pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
vuln-list-alt/oval/p9/ALT-PU-2020-1636/definitions.json
pepelyaevip 0707cb759b ALT Vulnerability
2024-04-16 14:26:14 +00:00

636 lines
32 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20201636",
"Version": "oval:org.altlinux.errata:def:20201636",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2020-1636: package `rdesktop` update to version 1.9.0-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p9"
],
"Products": [
"ALT Server",
"ALT Virtualization Server",
"ALT Workstation",
"ALT Workstation K",
"ALT Education",
"Simply Linux",
"Starterkit"
]
}
],
"References": [
{
"RefID": "ALT-PU-2020-1636",
"RefURL": "https://errata.altlinux.org/ALT-PU-2020-1636",
"Source": "ALTPU"
},
{
"RefID": "BDU:2019-00848",
"RefURL": "https://bdu.fstec.ru/vul/2019-00848",
"Source": "BDU"
},
{
"RefID": "BDU:2019-00849",
"RefURL": "https://bdu.fstec.ru/vul/2019-00849",
"Source": "BDU"
},
{
"RefID": "BDU:2019-00850",
"RefURL": "https://bdu.fstec.ru/vul/2019-00850",
"Source": "BDU"
},
{
"RefID": "BDU:2019-00851",
"RefURL": "https://bdu.fstec.ru/vul/2019-00851",
"Source": "BDU"
},
{
"RefID": "BDU:2019-00852",
"RefURL": "https://bdu.fstec.ru/vul/2019-00852",
"Source": "BDU"
},
{
"RefID": "BDU:2019-00853",
"RefURL": "https://bdu.fstec.ru/vul/2019-00853",
"Source": "BDU"
},
{
"RefID": "BDU:2019-00854",
"RefURL": "https://bdu.fstec.ru/vul/2019-00854",
"Source": "BDU"
},
{
"RefID": "BDU:2019-00855",
"RefURL": "https://bdu.fstec.ru/vul/2019-00855",
"Source": "BDU"
},
{
"RefID": "BDU:2019-00856",
"RefURL": "https://bdu.fstec.ru/vul/2019-00856",
"Source": "BDU"
},
{
"RefID": "BDU:2019-00857",
"RefURL": "https://bdu.fstec.ru/vul/2019-00857",
"Source": "BDU"
},
{
"RefID": "BDU:2019-01579",
"RefURL": "https://bdu.fstec.ru/vul/2019-01579",
"Source": "BDU"
},
{
"RefID": "BDU:2019-01580",
"RefURL": "https://bdu.fstec.ru/vul/2019-01580",
"Source": "BDU"
},
{
"RefID": "BDU:2019-01581",
"RefURL": "https://bdu.fstec.ru/vul/2019-01581",
"Source": "BDU"
},
{
"RefID": "BDU:2019-01582",
"RefURL": "https://bdu.fstec.ru/vul/2019-01582",
"Source": "BDU"
},
{
"RefID": "BDU:2019-01583",
"RefURL": "https://bdu.fstec.ru/vul/2019-01583",
"Source": "BDU"
},
{
"RefID": "BDU:2019-01584",
"RefURL": "https://bdu.fstec.ru/vul/2019-01584",
"Source": "BDU"
},
{
"RefID": "BDU:2019-01585",
"RefURL": "https://bdu.fstec.ru/vul/2019-01585",
"Source": "BDU"
},
{
"RefID": "BDU:2019-01586",
"RefURL": "https://bdu.fstec.ru/vul/2019-01586",
"Source": "BDU"
},
{
"RefID": "BDU:2019-01587",
"RefURL": "https://bdu.fstec.ru/vul/2019-01587",
"Source": "BDU"
},
{
"RefID": "CVE-2018-20174",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-20174",
"Source": "CVE"
},
{
"RefID": "CVE-2018-20175",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-20175",
"Source": "CVE"
},
{
"RefID": "CVE-2018-20176",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-20176",
"Source": "CVE"
},
{
"RefID": "CVE-2018-20177",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-20177",
"Source": "CVE"
},
{
"RefID": "CVE-2018-20178",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-20178",
"Source": "CVE"
},
{
"RefID": "CVE-2018-20179",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-20179",
"Source": "CVE"
},
{
"RefID": "CVE-2018-20180",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-20180",
"Source": "CVE"
},
{
"RefID": "CVE-2018-20181",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-20181",
"Source": "CVE"
},
{
"RefID": "CVE-2018-20182",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-20182",
"Source": "CVE"
},
{
"RefID": "CVE-2018-8791",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-8791",
"Source": "CVE"
},
{
"RefID": "CVE-2018-8792",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-8792",
"Source": "CVE"
},
{
"RefID": "CVE-2018-8793",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-8793",
"Source": "CVE"
},
{
"RefID": "CVE-2018-8794",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-8794",
"Source": "CVE"
},
{
"RefID": "CVE-2018-8795",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-8795",
"Source": "CVE"
},
{
"RefID": "CVE-2018-8796",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-8796",
"Source": "CVE"
},
{
"RefID": "CVE-2018-8797",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-8797",
"Source": "CVE"
},
{
"RefID": "CVE-2018-8798",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-8798",
"Source": "CVE"
},
{
"RefID": "CVE-2018-8799",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-8799",
"Source": "CVE"
},
{
"RefID": "CVE-2018-8800",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-8800",
"Source": "CVE"
}
],
