mirror of https://github.com/MISP/misp-galaxy
189 lines
11 KiB
JSON
189 lines
11 KiB
JSON
{
|
||
"authors": [
|
||
"Unknown"
|
||
],
|
||
"category": "vulnerability",
|
||
"description": "List of known vulnerabilities and attacks with a branding",
|
||
"name": "Branded Vulnerability",
|
||
"source": "Open Sources",
|
||
"type": "branded-vulnerability",
|
||
"uuid": "93715a12-f45b-11e7-bcf9-3767161e9ebd",
|
||
"values": [
|
||
{
|
||
"description": "Meltdown exploits the out-of-order execution feature of modern processors, allowing user-level programs to access kernel memory using processor caches as covert side channels. This is specific to the way out-of-order execution is implemented in the processors. This vulnerability has been assigned CVE-2017-5754.",
|
||
"meta": {
|
||
"aliases": [
|
||
"CVE-2017-5754"
|
||
],
|
||
"logo": [
|
||
"https://upload.wikimedia.org/wikipedia/commons/thumb/5/56/Meltdown_with_text.svg/300px-Meltdown_with_text.svg.png"
|
||
]
|
||
},
|
||
"uuid": "70bee5b7-0fa3-4a4d-98ee-d8ab787c6db1",
|
||
"value": "Meltdown"
|
||
},
|
||
{
|
||
"description": "Spectre exploits the speculative execution feature that is present in almost all processors in existence today. Two variants of Spectre are known and seem to depend on what is used to influence erroneous speculative execution. The first variant triggers speculative execution by performing a bounds check bypass and has been assigned CVE-2017-5753. The second variant uses branch target injection for the same effect and has been assigned CVE-2017-5715.",
|
||
"meta": {
|
||
"aliases": [
|
||
"CVE-2017-5753",
|
||
"CVE-2017-5715"
|
||
],
|
||
"logo": [
|
||
"https://en.wikipedia.org/wiki/File:Spectre_with_text.svg"
|
||
]
|
||
},
|
||
"uuid": "36168188-6d14-463a-9713-f88764a83329",
|
||
"value": "Spectre"
|
||
},
|
||
{
|
||
"description": "Heartbleed is a security bug in the OpenSSL cryptography library, which is a widely used implementation of the Transport Layer Security (TLS) protocol. It was introduced into the software in 2012 and publicly disclosed in April 2014. Heartbleed may be exploited regardless of whether the vulnerable OpenSSL instance is running as a TLS server or client. It results from improper input validation (due to a missing bounds check) in the implementation of the TLS heartbeat extension, thus the bug's name derives from heartbeat. The vulnerability is classified as a buffer over-read,[5] a situation where more data can be read than should be allowed.",
|
||
"meta": {
|
||
"aliases": [
|
||
"CVE-2014–0160"
|
||
],
|
||
"logo": [
|
||
"https://upload.wikimedia.org/wikipedia/commons/thumb/d/dc/Heartbleed.svg/440px-Heartbleed.svg.png"
|
||
]
|
||
},
|
||
"uuid": "d6d85947-e6ee-4d2e-bb48-437f31c7a270",
|
||
"value": "Heartbleed"
|
||
},
|
||
{
|
||
"description": "Shellshock, also known as Bashdoor, is a family of security bugs in the widely used Unix Bash shell, the first of which was disclosed on 24 September 2014. Many Internet-facing services, such as some web server deployments, use Bash to process certain requests, allowing an attacker to cause vulnerable versions of Bash to execute arbitrary commands. This can allow an attacker to gain unauthorized access to a computer system.",
|
||
"meta": {
|
||
"aliases": [
|
||
"CVE-2014–6271"
|
||
],
|
||
"logo": [
|
||
"https://upload.wikimedia.org/wikipedia/commons/thumb/4/44/Shellshock-bug.png/440px-Shellshock-bug.png",
|
||
"https://upload.wikimedia.org/wikipedia/commons/8/86/Shellshock.png",
|
||
"https://cdn-images-1.medium.com/max/1600/1*bopQcJtKouPOJ_isSzanLw.png"
|
||
]
|
||
},
|
||
"uuid": "2102db77-5a51-40c1-bfc1-38fb7dcb7f05",
|
||
"value": "Shellshock"
|
||
},
|
||
{
|
||
