From eafddbac499abd97a67f82fcf1af6b151f7829ed Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 12 Mar 2020 00:01:14 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2019/14xxx/CVE-2019-14615.json | 5 +++ 2019/15xxx/CVE-2019-15217.json | 5 +++ 2019/15xxx/CVE-2019-15220.json | 5 +++ 2019/15xxx/CVE-2019-15221.json | 5 +++ 2019/17xxx/CVE-2019-17351.json | 5 +++ 2019/19xxx/CVE-2019-19051.json | 5 +++ 2019/19xxx/CVE-2019-19056.json | 5 +++ 2019/19xxx/CVE-2019-19066.json | 5 +++ 2019/19xxx/CVE-2019-19068.json | 5 +++ 2019/19xxx/CVE-2019-19965.json | 5 +++ 2019/20xxx/CVE-2019-20096.json | 5 +++ 2019/20xxx/CVE-2019-20503.json | 5 +++ 2019/5xxx/CVE-2019-5108.json | 5 +++ 2019/5xxx/CVE-2019-5169.json | 58 ++++++++++++++++++++++++++++++---- 2019/5xxx/CVE-2019-5170.json | 58 ++++++++++++++++++++++++++++++---- 2019/5xxx/CVE-2019-5171.json | 58 ++++++++++++++++++++++++++++++---- 2019/5xxx/CVE-2019-5176.json | 58 ++++++++++++++++++++++++++++++---- 2019/5xxx/CVE-2019-5177.json | 58 ++++++++++++++++++++++++++++++---- 2019/5xxx/CVE-2019-5178.json | 58 ++++++++++++++++++++++++++++++---- 2019/5xxx/CVE-2019-5179.json | 58 ++++++++++++++++++++++++++++++---- 2019/5xxx/CVE-2019-5180.json | 58 ++++++++++++++++++++++++++++++---- 2019/5xxx/CVE-2019-5181.json | 58 ++++++++++++++++++++++++++++++---- 2020/6xxx/CVE-2020-6796.json | 5 +++ 2020/6xxx/CVE-2020-6798.json | 5 +++ 2020/6xxx/CVE-2020-6800.json | 5 +++ 2020/6xxx/CVE-2020-6801.json | 5 +++ 26 files changed, 544 insertions(+), 63 deletions(-) diff --git a/2019/14xxx/CVE-2019-14615.json b/2019/14xxx/CVE-2019-14615.json index 7c3fc6e7d51..20c1984ab8c 100644 --- a/2019/14xxx/CVE-2019-14615.json +++ b/2019/14xxx/CVE-2019-14615.json @@ -118,6 +118,11 @@ "refsource": "UBUNTU", "name": "USN-4284-1", "url": "https://usn.ubuntu.com/4284-1/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4286-1", + "url": "https://usn.ubuntu.com/4286-1/" } ] }, diff --git a/2019/15xxx/CVE-2019-15217.json b/2019/15xxx/CVE-2019-15217.json index deacf91bf4d..e3cb20df69d 100644 --- a/2019/15xxx/CVE-2019-15217.json +++ b/2019/15xxx/CVE-2019-15217.json @@ -126,6 +126,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update", "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-4286-1", + "url": "https://usn.ubuntu.com/4286-1/" } ] } diff --git a/2019/15xxx/CVE-2019-15220.json b/2019/15xxx/CVE-2019-15220.json index 849ee5226c7..f4531284bfc 100644 --- a/2019/15xxx/CVE-2019-15220.json +++ b/2019/15xxx/CVE-2019-15220.json @@ -121,6 +121,11 @@ "refsource": "UBUNTU", "name": "USN-4286-2", "url": "https://usn.ubuntu.com/4286-2/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4286-1", + "url": "https://usn.ubuntu.com/4286-1/" } ] } diff --git a/2019/15xxx/CVE-2019-15221.json b/2019/15xxx/CVE-2019-15221.json index 5d9207718ba..a4a46522fb5 100644 --- a/2019/15xxx/CVE-2019-15221.json +++ b/2019/15xxx/CVE-2019-15221.json @@ -121,6 +121,11 @@ "refsource": "UBUNTU", "name": "USN-4286-2", "url": "https://usn.ubuntu.com/4286-2/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4286-1", + "url": "https://usn.ubuntu.com/4286-1/" } ] } diff --git a/2019/17xxx/CVE-2019-17351.json b/2019/17xxx/CVE-2019-17351.json index 496dc8630a7..9172f6cf4b2 100644 --- a/2019/17xxx/CVE-2019-17351.json +++ b/2019/17xxx/CVE-2019-17351.json @@ -86,6 +86,11 @@ "refsource": "UBUNTU", "name": "USN-4286-2", "url": "https://usn.ubuntu.com/4286-2/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4286-1", + "url": "https://usn.ubuntu.com/4286-1/" } ] } diff --git a/2019/19xxx/CVE-2019-19051.json b/2019/19xxx/CVE-2019-19051.json index 832f5386726..ed6beb7caab 100644 --- a/2019/19xxx/CVE-2019-19051.json +++ b/2019/19xxx/CVE-2019-19051.json @@ -91,6 +91,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update", "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-4286-1", + "url": "https://usn.ubuntu.com/4286-1/" } ] } diff --git a/2019/19xxx/CVE-2019-19056.json b/2019/19xxx/CVE-2019-19056.json index 