"Description": "This update upgrades rdesktop to version 1.9.0-alt1. \nSecurity Fix(es):\n\n * BDU:2019-00848: Уязвимость реализации функции «cssp_read_tsrequest» RDP-клиента rdesktop, связанная с чтением за пределами границы памяти, позволяющая нарушителю вызывать отказ в обслуживании\n\n * BDU:2019-00849: Уязвимость реализации функции «rdpdr_process» RDP-клиента rdesktop, связанная с чтением за пределами границы памяти, позволяющая нарушителю вызывать отказ в обслуживании\n\n * BDU:2019-00850: Уязвимость реализации функции «cssp_read_tsrequest» RDP-клиента rdesktop, связанная с переполнением буфера в памяти, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2019-00851: Уязвимость реализации функции «process_bitmap_updates» RDP-клиента rdesktop, связанная с целочисленным переполнением, которое приводит к записи за пределы функции, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2019-00852: Уязвимость реализации функции process_bitmap_updates() RDP-клиента rdesktop, связанная с целочисленным переполнением, которое приводит к переполнению кучи, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2019-00853: Уязвимость реализации функции process_bitmap_updates() RDP-клиента rdesktop, связанная с чтением за пределами границы памяти, позволяющая нарушителю вызывать отказ в обслуживании\n\n * BDU:2019-00854: Уязвимость реализации функции «process_plane» RDP-клиента rdesktop, связанная с переполнением буфера, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2019-00855: Уязвимость реализации функции «rdpsnd_process_ping» RDP-клиента rdesktop, связанная с чтением за пределами границы памяти, позволяющая нарушителю вызывать отказ в обслуживании\n\n * BDU:2019-00856: Уязвимость реализации функции «process_secondary_order» RDP-клиента rdesktop, связанная с чтением за пределами границы памяти, позволяющая нарушителю вызывать отказ в обслуживании\n\n * BDU:2019-00857: Уязвимость реализации функции «ui_clip_handle_data» RDP-клиента rdesktop, связанная с переполнением буфера, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2019-01579: Уязвимость функции ui_clip_handle_data RDP-клиента rdesktop, связанная с чтением за пределами границы буфера, позволяющая нарушителю получить доступ к конфиденциальным данным\n\n * BDU:2019-01580: Уязвимость файла RDP-клиента rdesktop, связанная с чтением за пределами границы буфера, позволяющая нарушителю вызывать отказ в обслуживании\n\n * BDU:2019-01581: Уязвимость RDP-клиента rdesktop, связанная с чтением за пределами границы буфера, позволяющая нарушителю вызывать отказ в обслуживании\n\n * BDU:2019-01582: Уязвимость функции rdp_in_unistr RDP-клиента rdesktop, связанная с целочисленным переполнением, приводящим к переполнению буфера на основе кучи, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2019-01583: Уязвимость функции process_demand_active RDP-клиента rdesktop, связанная с чтением за пределами границы буфера, позволяющая нарушителю вызывать отказ в обслуживании\n\n * BDU:2019-01584: Уязвимость функции lspci_process RDP-клиента rdesktop, связанная с целочисленным переполнением, приводящим к переполнению буфера на основе кучи, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2019-01585: Уязвимость функции rdpsnddbg_process RDP-клиента rdesktop, связанная с целочисленным переполнением, приводящим к переполнению буфера на основе кучи, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2019-01586: Уязвимость функции seamless_process RDP-клиента rdesktop, связанная с целочисленным переполнением, приводящим к переполнению буфера на основе кучи, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2019-01587: Уязвимость функции seamless_process_line RDP-клиента rdesktop, связанная с переполнение буфера, позволяющая нарушителю выполнить произвольный код\n\n * CVE-2018-20174: rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in the function ui_clip_handle_data() that results in an information leak.\n\n * CVE-2018-20175: rdesktop versions up to and including v1.8.3 contains several Integer Signedness errors that lead to Out-Of-Bounds Reads in the file mcs.c and result in a Denial of Service (segfault).\n\n * CVE-2018-20176: rdesktop versions up to and including v1.8.3 contain several Out-Of- Bounds Reads in the file secure.c that result in a Denial of Service (segfault).\n\n * CVE-2018-20177: rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in the function rdp_in_unistr() and results in memory corruption and possibly even a remote code execution.\n\n * CVE-2018-20178: rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in the function process_demand_active() that results in a Denial of Service (segfault).\n\n * CVE-2018-20179: rdesktop versions up to and including v1.8.3 contain an Integer Underflow that leads to a Heap-Based Buffer Overflow in the function lspci_process() and results in memory corruption and probably even a remote code execution.\n\n * CVE-2018-20180: rdesktop versions up to and including v1.8.3 contain an Integer Underflow that leads to a Heap-Based Buffer Overflow in the function rdpsnddbg_process() and results in memory corruption and probably even a remote code execution.