configuration via unauthorized use of the configuration tool." } ] }, @@ -89,4 +89,4 @@ "source": { "discovery": "EXTERNAL" } -} +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6465.json b/2019/6xxx/CVE-2019-6465.json index 160b96deeda..1010700ae76 100644 --- a/2019/6xxx/CVE-2019-6465.json +++ b/2019/6xxx/CVE-2019-6465.json @@ -1,90 +1,90 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-officer@isc.org", - "DATE_PUBLIC": "2019-02-21T00:00:00.000Z", - "ID": "CVE-2019-6465", - "STATE": "PUBLIC", - "TITLE": "Zone transfer controls for writable DLZ zones were not effective" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "BIND 9", - "version": { - "version_data": [ - { - "version_name": "BIND 9", - "version_value": "BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P2, 9.12.0 -> 9.12.3-P2, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -> 9.13.6 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2019-6465." - } - ] - } - } - ] - }, - "vendor_name": "ISC" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if the zones are writable\n\nVersions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P2, 9.12.0 -> 9.12.3-P2, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -> 9.13.6 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2019-6465." - } - ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "baseScore": 5.3, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", - "version": "3.0" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "A client exercising this defect can request and receive a zone transfer of a DLZ even when not permitted to do so by the allow-transfer ACL." - } + "CVE_data_meta": { + "ASSIGNER": "security-officer@isc.org", + "DATE_PUBLIC": "2019-02-21T00:00:00.000Z", + "ID": "CVE-2019-6465", + "STATE": "PUBLIC", + "TITLE": "Zone transfer controls for writable DLZ zones were not effective" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "BIND 9", + "version": { + "version_data": [ + { + "version_name": "BIND 9", + "version_value": "BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P2, 9.12.0 -> 9.12.3-P2, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -> 9.13.6 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2019-6465." + } + ] + } + } + ] + }, + "vendor_name": "ISC" + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://kb.isc.org/docs/cve-2019-6465", - "refsource": "CONFIRM", - "url": "https://kb.isc.org/docs/cve-2019-6465" - } - ] - }, - "solution": [ - { - "lang": "eng", - "value": "Upgrade to the patched release most closely related to your current version of BIND:\n\n>= BIND 9.11.5-P4\n>= BIND 9.12.3-P4\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n>= BIND 9.11.5-S5\n" - } - ], - "source": { - "discovery": "EXTERNAL" - } + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if the zones are writable Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P2, 9.12.0 -> 9.12.3-P2, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -> 9.13.6 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2019-6465." + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A client exercising this defect can request and receive a zone transfer of a DLZ even when not permitted to do so by the allow-transfer ACL." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://kb.isc.org/docs/cve-2019-6465", + "refsource": "CONFIRM", + "url": "https://kb.isc.org/docs/cve-2019-6465" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "Upgrade to the patched release most closely related to your current version of BIND:\n\n>= BIND 9.11.5-P4\n>= BIND 9.12.3-P4\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n>= BIND 9.11.5-S5\n" + } + ], + "source": { + "discovery": "EXTERNAL" + } } \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6467.json b/2019/6xxx/CVE-2019-6467.json index 35d81f08d84..57e7d7e4c99 100644 --- a/2019/6xxx/CVE-2019-6467.json +++ b/2019/6xxx/CVE-2019-6467.json @@ -43,7 +43,7 @@ "description_data": [ { "lang": "eng", - "value": "A programming error in the nxdomain-redirect feature can cause an assertion failure in query.c if the alternate namespace used by nxdomain-redirect is a descendant of a zone that is served locally.