Main Vulnerability Database SB2022041131

SB2022041131 - Multiple vulnerabilities in Dell EMC Integrated Data Protection Appliance

Published: April 11, 2022 Updated: August 3, 2022

Security Bulletin ID SB2022041131

Severity

High

Patch available

YES

Number of vulnerabilities 83

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 83 secuirty vulnerabilities.

1) Code injection (CVE-ID: CVE-2019-16255)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to improper input validation in lib/shell.rb in Ruby when processing Shell#[] and its alias Shell#test. A remote attacker can send a specially crafted request and execute arbitrary Ruby code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

2) SQL injection (CVE-ID: CVE-2018-20346)

The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data in the SQLite component. A remote attacker can send a specially specially crafted request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.

3) Buffer overflow (CVE-ID: CVE-2017-2518)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to buffer overflow when processing SQL queries. A remote attacker can send specially crafted SQL queries, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability may allow an attacker to gain complete control over affected system.

4) Heap-based buffer overflow (CVE-ID: CVE-2017-10989)

The vulnerability allows a local user to crash the application or gain access to sensitive data.

The vulnerability exists due to a boundary error in the getNodeSize() function in ext/rtree/rtree.c when handling undersized RTree blobs. A local user can supply a specially crafted database to the affected application, trigger heap-based out of bounds read and crash the application or gain access to sensitive data.

5) Resource management error (CVE-ID: CVE-2016-6153)

The vulnerability allows a local user to perform a denial of service (DoS) attack or gain access to sensitive information.

The vulnerability exists due to the application improperly implements the temporary directory search algorithm. A local user can make the application use the current working directory for storing temporary files and gain access to sensitive information or perform denial of service attack.

6) Input validation error (CVE-ID: CVE-2015-3415)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input passed via a specially crafted CHECK clause. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

7) Input validation error (CVE-ID: CVE-2015-3414)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input passed via a specially crafted COLLATE clause. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

8) Input validation error (CVE-ID: CVE-2020-10663)

The vulnerability allows a remote non-authenticated attacker to manipulate data.

The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent.

9) HTTP Response Splitting (CVE-ID: CVE-2019-16254)

The vulnerability allows a remote attacker to perform HTTP response splitting attack.

The vulnerability exists due to insufficient validation of CRLF sequences within the WEBrick in Ruby. A remote attacker can send a specially crafted request to the application and perform a spoofing attack.

10) Division by zero (CVE-ID: CVE-2019-16168)

The vulnerability allows a remote attacker to perform a denial of service attack.

The vulnerability exists due to a division by zero error within the whereLoopAddBtreeIndex in sqlite3.c due to improper input validation in the sqlite_stat1 sz field. A remote attacker can pass specially crafted data to the application, trigger division by zero error and crash the vulnerable application.

11) Input validation error (CVE-ID: CVE-2019-16201)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input within the WEBrick::HTTPAuth::DigestAuth in Ruby due to a regular expression issue. A remote attacker can send a specially crafted request to the application and perform a denial of service attack.

12) Input validation error (CVE-ID: CVE-2019-15845)

The vulnerability allows a remote attacker to bypass certain security restrictions.

The vulnerability exists in Ruby due to insufficient validation of user-supplied files within File.fnmatch and File.fnmatch? functions when processing NUL byte in the filename. A remote attacker can bypass implemented security restrictions and gain unauthorized access to the system.

13) Cross-site scripting (CVE-ID: CVE-2019-8325)

The vulnerability allows a remote attacker to perform XSS attacks.

The vulnerability exists due to improper input validation when processing alerts in the Gem::CommandManager#run. A remote attacker can inject and execute arbitrary HTML or JavaScript code.

14) Code Injection (CVE-ID: CVE-2019-8324)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to improper input validation when processing multiple line entries within gems in ensure_loadable_spec(). A remote attacker can send a specially crafted gem, inject malicious code into stub line of gemspec and execute it code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

15) Cross-site scripting (CVE-ID: CVE-2019-8323)

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data in Gem::GemcutterUtilities#with_response when displaying data in the API. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

16) Cross-site scripting (CVE-ID: CVE-2019-8322)

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data when displaying contents of the API response directly to stdout. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

17) Cross-site scripting (CVE-ID: CVE-2019-8321)

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data in Gem::UserInteraction#verbose. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

18) Path traversal (CVE-ID: CVE-2019-8320)

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences in gems. A remote attacker can trick the victim to load a specially crafted gem and delete arbitrary files on the system.