\n\n * CVE-2018-20181: rdesktop versions up to and including v1.8.3 contain an Integer Underflow that leads to a Heap-Based Buffer Overflow in the function seamless_process() and results in memory corruption and probably even a remote code execution.\n\n * CVE-2018-20182: rdesktop versions up to and including v1.8.3 contain a Buffer Overflow over the global variables in the function seamless_process_line() that results in memory corruption and probably even a remote code execution.\n\n * CVE-2018-8791: rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function rdpdr_process() that results in an information leak.\n\n * CVE-2018-8792: rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function cssp_read_tsrequest() that results in a Denial of Service (segfault).\n\n * CVE-2018-8793: rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function cssp_read_tsrequest() that results in a memory corruption and probably even a remote code execution.\n\n * CVE-2018-8794: rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to an Out-Of-Bounds Write in function process_bitmap_updates() and results in a memory corruption and possibly even a remote code execution.\n\n * CVE-2018-8795: rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in function process_bitmap_updates() and results in a memory corruption and probably even a remote code execution.\n\n * CVE-2018-8796: rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function process_bitmap_updates() that results in a Denial of Service (segfault).\n\n * CVE-2018-8797: rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function process_plane() that results in a memory corruption and probably even a remote code execution.\n\n * CVE-2018-8798: rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function rdpsnd_process_ping() that results in an information leak.\n\n * CVE-2018-8799: rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function process_secondary_order() that results in a Denial of Service (segfault).\n\n * CVE-2018-8800: rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function ui_clip_handle_data() that results in a memory corruption and probably even a remote code execution.\n\n * #36068: [CVE] надо собрать 1.8.4",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Critical",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2020-03-27"
},
"Updated": {
"Date": "2020-03-27"
},
"BDUs": [
{
"ID": "BDU:2019-00848",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-125",
"Href": "https://bdu.fstec.ru/vul/2019-00848",
"Impact": "High",
"Public": "20190205"
},
{
"ID": "BDU:2019-00849",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"CWE": "CWE-125",
"Href": "https://bdu.fstec.ru/vul/2019-00849",
"Impact": "High",
"Public": "20190205"
},
{
"ID": "BDU:2019-00850",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2019-00850",
"Impact": "Critical",
"Public": "20190205"
},
{
"ID": "BDU:2019-00851",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-190",
"Href": "https://bdu.fstec.ru/vul/2019-00851",
"Impact": "Critical",
"Public": "20190205"
},
{
"ID": "BDU:2019-00852",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-190",
"Href": "https://bdu.fstec.ru/vul/2019-00852",
"Impact": "Critical",
"Public": "20190205"
},
{
"ID": "BDU:2019-00853",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-125",
"Href": "https://bdu.fstec.ru/vul/2019-00853",
"Impact": "High",
"Public": "20190205"
},
{
"ID": "BDU:2019-00854",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2019-00854",
"Impact": "Critical",
"Public": "20190205"
},
{
"ID": "BDU:2019-00855",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"CWE": "CWE-125",
"Href": "https://bdu.fstec.ru/vul/2019-00855",
"Impact": "High",
"Public": "20190205"
},
{
"ID": "BDU:2019-00856",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-125",
"Href": "https://bdu.fstec.ru/vul/2019-00856",
"Impact": "High",
"Public": "20190205"
},
{
"ID": "BDU:2019-00857",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2019-00857",
"Impact": "Critical",
"Public": "20190205"
},
{
"ID": "BDU:2019-01579",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"CVSS3": "AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-125",
"Href": "https://bdu.fstec.ru/vul/2019-01579",
"Impact": "Low",
"Public": "20190116"
},
{
"ID": "BDU:2019-01580",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-125",
"Href": "https://bdu.fstec.ru/vul/2019-01580",
"Impact": "High",
"Public": "20190116"
},
{
"ID": "BDU:2019-01581",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-125",
"Href": "https://bdu.fstec.ru/vul/2019-01581",
"Impact": "High",
"Public": "20190116"
},
{
"ID": "BDU:2019-01582",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-190",
"Href": "https://bdu.fstec.ru/vul/2019-01582",
"Impact": "Critical",
"Public": "20190116"
},
{
"ID": "BDU:2019-01583",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-125",