\n\nThe most likely scenario where this might occur is if the server, in addition to performing NXDOMAIN redirection for recursive clients, is also serving a local copy of the root zone or using mirroring to provide the root zone, although other configurations are also possible.\n\nVersions affected: BIND 9.12.0-> 9.12.4, 9.14.0. Also affects all releases in the 9.13 development branch." + "value": "A programming error in the nxdomain-redirect feature can cause an assertion failure in query.c if the alternate namespace used by nxdomain-redirect is a descendant of a zone that is served locally. The most likely scenario where this might occur is if the server, in addition to performing NXDOMAIN redirection for recursive clients, is also serving a local copy of the root zone or using mirroring to provide the root zone, although other configurations are also possible. Versions affected: BIND 9.12.0-> 9.12.4, 9.14.0. Also affects all releases in the 9.13 development branch." } ] }, diff --git a/2019/6xxx/CVE-2019-6468.json b/2019/6xxx/CVE-2019-6468.json index bf8ff9430ad..34c1167a4c1 100644 --- a/2019/6xxx/CVE-2019-6468.json +++ b/2019/6xxx/CVE-2019-6468.json @@ -43,7 +43,7 @@ "description_data": [ { "lang": "eng", - "value": "In BIND Supported Preview Edition, an error in the nxdomain-redirect feature can occur in versions which support EDNS Client Subnet (ECS) features. In those versions which have ECS support, enabling nxdomain-redirect is likely to lead to BIND exiting due to assertion failure.\n\nVersions affected: BIND Supported Preview Edition version 9.10.5-S1 -> 9.11.5-S5. ONLY BIND Supported Preview Edition releases are affected." + "value": "In BIND Supported Preview Edition, an error in the nxdomain-redirect feature can occur in versions which support EDNS Client Subnet (ECS) features. In those versions which have ECS support, enabling nxdomain-redirect is likely to lead to BIND exiting due to assertion failure. Versions affected: BIND Supported Preview Edition version 9.10.5-S1 -> 9.11.5-S5. ONLY BIND Supported Preview Edition releases are affected." } ] }, diff --git a/2019/6xxx/CVE-2019-6469.json b/2019/6xxx/CVE-2019-6469.json index 810d1c01d31..6430c12d3aa 100644 --- a/2019/6xxx/CVE-2019-6469.json +++ b/2019/6xxx/CVE-2019-6469.json @@ -43,7 +43,7 @@ "description_data": [ { "lang": "eng", - "value": "An error in the EDNS Client Subnet (ECS) feature for recursive resolvers can cause BIND to exit with an assertion failure when processing a response that has malformed RRSIGs.\n\nVersions affected: BIND 9.10.5-S1 -> 9.11.6-S1 of BIND 9 Supported Preview Edition." + "value": "An error in the EDNS Client Subnet (ECS) feature for recursive resolvers can cause BIND to exit with an assertion failure when processing a response that has malformed RRSIGs. Versions affected: BIND 9.10.5-S1 -> 9.11.6-S1 of BIND 9 Supported Preview Edition." } ] }, diff --git a/2019/6xxx/CVE-2019-6471.json b/2019/6xxx/CVE-2019-6471.json index 17af2d6f2a5..bdcd5ee64aa 100644 --- a/2019/6xxx/CVE-2019-6471.json +++ b/2019/6xxx/CVE-2019-6471.json @@ -43,7 +43,7 @@ "description_data": [ { "lang": "eng", - "value": "A race condition which may occur when discarding malformed packets can result in BIND exiting due to a REQUIRE assertion failure in dispatch.c.\n\nVersions affected: BIND 9.11.0 -> 9.11.7, 9.12.0 -> 9.12.4-P1, 9.14.0 -> 9.14.2. Also all releases of the BIND 9.13 development branch and version 9.15.0 of the BIND 9.15 development branch and BIND Supported Preview Edition versions 9.11.3-S1 -> 9.11.7-S1." + "value": "A race condition which may occur when discarding malformed packets can result in BIND exiting due to a REQUIRE assertion failure in dispatch.c. Versions affected: BIND 9.11.0 -> 9.11.7, 9.12.0 -> 9.12.4-P1, 9.14.0 -> 9.14.2. Also all releases of the BIND 9.13 development branch and version 9.15.0 of the BIND 9.15 development branch and BIND Supported Preview Edition versions 9.11.3-S1 -> 9.11.7-S1." } ] },