19) NULL pointer dereference (CVE-ID: CVE-2018-8740)

The vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.

The weakness exists in the build.c and prepare.c source codes files due to NULL pointer dereference. A remote attacker can cause the service to crash.

20) Input validation error (CVE-ID: CVE-2019-19244)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input when a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage in select.c . A remote attacker can crash the affected application using a specially crafted SQL query.

21) Cross-site scripting (CVE-ID: CVE-2018-1000078)

The vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The weakness exists due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

22) Memory leak (CVE-ID: CVE-2019-20218)

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due memory leak within the selectExpander() function in select.c in SQLite, caused by incorrect exception handling, related to stack unwinding. A remote attacker can trigger with ability to modify the WITH SQL query can gain access to potentially sensitive information.

23) NULL pointer dereference (CVE-ID: CVE-2020-9327)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations. A remote attacker can perform a denial of service (DoS) attack.

24) Out-of-bounds write (CVE-ID: CVE-2020-15358)

The vulnerability allows a local authenticated user to perform a denial of service (DoS) attack.

In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation.

25) NULL pointer dereference (CVE-ID: CVE-2020-13632)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in ext/fts3/fts3_snippet.c in SQLite. A local user can trigger denial of service conditions via a crafted matchinfo() query.

26) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2020-13631)

The vulnerability allows a local user to bypass certain security restrictions.

The vulnerability exists due an error in alter.c and build.c files in SQLite that allows a local user to rename a virtual table into a shadow table. A local user with permissions to create virtual tables can renamed them and gain unauthorized access to the fronted application.

27) Use-after-free (CVE-ID: CVE-2020-13630)

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error within the fts3EvalNextRow() function in ext/fts3/fts3.c. A remote attacker can pass specially crafted data to application, trigger a use-after-free error and execute arbitrary code on the target system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

28) Input validation error (CVE-ID: CVE-2020-13435)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in sqlite3ExprCodeTarget() function in expr.c. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

29) Integer overflow (CVE-ID: CVE-2020-13434)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to integer overflow within the sqlite3_str_vappendf() function in printf.c. A remote attacker can pass specially crafted data to the application, trigger integer overflow and crash the application.

30) Out-of-bounds read (CVE-ID: CVE-2019-8457)

The vulnerability allows a remote attacker to perform denial of service attack.

The vulnerability exists due to a boundary condition in rtreenode() function when handling invalid rtree tables. A remote attacker can send a specially crafted request to the application, trigger heap out-of-bounds read crash the application.

31) Resource management error (CVE-ID: CVE-2019-19959)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to an error when parsing INSERT INTO queries in situations involving embedded '' characters in filenames in ext/misc/zipfile.c in SQLite. A remote attacker can perform a denial of service attack.

32) Input validation error (CVE-ID: CVE-2019-19317)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input within the lookupName() function in resolve.c, which leads to omitting bits from the colUsed bitmask in the case of a generated column. A remote attacker can perform a denial of service attack.

33) Input validation error (CVE-ID: CVE-2019-19926)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input within the multiSelect() function in select.c when parsing certain error messages. A remote attacker can perform a denial of service attack.

34) Arbitrary file upload (CVE-ID: CVE-2019-19925)

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to zipfileUpdate in "ext/misc/zipfile.c" mishandles a NULL pathname during an update of a ZIP archive. A remote attacker can upload and execute arbitrary file on the server.

35) Resource management error (CVE-ID: CVE-2019-19924)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect error handling in the sqlite3WindowRewrite(), related to parser-tree rewriting in expr.c, vdbeaux.c, and window.c. A remote attacker can use a specially crafted query to perform a denial of service attack.

36) NULL pointer dereference (CVE-ID: CVE-2019-19923)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to flattenSubquery in "select.c" mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. A remote attacker can cause a NULL pointer dereference and perform a denial of service (DoS) attack.

