Moritz Muehlenhoff

**Nome do software vulnerável e versões afetadas** Versões do Jenkins anteriores à 1.447 Versões LTS do Jenkins anteriores à 1.424.2 Versões do Jenkins Enterprise by CloudBees 1.424.x anteriores à 1.424.2.1 Versões do Jenkins Enterprise by CloudBees 1.400.x anteriores à 1.400.0.11 **Descrição** A vulnerabilidade permite que invasores remotos causem uma carga considerável na CPU, também conhecida como “ataque Hash DoS”, explorando uma vulnerabilidade de ataque por colisão de hash. Isso pode levar a uma condição de negação de serviço. **Recomendações** Para versões do Jenkins anteriores à 1.447, atualize para a versão 1.447 ou posterior. Para versões LTS do Jenkins anteriores à 1.424.2, atualize para a versão 1.424.2 ou posterior. Para versões do Jenkins Enterprise by CloudBees 1.424.x anteriores à 1.424.2.1, atualize para a versão 1.424.2.1 ou posterior. Para versões do Jenkins Enterprise by CloudBees 1.400.x anteriores à 1.400.0.11, atualize para a versão 1.400.0.11 ou posterior.

**Name of the Vulnerable Software and Affected Versions** wolfSSL versions prior to 3.2.0 **Description** The issue is related to the improper authorization of CA certificates for signing other certificates. **Recommendations** For versions prior to 3.2.0, update to version 3.2.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** wolfSSL versions prior to 3.2.0 **Description** The issue arises from a server certificate that is not properly authorized for server authentication. **Recommendations** For versions prior to 3.2.0, update to version 3.2.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** gitolite versions prior to 1.4.1 **Description** The issue concerns the lack of filtering for specific directories in path names. **Recommendations** For versions prior to 1.4.1, update to version 1.4.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** libmad versions prior to 0.15.1b **Description** The issue is related to the mad decoder run() function in decoder.c, which allows remote attackers to cause a denial of service or possibly have other unspecified impacts via a crafted file. This could result in a SIGABRT due to double free or corruption. **Recommendations** For versions prior to 0.15.1b, consider disabling the mad decoder run() function as a temporary workaround until a patch is available. Restrict access to crafted files to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Cacti versions 0.8.7g and earlier, 0.8.8b and earlier **Description** The issue allows remote authenticated users to execute arbitrary commands via shell metacharacters in unspecified vectors. This is related to the lib/graph export.php file. **Recommendations** For Cacti versions 0.8.7g and earlier, 0.8.8b and earlier, update to a version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cacti versions 0.8.7g and earlier Cacti version 0.8.8b **Description** A cross-site request forgery issue allows remote attackers to hijack user authentication for unspecified commands. This can be demonstrated by requests that modify binary files, modify configurations, or add arbitrary users. **Recommendations** For Cacti versions 0.8.7g and earlier, update to a version later than 0.8.7g to resolve the issue. For Cacti version 0.8.8b, update to a version later than 0.8.8b to resolve the issue. As a temporary workaround, consider restricting access to sensitive functionalities to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Cacti versions 0.8.7g and earlier, 0.8.8b and earlier **Description** A cross-site scripting issue allows remote attackers to inject arbitrary web script or HTML. **Recommendations** For versions 0.8.7g and earlier, and 0.8.8b and earlier, update to a version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** VMware SpringSource Spring Framework versions prior to 2.5.6.SEC03 VMware SpringSource Spring Framework versions prior to 2.5.7.SR023 VMware SpringSource Spring Framework versions prior to 3.0.6 **Description** The issue allows remote attackers to obtain sensitive information via specific attributes in various tags when a container supports Expression Language (EL). This is due to the evaluation of EL expressions in tags twice. The affected attributes include `name` in `spring:hasBindErrors` tags, `path` in `spring:bind` or `spring:nestedpath` tags, and several attributes in `spring:message`, `spring:theme`, and `spring:transform` tags, such as `arguments`, `code`, `text`, `var`, `scope`, `message`, and `value`. **Recommendations** For versions prior to 2.5.6.SEC03, update to version 2.5.6.SEC03 or later. For versions prior to 2.5.7.SR023, update to version 2.5.7.SR023 or later. For versions prior to 3.0.6, update to version 3.0.6 or later. As a temporary workaround, consider restricting the use of Expression Language (EL) in tags until a patch is applied. Avoid using the vulnerable attributes in the affected tags to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Drupal versions prior to 7.16 **Description** The issue allows remote attackers to obtain sensitive information and possibly re-install Drupal and execute arbitrary PHP code via an external database server, related to transient conditions. **Recommendations** For versions prior to 7.16, update to version 7.16 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Drupal versions prior to 7.16 **Description** The issue allows remote OpenID servers to read arbitrary files via a crafted DOCTYPE declaration in an XRDS file. **Recommendations** For versions prior to 7.16, update to version 7.16 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Monkey HTTP Daemon version 0.9.3 **Description** The issue allows local users to overwrite arbitrary files via a symlink attack on a PID file. This can be achieved by using a pathname different from the default /var/run/monkey.pid pathname. **Recommendations** For Monkey HTTP Daemon version 0.9.3, consider restricting access to the PID file to prevent symlink attacks until a patch is available. As a temporary workaround, monitor the system for suspicious activity and adjust file permissions to minimize potential damage.

**Name of the Vulnerable Software and Affected Versions** Naxsi module versions prior to 0.46-1 for Nginx **Description** A directory traversal issue exists, allowing local users to read arbitrary files. **Recommendations** For Naxsi module versions prior to 0.46-1, update to version 0.46-1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** VLC media player versions prior to 2.0.2 **Description** The issue is related to a heap-based buffer overflow in the OGG demuxer, specifically in the Ogg DecodePacket function. This can be triggered by a crafted OGG file, potentially allowing remote attackers to cause the application to crash or possibly execute arbitrary code. **Recommendations** For versions prior to 2.0.2, update to version 2.0.2 or later to resolve the issue. As a temporary workaround, consider avoiding the use of the OGG demuxer until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** as31 versions 2.3.1 through 2.3.1-4 **Description** The issue makes it easier for local users to create or truncate files via a symlink attack because the random number generator is not seeded and generates predictable temporary file names. **Recommendations** For versions 2.3.1 through 2.3.1-4, consider implementing a proper random number generator seeding mechanism to prevent predictable temporary file name generation. As a temporary workaround, restrict access to sensitive files and directories to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MySQL Server versions 5.1.x through 5.5.x **Description** The issue affects confidentiality and availability. It can be exploited by remote authenticated users via unknown vectors. **Recommendations** For versions 5.1.x through 5.5.x, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** No information is available about the vulnerable software and its affected versions. **Description** General information about the issue is not provided. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MySQL Server versions 5.1.x through 5.5.x **Description** The issue affects confidentiality and integrity, allowing remote authenticated users to exploit it via unknown vectors. **Recommendations** For versions 5.1.x through 5.5.x, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** The product name cannot be determined. **Description** General information about the issue is not available. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** No information is available about the vulnerable software and its affected versions. **Description** The issue is related to a security problem, but specific details are not provided. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.