CVE-2024-29450

27 May 2024, 01:15

Type	Values Removed	Values Added
Summary	(es) Se ha descubierto un problema en los componentes de permiso y control de acceso dentro de ROS2 Humble Hawksbill, en ROS_VERSION 2 y ROS_PYTHON_VERSION 3, que permite a los atacantes ejecutar código arbitrario, provocar una denegación de servicio (DoS), escalar privilegios y obtener información confidencial a través de la autenticación. sistema, incluidos protocolos, procesos y controles manipulados para verificar las identidades de los usuarios o dispositivos que intentan acceder al sistema ROS2.
Summary	(en) An issue has been discovered in the permission and access control components within ROS2 Humble Hawksbill, in ROS_VERSION 2 and ROS_PYTHON_VERSION 3, allows attackers to execute arbitrary code, cause a denial of service (DoS), escalate privileges, and obtain sensitive information via the authentication system, including protocols, processes, and checks designed to verify the identities of users or devices attempting to access the ROS2 system. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability.	(en) Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that there was not reasonable evidence to determine the existence of a vulnerability.
References	{'url': 'http://www.openwall.com/lists/oss-security/2024/04/23/2', 'source': 'cve@mitre.org'} {'url': 'http://www.openwall.com/lists/oss-security/2024/04/23/3', 'source': 'cve@mitre.org'} {'url': 'http://www.openwall.com/lists/oss-security/2024/04/23/4', 'source': 'cve@mitre.org'} {'url': 'http://www.openwall.com/lists/oss-security/2024/04/23/5', 'source': 'cve@mitre.org'} {'url': 'https://github.com/yashpatelphd/CVE-2024-29450', 'source': 'cve@mitre.org'}

---

01 May 2024, 19:15

Type	Values Removed	Values Added
References		() http://www.openwall.com/lists/oss-security/2024/04/23/5 -

---

01 May 2024, 18:15

Type	Values Removed	Values Added
References		() http://www.openwall.com/lists/oss-security/2024/04/23/3 -

---

01 May 2024, 17:15

Type	Values Removed	Values Added
References		() http://www.openwall.com/lists/oss-security/2024/04/23/2 - () http://www.openwall.com/lists/oss-security/2024/04/23/4 -

---

17 Apr 2024, 01:15

Type	Values Removed	Values Added
Summary	(en) An issue has been discovered in the permission and access control components within ROS2 Humble Hawksbill, in ROS_VERSION 2 and ROS_PYTHON_VERSION 3, allows attackers to execute arbitrary code, cause a denial of service (DoS), escalate privileges, and obtain sensitive information via the authentication system, including protocols, processes, and checks designed to verify the identities of users or devices attempting to access the ROS2 system.	(en) An issue has been discovered in the permission and access control components within ROS2 Humble Hawksbill, in ROS_VERSION 2 and ROS_PYTHON_VERSION 3, allows attackers to execute arbitrary code, cause a denial of service (DoS), escalate privileges, and obtain sensitive information via the authentication system, including protocols, processes, and checks designed to verify the identities of users or devices attempting to access the ROS2 system. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability.

---

11 Apr 2024, 04:15

Type	Values Removed	Values Added
New CVE

---