37) Untrusted Pointer Dereference (CVE-ID: CVE-2019-19880)

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to invalid pointer dereference in exprListAppendList() function in window.c when processing constant integer values in ORDER BY clauses. A remote attacker with ability to interact with a query can execute arbitrary code on the target system.

38) Input validation error (CVE-ID: CVE-2019-19646)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of NOT NULL in an integrity_check PRAGMA command in pragma.c when generating certain columns. A remote attacker can perform a denial of service attack.

39) Infinite loop (CVE-ID: CVE-2019-19645)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop in alter.c that can be triggered via certain types of self-referential views in conjunction with ALTER TABLE statements. A remote attacker can consume all available system resources and cause denial of service conditions.

40) Input validation error (CVE-ID: CVE-2019-19603)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input when processing SELECT statements with a nonexistent VIEW. A remote attacker can perform a denial of service attack.

41) Path traversal (CVE-ID: CVE-2018-1000079)

The vulnerability allows a remote attacker to modify file locations on the target system.

The weakness exists due to the improper handling of pathnames when the affected software installs new components. A remote attacker can persuade the victim into install a malicious RubyGems gem and use directory traversal techniques to write to arbitrary file locations.

42) Improper input validation (CVE-ID: CVE-2018-1000077)

The vulnerability allows a remote unauthenticated attacker to write arbitrary files on the target system.

The weakness exists due to improper URL validation of the specification homepage attribute. A remote attacker can trick the victim into installing a malicious RubyGems gem and set an invalid homepage URL.

43) Out-of-bounds write (CVE-ID: CVE-2021-3517)

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing untrusted input in the xml entity encoding functionality. A remote attacker can create a specially crafted file, trick the victim into opening it using the affected software, trigger out-of-bounds write and execute arbitrary code on the target system.

44) Improper input validation (CVE-ID: CVE-2021-35565)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the JSSE component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.

45) Security restrictions bypass (CVE-ID: CVE-2017-0899)

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to unknown error. A remote attacker can escape ANSI.

46) Improper input validation (CVE-ID: CVE-2017-0898)

The vulnerability allows a remote attacker to cause DoS condition or obtain potentially sensitive information on the target system.

The weakness exists due to buffer underrun in the Kernel.sprintf() method. A remote attacker can provide a specially crafted format string value to cause the target interpreter to crash or potentially access data from the heap.

Successful exploitation of the vulnerability results in information disclosure or denial of service.

47) Security restrictions bypass (CVE-ID: CVE-2016-7798)

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to the openssl gem for Ruby uses the same initialization vector (IV) in GCM Mode (aes-*-gcm) when the IV is set before the key. A remote attacker can bypass the encryption protection mechanism and gain access to the system.

48) Command injection (CVE-ID: CVE-2015-9096)

The vulnerability allows a remote attacker to execute arbitrary commands on the target system.

The weakness exists due to improper validation of user supplied input in the Net::SMTP function. A remote attacker can use CRLF sequences in a RCPT TO or MAIL FROM command and execute arbitrary SMTP commands on the system.

49) Improper input validation (CVE-ID: CVE-2021-35588)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the Hotspot component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.

50) Improper input validation (CVE-ID: CVE-2021-35603)

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

51) Improper input validation (CVE-ID: CVE-2021-35578)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the JSSE component in Oracle GraalVM Enterprise Edition when processing TLS 1.3 ClientHello packets. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.

52) Improper input validation (CVE-ID: CVE-2021-35561)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the Utility component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.

53) Improper input validation (CVE-ID: CVE-2017-0901)

The vulnerability allows a remote attacker to overwrite arbitrary files on the target system.

The weakness exists due to insufficient validation of user-supplied input. A remote attacker can trick the victim into installing a specially crafted RubyGem and overwrite arbitrary files.

54) Improper input validation (CVE-ID: CVE-2021-35559)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the Swing component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.

55) Improper input validation (CVE-ID: CVE-2021-35556)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

56) Improper input validation (CVE-ID: CVE-2021-35564)

The vulnerability allows a remote non-authenticated attacker to manipulate data.