2db085337aa..585a5296e6a 100644 --- a/2019/19xxx/CVE-2019-19056.json +++ b/2019/19xxx/CVE-2019-19056.json @@ -91,6 +91,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update", "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-4286-1", + "url": "https://usn.ubuntu.com/4286-1/" } ] } diff --git a/2019/19xxx/CVE-2019-19066.json b/2019/19xxx/CVE-2019-19066.json index 2abbf2e3080..6cbc62ecf4a 100644 --- a/2019/19xxx/CVE-2019-19066.json +++ b/2019/19xxx/CVE-2019-19066.json @@ -86,6 +86,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update", "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-4286-1", + "url": "https://usn.ubuntu.com/4286-1/" } ] } diff --git a/2019/19xxx/CVE-2019-19068.json b/2019/19xxx/CVE-2019-19068.json index 3db604c24e4..ca02eb1c8a6 100644 --- a/2019/19xxx/CVE-2019-19068.json +++ b/2019/19xxx/CVE-2019-19068.json @@ -86,6 +86,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update", "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-4286-1", + "url": "https://usn.ubuntu.com/4286-1/" } ] } diff --git a/2019/19xxx/CVE-2019-19965.json b/2019/19xxx/CVE-2019-19965.json index 5ba10b16cb3..ff4aea951ca 100644 --- a/2019/19xxx/CVE-2019-19965.json +++ b/2019/19xxx/CVE-2019-19965.json @@ -96,6 +96,11 @@ "refsource": "UBUNTU", "name": "USN-4284-1", "url": "https://usn.ubuntu.com/4284-1/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4286-1", + "url": "https://usn.ubuntu.com/4286-1/" } ] } diff --git a/2019/20xxx/CVE-2019-20096.json b/2019/20xxx/CVE-2019-20096.json index 66a5f32f360..98751c06e91 100644 --- a/2019/20xxx/CVE-2019-20096.json +++ b/2019/20xxx/CVE-2019-20096.json @@ -91,6 +91,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update", "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-4286-1", + "url": "https://usn.ubuntu.com/4286-1/" } ] } diff --git a/2019/20xxx/CVE-2019-20503.json b/2019/20xxx/CVE-2019-20503.json index ba11551726f..cfed79b9278 100644 --- a/2019/20xxx/CVE-2019-20503.json +++ b/2019/20xxx/CVE-2019-20503.json @@ -61,6 +61,11 @@ "url": "https://github.com/sctplab/usrsctp/commit/790a7a2555aefb392a5a69923f1e9d17b4968467", "refsource": "MISC", "name": "https://github.com/sctplab/usrsctp/commit/790a7a2555aefb392a5a69923f1e9d17b4968467" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20200311 [SECURITY] [DLA 2140-1] firefox-esr security update", + "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00013.html" } ] } diff --git a/2019/5xxx/CVE-2019-5108.json b/2019/5xxx/CVE-2019-5108.json index 743ead4119a..12ca1c0e0af 100644 --- a/2019/5xxx/CVE-2019-5108.json +++ b/2019/5xxx/CVE-2019-5108.json @@ -83,6 +83,11 @@ "refsource": "UBUNTU", "name": "USN-4287-2", "url": "https://usn.ubuntu.com/4287-2/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4286-1", + "url": "https://usn.ubuntu.com/4286-1/" } ] }, diff --git a/2019/5xxx/CVE-2019-5169.json b/2019/5xxx/CVE-2019-5169.json index 16233330176..a801004353b 100644 --- a/2019/5xxx/CVE-2019-5169.json +++ b/2019/5xxx/CVE-2019-5169.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-5169", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-5169", + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Wago", + "product": { + "product_data": [ + { + "product_name": "WAGO PFC200", + "version": { + "version_data": [ + { + "version_value": "Firmware version 03.02.02(14)" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "command injection" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0962", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0962" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An exploitable command injection vulnerability exists in the iocheckd service \u2018I/O-Check\u2019 function of the WAGO PFC 200 Firmware version 03.02.02(14). A specially crafted XML cache file written to a specific location on the device can be used to inject OS commands. An attacker can send a specially crafted packet to trigger the parsing of this cache file. At 0x1e900 the extracted gateway value from the xml file is used as an argument to /etc/config-tools/config_default_gateway number=0 state=enabled value= using sprintf(). This command is later executed via a call to system()." } ] } diff --git a/2019/5xxx/CVE-2019-5170.json b/2019/5xxx/CVE-2019-5170.json index b08bf443454..c2d2cf1f60f 100644 --- a/2019/5xxx/CVE-2019-5170.json +++ b/2019/5xxx/CVE-2019-5170.