"description": "The GHOST vulnerability is a serious weakness in the Linux glibc library. It allows attackers to remotely take complete control of the victim system without having any prior knowledge of system credentials. CVE-2015-0235 has been assigned to this issue.\nDuring a code audit Qualys researchers discovered a buffer overflow in the __nss_hostname_digits_dots() function of glibc. This bug can be triggered both locally and remotely via all the gethostbyname*() functions. Applications have access to the DNS resolver primarily through the gethostbyname*() set of functions. These functions convert a hostname into an IP address.",
|
||
"meta": {
|
||
"aliases": [
|
||
"CVE-2015–0235"
|
||
],
|
||
"logo": [
|
||
"https://cdn-images-1.medium.com/max/1600/1*HnCEOo0RUT1fliJjRT02lA.png"
|
||
]
|
||
},
|
||
"uuid": "a1640081-aa8d-4070-84b2-d23e2ae82799",
|
||
"value": "Ghost"
|
||
},
|
||
{
|
||
"description": "Stagefright is the name given to a group of software bugs that affect versions 2.2 (\"Froyo\") and newer of the Android operating system. The name is taken from the affected library, which among other things, is used to unpack MMS messages. Exploitation of the bug allows an attacker to perform arbitrary operations on the victim's device through remote code execution and privilege escalation. Security researchers demonstrate the bugs with a proof of concept that sends specially crafted MMS messages to the victim device and in most cases requires no end-user actions upon message reception to succeed—the user doesn’t have to do anything to ‘accept’ the bug, it happens in the background. The phone number is the only target information.",
|
||
"meta": {
|
||
"aliases": [
|
||
"CVE-2015-1538",
|
||
"CVE-2015-1539",
|
||
"CVE-2015-3824",
|
||
"CVE-2015-3826",
|
||
"CVE-2015-3827",
|
||
"CVE-2015-3828",
|
||
"CVE-2015-3829",
|
||
"CVE-2015-3864"
|
||
],
|
||
"logo": [
|
||
"https://upload.wikimedia.org/wikipedia/en/f/f2/Stagefright_bug_logo.png",
|
||
"https://cdn-images-1.medium.com/max/1600/1*-Ivm3lZHNaOUwmklT4Rb1g.png"
|
||
]
|
||
},
|
||
"uuid": "352916e7-62bf-4b0c-bce7-da759d1a4f5f",
|
||
"value": "Stagefright"
|
||
},
|
||
{
|
||
"description": "Badlock is a security bug disclosed on April 12, 2016 affecting the Security Account Manager (SAM) and Local Security Authority (Domain Policy) (LSAD) remote protocols[1] supported by Windows and Samba servers.",
|
||
"meta": {
|
||
"logo": [
|
||
"https://upload.wikimedia.org/wikipedia/commons/thumb/4/4b/Badlock_logo.svg/440px-Badlock_logo.svg.png",
|
||
"https://cdn-images-1.medium.com/max/1600/1*EVbwwxEBOU83NKxgQrPG9w.png"
|
||
]
|
||
},
|
||
"uuid": "74f2bd2c-69f1-4d28-8d42-94b7ef89f31e",
|
||
"value": "Badlock"
|
||
},
|
||
{
|
||
"description": "Dirty COW (Dirty copy-on-write) is a computer security vulnerability for the Linux kernel that affects all Linux-based operating systems including Android. It is a local privilege escalation bug that exploits a race condition in the implementation of the copy-on-write mechanism in the kernel's memory-management subsystem. The vulnerability was discovered by Phil Oester. Because of the race condition, with the right timing, a local attacker can exploit the copy-on-write mechanism to turn a read-only mapping of a file into a writable mapping. Although it is a local privilege escalation, remote attackers can use it in conjunction with other exploits that allow remote execution of non-privileged code to achieve remote root access on a computer. The attack itself does not leave traces in the system log.",
|
||
"meta": {
|
||
"aliases": [
|
||
"CVE-2016-5195"
|
||
],
|
||
"logo": [
|
||
"https://upload.wikimedia.org/wikipedia/commons/thumb/1/1b/DirtyCow.svg/440px-DirtyCow.svg.png"
|
||
]
|
||
},
|
||