The vulnerability exists due to improper input validation within the Keytool component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to manipulate data.

57) Improper input validation (CVE-ID: CVE-2021-35586)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the ImageIO component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.

58) Improper input validation (CVE-ID: CVE-2021-3522)

The vulnerability allows a local non-authenticated attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the JavaFX (GStreamer) component in Java SE. A local non-authenticated attacker can exploit this vulnerability to perform a denial of service (DoS) attack.

59) Man-in-the-Middle (MitM) attack (CVE-ID: CVE-2021-35550)

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

The vulnerability exists due to the JSSE component in Oracle GraalVM Enterprise Edition offers cipher suites in the wrong way, which causes weaker cipher suites to be offered ahead of the strong ones. A remote non-authenticated attacker can exploit this vulnerability to gain access to sensitive information.

60) Improper input validation (CVE-ID: CVE-2021-35567)

The vulnerability allows a remote authenticated user to gain access to sensitive information.

The vulnerability exists due to improper input validation within the Libraries component in Oracle GraalVM Enterprise Edition. A remote authenticated user can exploit this vulnerability to gain access to sensitive information.

61) Improper input validation (CVE-ID: CVE-2021-35560)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

The vulnerability exists due to improper input validation within the Deployment component in Java SE. A remote non-authenticated attacker can exploit this vulnerability to execute arbitrary code.

62) Denial of service (CVE-ID: CVE-2017-0900)

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to insufficient validation of user-supplied input. A local attacker can supply a specially crafted 'query' command and cause the service to crash.

Successful exploitation of the vulnerability results in denial of service.

63) Session hijacking (CVE-ID: CVE-2017-0902)

The vulnerability allows a remote attacker to hijack the target user's session.

The weakness exists due to improper access control. A remote attacker can hijack DNS sessions.

64) Improper verification of cryptographic signature (CVE-ID: CVE-2018-1000076)

The vulnerability allows a remote attacker to write arbitrary files on the target system.

The weakness exists in package.rb due to improper verification of cryptographic signature. A remote attacker can install mis-signed gem, as the tarball would contain multiple gem signatures.

65) Resource exhaustion (CVE-ID: CVE-2018-8777)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists a large request in WEBrick. A remote attacker can send a large HTTP request with a crafted header to WEBrick server or a crafted body to WEBrick server/handler and cause the service to crash.

66) Infinite loop (CVE-ID: CVE-2018-1000075)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in ruby gem package tar header due to infinite loop. A remote attacker can cause the service to crash.

67) Desereliazation of untrusted data (CVE-ID: CVE-2018-1000074)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists in owner command due to desereliazation of untrusted data. A remote attacker can execute arbitrary code.

Successful exploitation of the vulnerability may result in system compromise.

68) Path traversal (CVE-ID: CVE-2018-1000073)

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists in the install_location function of package.rb due to path traversal when writing to a symlinked basedir outside of the root. A remote attacker can gain access to potentially sensitive information.

69) Security restrictions bypass (CVE-ID: CVE-2018-16396)

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to the tainted flags are not propagated with the B, b, H, and h directives. A remote attacker can supply inputs by Array#pack and/or String#unpack with these directives and checks the reliability with tainted flags and cause the check to be wrong to bypass security restrictions and conduct further attacks.

70) Security restrictions bypass (CVE-ID: CVE-2018-16395)

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists in OpenSSL::X509::Name due to the equality check is not correct if the value of an entity of the argument (right-hand side) starts with the value of the receiver (left-hand side). A remote attacker can supply malicious X.509 certificate to be passed and bypass security restrictions to conduct further attacks.

71) Path traversal (CVE-ID: CVE-2018-8780)

The vulnerability allows a remote attacker to obtain potentially sensitive information and write arbitrary files on the target system.

The weakness exists in the Dir.open, Dir.new, Dir.entries and Dir.empty? methods due to improper checking of NULL characters. A remote attacker can trigger the unintentional directory traversal.

72) Poison null byte (CVE-ID: CVE-2018-8779)

The vulnerability allows a remote attacker to write arbitrary files on the target system.

