Security Vulnerabilities - CVEs Published In March 2018
Sinatra rack-protection versions 1.5.4 and 2.0.0.rc3 and earlier contains a timing attack vulnerability in the CSRF token checking that can result in signatures can be exposed. This attack appear to be exploitable via network connectivity to the ruby application. This vulnerability appears to have been fixed in 1.5.5 and 2.0.0.
CVSS Score
5.9
EPSS Score
0.004
Published
2018-03-07
An out-of-bounds memory read flaw was found in the way 389-ds-base handled certain LDAP search filters, affecting all versions including 1.4.x. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service.
CVSS Score
7.5
EPSS Score
0.096
Published
2018-03-07
Eramba e1.0.6.033 has Reflected XSS in the Date Filter via the created parameter to the /crons URI.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-03-07
The __munlock_pagevec function in mm/mlock.c in the Linux kernel before 4.11.4 allows local users to cause a denial of service (NR_MLOCK accounting corruption) via crafted use of mlockall and munlockall system calls.
CVSS Score
5.5
EPSS Score
0.001
Published
2018-03-07
A cross-site request forgery (CSRF) vulnerability exists in Western Bridge Cobub Razor 0.7.2 via /index.php?/user/createNewUser/, resulting in account creation.
CVSS Score
8.8
EPSS Score
0.003
Published
2018-03-07
Cross Site Scripting (XSS) exists in MetInfo 6.0.0 via /feedback/index.php because app/system/feedback/web/feedback.class.php mishandles input data.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-03-07
The resv_map_release function in mm/hugetlb.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (BUG) via a crafted application that makes mmap system calls and has a large pgoff argument to the remap_file_pages system call.
CVSS Score
5.5
EPSS Score
0.001
Published
2018-03-07
In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command (within Bash) by a different user, as demonstrated by logging in as root and entering umount followed by a tab character for autocompletion.
CVSS Score
7.8
EPSS Score
0.001
Published
2018-03-07
antsle antman before 0.9.1a allows remote attackers to bypass authentication via invalid characters in the username and password parameters, as demonstrated by a username=>&password=%0a string to the /login URI. This allows obtaining root permissions within the web management console, because the login process uses Java's ProcessBuilder class and a bash script called antsle-auth with insufficient input validation.
CVSS Score
9.8
EPSS Score
0.089
Published
2018-03-07
Chrome OS before 53.0.2785.144 allows remote attackers to execute arbitrary commands at boot.
CVSS Score
9.8
EPSS Score
0.032
Published
2018-03-07