exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

CVE-2018-1084

Status Candidate

Overview

corosync before version 2.4.4 is vulnerable to an integer overflow in exec/totemcrypto.c.

Related Files

Gentoo Linux Security Advisory 202107-01
Posted Jul 5, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202107-1 - A vulnerability in corosync could lead to a Denial of Service condition. Versions less than 3.0.4 are affected.

tags | advisory, denial of service
systems | linux, gentoo
advisories | CVE-2018-1084
SHA-256 | a14e8e1b886d9131762ec3acbeb6481d14ab3b42c70eacd94d9de50be6e83aa8
Ubuntu Security Notice USN-3999-1
Posted May 30, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3999-1 - Eyal Ronen, Kenneth G. Paterson, and Adi Shamir discovered that GnuTLS was vulnerable to a timing side-channel attack known as the "Lucky Thirteen" issue. A remote attacker could possibly use this issue to perform plaintext-recovery attacks via analysis of timing data. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Tavis Ormandy discovered that GnuTLS incorrectly handled memory when verifying certain X.509 certificates. A remote attacker could use this issue to cause GnuTLS to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 18.10, and Ubuntu 19.04. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-10844, CVE-2018-10845, CVE-2018-10846, CVE-2019-3829, CVE-2019-3836
SHA-256 | b8834a0c4a4415f7835754310e5da31860dabee4b26c193e7e1297853870b1e3
Ubuntu Security Notice USN-4000-1
Posted May 30, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4000-1 - It was discovered that Corosync incorrectly handled certain requests. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-1084
SHA-256 | ce5d4a0577521ada333b48609c10e67b091710bd990d956eb5d017d136689042
Gentoo Linux Security Advisory 201904-06
Posted Apr 2, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201904-6 - Multiple vulnerabilities have been found in GlusterFS, the worst of which could result in the execution of arbitrary code. Versions less than 4.1.8 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2018-10841, CVE-2018-1088, CVE-2018-10904, CVE-2018-10907, CVE-2018-10911, CVE-2018-10913, CVE-2018-10914, CVE-2018-10923, CVE-2018-10924, CVE-2018-10926, CVE-2018-10927, CVE-2018-10928, CVE-2018-10929, CVE-2018-10930, CVE-2018-14651, CVE-2018-14652, CVE-2018-14653, CVE-2018-14654, CVE-2018-14659, CVE-2018-14660, CVE-2018-14661
SHA-256 | 043fd8e80fc0cf57260f877078d16e4c53b33b4af150e6f0c8c6dc52016164d4
Red Hat Security Advisory 2019-0162-01
Posted Jan 30, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0162-01 - The kernel-alt packages provide the Linux kernel version 4.x. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow, kernel
systems | linux, redhat
advisories | CVE-2018-10840
SHA-256 | f409c98c717375dafb0f5899dab9be5df0498199876c46e4fdb25e0e29b210f6
Red Hat Security Advisory 2018-3505-01
Posted Nov 6, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3505-01 - Red Hat Ansible Tower 3.3.1 is now available and contains a large amount of security fixes.