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-5170", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-5170", + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Wago", + "product": { + "product_data": [ + { + "product_name": "WAGO PFC200", + "version": { + "version_data": [ + { + "version_value": "Firmware version 03.02.02(14)" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "command injection" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0962", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0962" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An exploitable command injection vulnerability exists in the iocheckd service \u2018I/O-Check\u2019 function of the WAGO PFC 200 Firmware version 03.02.02(14). A specially crafted XML cache file written to a specific location on the device can be used to inject OS commands. An attacker can send a specially crafted packet to trigger the parsing of this cache file.At 0x1e87c the extracted hostname value from the xml file is used as an argument to /etc/config-tools/change_hostname hostname= using sprintf(). This command is later executed via a call to system()." } ] } diff --git a/2019/5xxx/CVE-2019-5171.json b/2019/5xxx/CVE-2019-5171.json index 2214ac25144..abcfbdc0996 100644 --- a/2019/5xxx/CVE-2019-5171.json +++ b/2019/5xxx/CVE-2019-5171.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-5171", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-5171", + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Wago", + "product": { + "product_data": [ + { + "product_name": "WAGO PFC200", + "version": { + "version_data": [ + { + "version_value": "Firmware version 03.02.02(14)" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "command injection" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0962", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0962" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An exploitable command injection vulnerability exists in the iocheckd service \u2018I/O-Check\u2019 function of the WAGO PFC 200 Firmware version 03.02.02(14). An attacker can send specially crafted packet at 0x1ea48 to the extracted hostname value from the xml file that is used as an argument to /etc/config-tools/config_interfaces interface=X1 state=enabled ip-address= using sprintf()." } ] } diff --git a/2019/5xxx/CVE-2019-5176.json b/2019/5xxx/CVE-2019-5176.json index 72132842eaa..b1dde8d9ca5 100644 --- a/2019/5xxx/CVE-2019-5176.json +++ b/2019/5xxx/CVE-2019-5176.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-5176", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-5176", + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Wago", + "product": { + "product_data": [ + { + "product_name": "WAGO PFC200", + "version": { + "version_data": [ + { + "version_value": "Firmware version 03.02.02(14)" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "stack buffer overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0963", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0963" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service \u2018I/O-Check\u2019 functionality of WAGO PFC 200 Firmware version 03.02.02(14). An attacker can send a specially crafted packet to trigger the parsing of this cache file.The destination buffer sp+0x40 is overflowed with the call to sprintf() for any gateway values that are greater than 512-len(\u2018/etc/config-tools/config_default_gateway number=0 state=enabled value=\u2018) in length. A gateway value of length 0x7e2 will cause the service to crash." } ] } diff --git a/2019/5xxx/CVE-2019-5177.json b/2019/5xxx/CVE-2019-5177.json index b51d10205e3..9bd8eed255d 100644 --- a/2019/5xxx/CVE-2019-5177.json +++ b/2019/5xxx/CVE-2019-5177.