"Href": "https://bdu.fstec.ru/vul/2019-01583",
"Impact": "High",
"Public": "20190116"
},
{
"ID": "BDU:2019-01584",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-191",
"Href": "https://bdu.fstec.ru/vul/2019-01584",
"Impact": "Critical",
"Public": "20190116"
},
{
"ID": "BDU:2019-01585",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-191",
"Href": "https://bdu.fstec.ru/vul/2019-01585",
"Impact": "Critical",
"Public": "20190116"
},
{
"ID": "BDU:2019-01586",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-191",
"Href": "https://bdu.fstec.ru/vul/2019-01586",
"Impact": "Critical",
"Public": "20190116"
},
{
"ID": "BDU:2019-01587",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2019-01587",
"Impact": "Critical",
"Public": "20190116"
}
],
"CVEs": [
{
"ID": "CVE-2018-20174",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"CWE": "CWE-125",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-20174",
"Impact": "High",
"Public": "20190315"
},
{
"ID": "CVE-2018-20175",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-125",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-20175",
"Impact": "High",
"Public": "20190315"
},
{
"ID": "CVE-2018-20176",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-125",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-20176",
"Impact": "High",
"Public": "20190315"
},
{
"ID": "CVE-2018-20177",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-20177",
"Impact": "Critical",
"Public": "20190315"
},
{
"ID": "CVE-2018-20178",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-125",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-20178",
"Impact": "High",
"Public": "20190315"
},
{
"ID": "CVE-2018-20179",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-191",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-20179",
"Impact": "Critical",
"Public": "20190315"
},
{
"ID": "CVE-2018-20180",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-191",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-20180",
"Impact": "Critical",
"Public": "20190315"
},
{
"ID": "CVE-2018-20181",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-20181",
"Impact": "Critical",
"Public": "20190315"
},
{
"ID": "CVE-2018-20182",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-20182",
"Impact": "Critical",
"Public": "20190315"
},
{
"ID": "CVE-2018-8791",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"CWE": "CWE-125",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-8791",
"Impact": "High",
"Public": "20190205"
},
{
"ID": "CVE-2018-8792",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-125",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-8792",
"Impact": "High",
"Public": "20190205"
},
{
"ID": "CVE-2018-8793",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-8793",
"Impact": "Critical",
"Public": "20190205"
},
{
"ID": "CVE-2018-8794",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-8794",
"Impact": "Critical",
"Public": "20190205"
},
{
"ID": "CVE-2018-8795",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-8795",
"Impact": "Critical",
"Public": "20190205"
},
{
"ID": "CVE-2018-8796",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-125",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-8796",
"Impact": "High",
"Public": "20190205"
},
{
"ID": "CVE-2018-8797",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-8797",
"Impact": "Critical",
"Public": "20190205"
},
{
"ID": "CVE-2018-8798",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"CWE": "CWE-125",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-8798",
"Impact": "High",
"Public": "20190205"
},
{
"ID": "CVE-2018-8799",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-125",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-8799",
"Impact": "High",
"Public": "20190205"
},
{
"ID": "CVE-2018-8800",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-8800",
"Impact": "Critical",
"Public": "20190205"
}
],
"Bugzilla": [
{
"ID": "36068",
"Href": "https://bugzilla.altlinux.org/36068",
"Data": "[CVE] надо собрать 1.8.4"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:kworkstation:9",
"cpe:/o:alt:workstation:9",
"cpe:/o:alt:server:9",
"cpe:/o:alt:server-v:9",
"cpe:/o:alt:education:9",
"cpe:/o:alt:slinux:9",
"cpe:/o:alt:starterkit:p9",
"cpe:/o:alt:kworkstation:9.1",
"cpe:/o:alt:workstation:9.1",
"cpe:/o:alt:server:9.1",
"cpe:/o:alt:server-v:9.1",
"cpe:/o:alt:education:9.1",
"cpe:/o:alt:slinux:9.1",
"cpe:/o:alt:starterkit:9.1",
"cpe:/o:alt:kworkstation:9.2",
"cpe:/o:alt:workstation:9.2",
"cpe:/o:alt:server:9.2",
"cpe:/o:alt:server-v:9.2",
"cpe:/o:alt:education:9.2",
"cpe:/o:alt:slinux:9.2",
"cpe:/o:alt:starterkit:9.2"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:1001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20201636001",
"Comment": "rdesktop is earlier than 0:1.9.0-alt1"
}
]
}
]
}
}
]
}
Reference in New Issue View Git Blame Copy Permalink