tags | advisory
systems | linux, redhat
advisories | CVE-2015-9262, CVE-2016-9396, CVE-2017-1000050, CVE-2017-18267, CVE-2017-3735, CVE-2018-0495, CVE-2018-0732, CVE-2018-0737, CVE-2018-0739, CVE-2018-1000805, CVE-2018-1060, CVE-2018-1061, CVE-2018-10733, CVE-2018-10767, CVE-2018-10768, CVE-2018-10844, CVE-2018-10845, CVE-2018-10846, CVE-2018-12384, CVE-2018-12910, CVE-2018-13988, CVE-2018-14679, CVE-2018-14680, CVE-2018-14681, CVE-2018-14682, CVE-2018-16837, CVE-2018-17456
SHA-256 | 5a18fce8ca273b8a62b85b1a2bf4e5b4df4fb5583a3543625bcc53528045ab49
Red Hat Security Advisory 2018-3050-01
Posted Oct 30, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3050-01 - The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Issues addressed include Lucky Thirteen and other attack mitigations.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2018-10844, CVE-2018-10845, CVE-2018-10846
SHA-256 | 38ca5d2776946623c9c54dd29ef704c3ba47f955d8683b28145b1cc9b2ae8fe7
Ubuntu Security Notice USN-3752-3
Posted Aug 29, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3752-3 - It was discovered that, when attempting to handle an out-of-memory situation, a null pointer dereference could be triggered in the Linux kernel in some circumstances. A local attacker could use this to cause a denial of service. Wen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly validate meta-data information. An attacker could use this to construct a malicious xfs image that, when mounted, could cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-1000200, CVE-2018-1000204, CVE-2018-10323, CVE-2018-10840, CVE-2018-10881, CVE-2018-1093, CVE-2018-1108, CVE-2018-1120, CVE-2018-11412, CVE-2018-11506, CVE-2018-12232, CVE-2018-12233, CVE-2018-12904, CVE-2018-13094, CVE-2018-13405, CVE-2018-13406, CVE-2018-5814, CVE-2018-9415
SHA-256 | df405822058b07d43330a4315ada3e76a4b71ec3918d891cc128c577470eaa65
Ubuntu Security Notice USN-3752-2
Posted Aug 24, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3752-2 - USN-3752-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. It was discovered that, when attempting to handle an out-of-memory situation, a null pointer dereference could be triggered in the Linux kernel in some circumstances. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-1000200, CVE-2018-1000204, CVE-2018-10323, CVE-2018-10840, CVE-2018-10881, CVE-2018-1093, CVE-2018-1108, CVE-2018-1120, CVE-2018-11412, CVE-2018-11506, CVE-2018-12232, CVE-2018-12233, CVE-2018-12904, CVE-2018-13094, CVE-2018-13405, CVE-2018-13406, CVE-2018-5814, CVE-2018-9415
SHA-256 | f7a708d43dc8fc39287ba0870edf14e6d0ec3a7b3c72bc9ee988c9562a349836
Ubuntu Security Notice USN-3752-1
Posted Aug 24, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3752-1 - It was discovered that, when attempting to handle an out-of-memory situation, a null pointer dereference could be triggered in the Linux kernel in some circumstances. A local attacker could use this to cause a denial of service. Wen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly validate meta-data information. An attacker could use this to construct a malicious xfs image that, when mounted, could cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-1000200, CVE-2018-1000204, CVE-2018-10323, CVE-2018-10840, CVE-2018-10881, CVE-2018-1093, CVE-2018-1108, CVE-2018-1120, CVE-2018-11412, CVE-2018-11506, CVE-2018-12232, CVE-2018-12233, CVE-2018-12904, CVE-2018-13094, CVE-2018-13405, CVE-2018-13406, CVE-2018-5814, CVE-2018-9415
SHA-256 | c7a9f122697774982780879f9c8d3a59d9eae1e54b93440f77d25f92ab601153
Red Hat Security Advisory 2018-2013-01
Posted Jun 27, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2013-01 - Red Hat OpenShift Container Platform is the company's cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.9.31. Issues addressed include code execution and authentication vulnerabilities.

tags | advisory, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2018-1070, CVE-2018-10843, CVE-2018-1085
SHA-256 | e3a729420ecf3281988f13758b4df2a08b4cd0bb3c48d942625c3729e4cf6685
Red Hat Security Advisory 2018-1954-01
Posted Jun 20, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1954-01 - GlusterFS is a key building block of Red Hat Gluster Storage. It is based on a stackable user-space design and can deliver exceptional performance for diverse workloads. GlusterFS aggregates various storage servers over network interconnections into one large, parallel network file system. Issues addressed include an access control issue.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-10841
SHA-256 | 4694bbb79e047c677cb14f89d98aa40b564882a3fdf2304df93962e0c63a1a02
Red Hat Security Advisory 2018-1955-01
Posted Jun 20, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1955-01 - GlusterFS is a key building block of Red Hat Gluster Storage. It is based on a stackable user-space design and can deliver exceptional performance for diverse workloads. GlusterFS aggregates various storage servers over network interconnections into one large, parallel network file system. Issues addressed include an access control issue.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-10841
SHA-256 | 8a91a5ccbd82515976a205855cf865c2508e8d7bd565b5a5f1b8d1629d3c8ad8
Debian Security Advisory 4216-1
Posted Jun 4, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4216-1 - It was discovered that Prosody, a lightweight Jabber/XMPP server, does not properly validate client-provided parameters during XMPP stream restarts, allowing authenticated users to override the realm associated with their session, potentially bypassing security policies and allowing impersonation.

tags | advisory
systems | linux, debian
advisories | CVE-2018-10847
SHA-256 | 6ebe74514cecc45122f83798c8a0329e45fbad548453ab8c093f7accdf9e8a94
Red Hat Security Advisory 2018-1169-01
Posted Apr 18, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1169-01 - The corosync packages provide the Corosync Cluster Engine and C APIs for Red Hat Enterprise Linux cluster software. Issues addressed include an integer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2018-1084
SHA-256 | 37cfb6db2ef4e754394d72aa3d03c6166c43b83485aebde28467f5de466a95f5
Debian Security Advisory 4174-1
Posted Apr 17, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4174-1 - The Citrix Security Response Team discovered that corosync, a cluster engine implementation, allowed an unauthenticated user to cause a denial-of-service by application crash.

tags | advisory
systems | linux, debian
advisories | CVE-2018-1084
SHA-256 | 2d66da5953c9e3a545591ddd44c22cb1652e57578de13924d31ac4617fbcf47f
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close