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-5177", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-5177", + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Wago", + "product": { + "product_data": [ + { + "product_name": "WAGO PFC200", + "version": { + "version_data": [ + { + "version_value": "Firmware version 03.02.02(14)" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "stack buffer overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0963", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0963" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service \u2018I/O-Check\u2019 functionality of WAGO PFC 200 Firmware version 03.02.02(14). The destination buffer sp+0x440 is overflowed with the call to sprintf() for any domainname values that are greater than 1024-len(\u2018/etc/config-tools/edit_dns_server domain-name=\u2018) in length. A domainname value of length 0x3fa will cause the service to crash." } ] } diff --git a/2019/5xxx/CVE-2019-5178.json b/2019/5xxx/CVE-2019-5178.json index 37aa91faa68..140d75499e7 100644 --- a/2019/5xxx/CVE-2019-5178.json +++ b/2019/5xxx/CVE-2019-5178.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-5178", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-5178", + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Wago", + "product": { + "product_data": [ + { + "product_name": "WAGO PFC200", + "version": { + "version_data": [ + { + "version_value": "Firmware version 03.02.02(14)" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "stack buffer overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0963", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0963" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service \u2018I/O-Check\u2019 functionality of WAGO PFC 200 Firmware version 03.02.02(14). An attacker can send a specially crafted packet to trigger the parsing of this cache file. The destination buffer sp+0x440 is overflowed with the call to sprintf() for any hostname values that are greater than 1024-len(\u2018/etc/config-tools/change_hostname hostname=\u2018) in length. A hostname value of length 0x3fd will cause the service to crash." } ] } diff --git a/2019/5xxx/CVE-2019-5179.json b/2019/5xxx/CVE-2019-5179.json index 1b0761fbc8d..f1f5250d2d7 100644 --- a/2019/5xxx/CVE-2019-5179.json +++ b/2019/5xxx/CVE-2019-5179.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-5179", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-5179", + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Wago", + "product": { + "product_data": [ + { + "product_name": "WAGO PFC200", + "version": { + "version_data": [ + { + "version_value": "Firmware version 03.02.02(14)" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "stack buffer overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0963", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0963" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service \u2018I/O-Check\u2019 functionality of WAGO PFC 200 Firmware version 03.02.02(14). An attacker can send a specially crafted packet to trigger the parsing of this cache file." } ] } diff --git a/2019/5xxx/CVE-2019-5180.json b/2019/5xxx/CVE-2019-5180.json index 5e0940d2a11..468bb61e759 100644 --- a/2019/5xxx/CVE-2019-5180.json +++ b/2019/5xxx/CVE-2019-5180.