"uuid": "54196537-cb0c-425c-83d6-437d41b4cc65",
|
||
"value": "Dirty COW"
|
||
},
|
||
{
|
||
"description": "The POODLE attack (which stands for \"Padding Oracle On Downgraded Legacy Encryptio\") is a man-in-the-middle exploit which takes advantage of Internet and security software clients' fallback to SSL 3.0. If attackers successfully exploit this vulnerability, on average, they only need to make 256 SSL 3.0 requests to reveal one byte of encrypted messages. Bodo Möller, Thai Duong and Krzysztof Kotowicz from the Google Security Team discovered this vulnerability; they disclosed the vulnerability publicly on October 14, 2014 (despite the paper being dated \"September 2014\" ). Ivan Ristic does not consider the POODLE attack as serious as the Heartbleed and Shellshock attacks. On December 8, 2014 a variation of the POODLE vulnerability that affected TLS was announced.",
|
||
"meta": {
|
||
"aliases": [
|
||
"CVE-2014-3566"
|
||
]
|
||
},
|
||
"uuid": "22b9af72-48c9-4da1-b13d-15667dbdd998",
|
||
"value": "POODLE"
|
||
},
|
||
{
|
||
"description": "The ‘BadUSB’ vulnerability exploits unprotected firmware in order to deliver malicious code to computers and networks. This is achieved by reverse-engineering the device and reprogramming it. As the reprogrammed firmware is not monitored or assessed by modern security software, this attack method is extremely difficult for antivirus/security software to detect and prevent.",
|
||
"uuid": "bc3a3299-1443-4390-8b25-4bb280c1abd7",
|
||
"value": "BadUSB"
|
||
},
|
||
{
|
||
"meta": {
|
||
"aliases": [
|
||
"CVE-2016–3714"
|
||
],
|
||
"logo": [
|
||
"https://imagetragick.com/img/logo-medium.png"
|
||
]
|
||
},
|
||
"uuid": "e85e1270-eec5-4331-8004-a063125a54b4",
|
||
"value": "ImageTragick"
|
||
},
|
||
{
|
||
"description": "Blacknurse is a low bandwidth DDoS attack involving ICMP Type 3 Code 3 packets causing high CPU loads first discovered in November 2016. The earliest samples we have seen supporting this DDoS method are from September 2017.",
|
||
"meta": {
|
||
"logo": [
|
||
"http://blacknurse.dk/____impro/1/onewebmedia/blacknurse2.png?etag=W%2F%2214e7-5761287d%22&sourceContentType=image%2Fpng&ignoreAspectRatio&resize=200%2B200&extract=0%2B40%2B200%2B114"
|
||
]
|
||
},
|
||
"uuid": "3c2325e4-b740-11e8-9504-b32b4d974add",
|
||
"value": "Blacknurse"
|
||
},
|
||
{
|
||
"description": "SPOILER is a security vulnerability on modern computer central processing units that uses speculative execution to improve the efficiency of Rowhammer and other related memory and cache attacks. According to reports, all modern Intel CPUs are vulnerable to the attack. AMD has stated that its processors are not vulnerable.",
|
||
"meta": {
|
||
"refs": [
|
||
"https://arxiv.org/pdf/1903.00446v1.pdf",
|
||
"https://appleinsider.com/articles/19/03/05/new-spoiler-vulnerability-in-all-intel-core-processors-exposed-by-researchers",
|
||
"https://www.overclock3d.net/news/cpu_mainboard/spoiler_alert_-_intel_cpus_impacted_by_new_vulnerability/1",
|
||
"https://www.1e.com/news-insights/blogs/the-spoiler-vulnerability/",
|
||
"https://www.bleepingcomputer.com/news/security/amd-believes-spoiler-vulnerability-does-not-impact-its-processors/"
|
||
]
|
||
},
|
||
"uuid": "3434339f-ea87-472e-a330-62d2b5cf2c26",
|
||
"value": "SPOILER"
|
||
},
|
||
{
|
||
"description": "A ‘wormable’ critical Remote Code Execution (RCE) vulnerability in Remote Desktop Services that could soon become the new go-to vector for spreading malware",
|
||
"meta": {
|
||
"refs": [
|
||
"https://www.welivesecurity.com/2019/05/22/patch-now-bluekeep-vulnerability/"
|
||
]
|
||
},
|
||
"uuid": "4f993170-f264-4c39-8c7f-58f9f2b9d105",
|
||
"value": "BlueKeep"
|
||
}
|
||
],
|
||
"version": 4
|
||
}
|