The weakness exists in the UNIXServer.open and UNIXSocket.open methods due to improper checking of null characters. A remote attacker can accept the socket file in the unintentional path.

73) Buffer under-read (CVE-ID: CVE-2018-8778)

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists in the String#unpack method due to buffer under-read. A remote attacker can gain access to potentially sensitive information.

74) Path traversal (CVE-ID: CVE-2018-6914)

The vulnerability allows a remote attacker to write arbitrary files on the target system.

The weakness exists in the Dir.mktmpdir method in the tmpdir library due to path traversal. A remote attacker can create a directory or a file at any directory in the prefix argument.

75) Deserialization of untrusted data (CVE-ID: CVE-2017-0903)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to YAML deserialization of gem specifications. A remote attacker can inject an instance of specially crafted serialized objects, gain elevated privileges and execute arbitrary Ruby code on RubyGems.org.

Successful exploitation of the vulnerability may result in system compromise.

76) Command injection (CVE-ID: CVE-2017-17790)

The vulnerability allows a remote attacker to execute arbitrary command on the target system.

The weakness exists in the lazy_initialize function due to command injection. A remote attacker can send a specially crafted request, inject and execute arbitrary commands.

77) HTTP response splitting (CVE-ID: CVE-2017-17742)

The vulnerability allows a remote attacker to perform HTTP response splitting attack.

The weakness exists due to improper handling of HTTP requests. If a script accepts an external input and outputs it without modification as a part of HTTP responses, a remote attacker can use newline characters to trick the victim that the HTTP response header is stopped at there and inject fake HTTP responses after the newline characters to show malicious contents to the victim.

78) Command injection (CVE-ID: CVE-2017-17405)

The vulnerability allows a remote attacker to execute arbitrary commands on the target system.

The weakness exists due to flaws in the Net::FTP. A remote attacker can inject and execute arbitrary commands with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

79) Information disclosure (CVE-ID: CVE-2017-14064)

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists due to an issue with using strdup in ext/json/ext/generator/generator.c during a JSON generate call. A remote attacker can send a specially crafted request, stop strdup after encountering a '' byte, returning a pointer to a string of length zero, which is not the length stored in space_len and expose arbitrary memory.

Successful exploitation of the vulnerability results in information disclosure.

80) Improper input validation (CVE-ID: CVE-2017-14033)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to buffer underrun. A remote attacker can provide a specially crafted string to the OpenSSL::ASN1 decode function to cause the target interpreter to crash.

Successful exploitation of the vulnerability results in denial of service.

81) Information disclosure (CVE-ID: CVE-2017-10784)

The vulnerability allows a remote attacker to cause DoS condition or obtain potentially sensitive information on the target system.

The weakness exists due to escape sequence injection vulnerability in the Basic authentication of WEBrick. A remote attacker can supply a specially crafted user name value to the WEBrick Basic authentication function, inject escape sequence into the log file and view log contents.

Successful exploitation of the vulnerability results in information disclosure or denial of service.

82) Null pointer dereference (CVE-ID: CVE-2017-9229)

The vulnerability allows a remote attacker to cause DoS condition.

The weakness exists in the mbstring due to an error in handling of reg->dmin in forward_search_range(). A remote attacker can trigger SIGSEGV in left_adjust_char_head() during regular expression compilation, cause NULL pointer dereference and the application to crash.

Successful exploitation of the vulnerability results in denial of service.

83) Heap-out-of-bounds write (CVE-ID: CVE-2017-9228)

The vulnerability allows a remote attacker to execute arbitrary code.

The weakness exists in the mbstring due to heap out-of-bounds write in bitset_set_range() during regular expression compilation due to incorrect state transition in parse_char_class(). A remote attacker can trigger out-of-bounds write memory corruption and execute arbitrary code with web server privileges.

Successful exploitation of the vulnerability may result in system compromise.

Remediation

Install update from vendor's website.

References

https://www.dell.com/support/kbdoc/fr-fr/printview/000198300/10/en

SB2022041131 - Multiple vulnerabilities in Dell EMC Integrated Data Protection Appliance

Breakdown by Severity

Description

Remediation

References

Please verify you're human