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-5180", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-5180", + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Wago", + "product": { + "product_data": [ + { + "product_name": "WAGO PFC200", + "version": { + "version_data": [ + { + "version_value": "Firmware version 03.02.02(14)" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "stack buffer overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0963", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0963" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service \u2018I/O-Check\u2019 functionality of WAGO PFC 200 Firmware version 03.02.02(14). An attacker can send a specially crafted packet to trigger the parsing of this cache file. The destination buffer sp+0x440 is overflowed with the call to sprintf() for any ip values that are greater than 1024-len(\u2018/etc/config-tools/config_interfaces interface=X1 state=enabled ip-address=\u2018) in length. A ip value of length 0x3da will cause the service to crash." } ] } diff --git a/2019/5xxx/CVE-2019-5181.json b/2019/5xxx/CVE-2019-5181.json index 3adb90233a6..aa98e6a03e6 100644 --- a/2019/5xxx/CVE-2019-5181.json +++ b/2019/5xxx/CVE-2019-5181.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-5181", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-5181", + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Wago", + "product": { + "product_data": [ + { + "product_name": "WAGO PFC200", + "version": { + "version_data": [ + { + "version_value": "Firmware version 03.02.02(14)" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "stack buffer overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0963", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0963" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service \u2018I/O-Check\u2019 functionality of WAGO PFC 200 Firmware version 03.02.02(14). A specially crafted XML cache file written to a specific location on the device can cause a stack buffer overflow, resulting in code execution. An attacker can send a specially crafted packet to trigger the parsing of this cache file. The destination buffer sp+0x440 is overflowed with the call to sprintf() for any subnetmask values that are greater than 1024-len(\u2018/etc/config-tools/config_interfaces interface=X1 state=enabled subnet-mask=\u2018) in length. A subnetmask value of length 0x3d9 will cause the service to crash." } ] } diff --git a/2020/6xxx/CVE-2020-6796.json b/2020/6xxx/CVE-2020-6796.json index 704881974e8..41ec254bd53 100644 --- a/2020/6xxx/CVE-2020-6796.json +++ b/2020/6xxx/CVE-2020-6796.json @@ -63,6 +63,11 @@ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1610426", "refsource": "MISC", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1610426" + }, + { + "refsource": "UBUNTU", + "name": "USN-4278-2", + "url": "https://usn.ubuntu.com/4278-2/" } ] }, diff --git a/2020/6xxx/CVE-2020-6798.json b/2020/6xxx/CVE-2020-6798.json index a8a28e761ef..3610b1999a0 100644 --- a/2020/6xxx/CVE-2020-6798.json +++ b/2020/6xxx/CVE-2020-6798.json @@ -79,6 +79,11 @@ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1602944", "refsource": "MISC", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1602944" + }, + { + "refsource": "UBUNTU", + "name": "USN-4278-2", + "url": "https://usn.ubuntu.com/4278-2/" } ] }, diff --git a/2020/6xxx/CVE-2020-6800.json b/2020/6xxx/CVE-2020-6800.json index c54bf83a72a..1171ecbdb78 100644 --- a/2020/6xxx/CVE-2020-6800.json +++ b/2020/6xxx/CVE-2020-6800.json @@ -79,6 +79,11 @@ "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1595786%2C1596706%2C1598543%2C1604851%2C1608580%2C1608785%2C1605777", "refsource": "MISC", "name": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1595786%2C1596706%2C1598543%2C1604851%2C1608580%2C1608785%2C1605777" + }, + { + "refsource": "UBUNTU", + "name": "USN-4278-2", + "url": "https://usn.ubuntu.com/4278-2/" } ] }, diff --git a/2020/6xxx/CVE-2020-6801.json b/2020/6xxx/CVE-2020-6801.json index 2a03a04744f..bd5ee88c0f9 100644 --- a/2020/6xxx/CVE-2020-6801.json +++ b/2020/6xxx/CVE-2020-6801.json @@ -54,6 +54,11 @@ "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1601024%2C1601712%2C1604836%2C1606492", "refsource": "MISC", "name": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1601024%2C1601712%2C1604836%2C1606492" + }, + { + "refsource": "UBUNTU", + "name": "USN-4278-2", + "url": "https://usn.ubuntu.com/4278-2/" } ] },