Lucene search
K

69 matches found

RedHat Linux
RedHat Linux
added 2017/08/01 1:50 p.m.5 views

libtasn1: stack overflow in asn1_der_decoding

A stack-based buffer overflow was found in the way libtasn1 decoded certain DER encoded data. An attacker could use this flaw to crash an application using the libtasn1 library...

10CVSS7.7AI score0.07801EPSS
Exploits0References4
OSV
OSV
added 2016/05/16 5:46 p.m.3 views

USN-2978-2 linux-lts-wily vulnerabilities

USN-2978-1 fixed vulnerabilities in the Linux kernel for Ubuntu 15.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 15.10 for Ubuntu 14.04 LTS. David Matlack discovered that the Kernel-based Virtual Machine KVM implementation in the Linux...

7.8CVSS7AI score0.00397EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/05/11 12:0 a.m.28 views

Mandriva Linux Security Advisory : libtasn1 (MDVSA-2015:232)

Updated libtasn1 packages fix security vulnerability : A malformed certificate input could cause a heap overflow read in the DER decoding functions of Libtasn1. The heap overflow happens in the function asn1extractderoctet CVE-2015-3622. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

4.3CVSS6.5AI score0.33094EPSS
Exploits1References2
securityvulns
securityvulns
added 2015/05/10 12:0 a.m.66 views

[ MDVSA-2015:232 ] libtasn1

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:232 http://www.mandriva.com/en/support/security/ Package : libtasn1 Date : May 8, 2015 Affected: Business Server 1.0, Business Server 2.0 Problem Description: Updated libtasn1 packages fix security...

4.3CVSS6AI score0.33094EPSS
Exploits1
securityvulns
securityvulns
added 2015/05/10 12:0 a.m.46 views

libtasn1 buffer overflow

Heap buffer overflow on DER decoding...

4.3CVSS2.6AI score0.33094EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2015/05/06 5:44 p.m.11 views

MGASA-2015-0200 Updated libtasn1 packages fix CVE-2015-3622

Updated libtasn1 packages fix security vulnerability: A malformed certificate input could cause a heap overflow read in the DER decoding functions of Libtasn1. The heap overflow happens in the function asn1extractderoctet CVE-2015-3622...

4.3CVSS6.6AI score0.33094EPSS
Exploits1References4
Mageia
Mageia
added 2015/05/06 5:44 p.m.36 views

Updated libtasn1 packages fix CVE-2015-3622

Updated libtasn1 packages fix security vulnerability: A malformed certificate input could cause a heap overflow read in the DER decoding functions of Libtasn1. The heap overflow happens in the function asn1extractderoctet CVE-2015-3622...

4.3CVSS6.4AI score0.33094EPSS
Exploits1References3
CNVD
CNVD
added 2015/04/13 12:0 a.m.4 views

libtasn1 stack buffer overflow vulnerability

Libtasn1 is a C library from the GNU project for developing ASN.1 Abstract Syntax Notation One, a standard for describing the representation, encoding, transmission, and decoding of data structure management. A stack buffer overflow vulnerability exists in the asn1derdecoding function in versions...

10CVSS7.9AI score0.07801EPSS
Exploits0References1
OSV
OSV
added 2015/04/10 3:0 p.m.5 views

DEBIAN-CVE-2015-2806

Stack-based buffer overflow in asn1derdecoding in libtasn1 before 4.4 allows remote attackers to have unspecified impact via unknown vectors...

10CVSS7.8AI score0.07801EPSS
Exploits0References1
OSV
OSV
added 2015/04/01 12:0 a.m.8 views

UBUNTU-CVE-2015-2806

Stack-based buffer overflow in asn1derdecoding in libtasn1 before 4.4 allows remote attackers to have unspecified impact via unknown vectors...

10CVSS7.2AI score0.07801EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2015/03/26 12:0 a.m.44 views

Debian DLA-154-1 : nss security update (BEAST)

nss 3.12.8-1+squeeze11 fixes two security issues : CVE-2011-3389 SSL 3.0 and TLS 1.0 connections were vulnerable to some chosen plaintext attacks which allowed man-in-the middle attackers to obtain plaintext HTTP headers on an HTTPS session. This issue is known as the 'BEAST' attack. CVE-2014-156...

7.5CVSS7AI score0.73327EPSS
Exploits8References4
Tenable Nessus
Tenable Nessus
added 2014/12/04 12:0 a.m.31 views

FreeBSD : mozilla -- multiple vulnerabilities (7ae61870-9dd2-4884-a2f2-f19bb5784d09)

The Mozilla Project reports : ASN.1 DER decoding of lengths is too permissive, allowing undetected smuggling of arbitrary data MFSA-2014-90 Apple CoreGraphics framework on OS X 10.10 logging input data to /tmp directory MFSA-2014-89 Bad casting from the BasicThebesLayer to BasicContainerLayer...

7.5CVSS7.9AI score0.04052EPSS
Exploits4References20
Tenable Nessus
Tenable Nessus
added 2014/06/04 12:0 a.m.27 views

Oracle Linux 6 : libtasn1 (ELSA-2014-0596)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-0596 advisory. 2.3-6 - added check for null pointer 1102336 2.3-5 - fix various DER decoding issues 1102336 2.3-4 - fix CVE-2012-1569 - missing length check when...

7.5CVSS7AI score0.068EPSS
Exploits1References4
Oracle linux
Oracle linux
added 2014/06/03 12:0 a.m.53 views

libtasn1 security update

2.3-6 - added check for null pointer 1102336 2.3-5 - fix various DER decoding issues 1102336 2.3-4 - fix CVE-2012-1569 - missing length check when decoding DER lengths 804920...

7.5CVSS2.3AI score0.068EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2012/09/25 12:0 a.m.33 views

Libtasn1: Denial of service

Background Libtasn1 is a library used to parse ASN.1 Abstract Syntax Notation One objects, and perform DER Distinguished Encoding Rules decoding. Description Libtasn1 does not properly handle length fields when performing DER decoding. Impact A remote attacker could entice a user to open a...

5CVSS8.6AI score0.0446EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2012/04/30 5:7 p.m.5 views

libtasn1: DER decoding buffer overflow (GNUTLS-SA-2012-3, MU-201202-02)

The asn1getlengthder function in decoding.c in GNU Libtasn1 before 2.12, as used in GnuTLS before 3.0.16 and other products, does not properly handle certain large length values, which allows remote attackers to cause a denial of service heap memory corruption and application crash or possibly ha...

5CVSS7.3AI score0.0446EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2012/04/13 12:0 a.m.28 views

Fedora 15 : mingw-libtasn1-2.12-1.fc15 / mingw32-gnutls-2.10.5-2.fc15 (2012-4417)

This update fixes a a DER decoding buffer overflow in the MinGW cross compiled libtasn1 and gnutls packages. The mingw-gnutls build also switches to using the system libtasn1 library instead of its bundled copy. Note that Tenable Network Security has extracted the preceding description block...

5CVSS7.8AI score0.0446EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2012/04/02 12:0 a.m.30 views

Fedora 16 : mingw-libtasn1-2.12-1.fc16 / mingw32-gnutls-2.12.14-3.fc16 (2012-4409)

This update fixes a a DER decoding buffer overflow in the MinGW cross compiled libtasn1 and gnutls packages. The mingw-gnutls build also switches to using the system libtasn1 library instead of its bundled copy. Note that Tenable Network Security has extracted the preceding description block...

5CVSS7.8AI score0.0446EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2012/03/27 10:49 p.m.5 views

libtasn1: DER decoding buffer overflow (GNUTLS-SA-2012-3, MU-201202-02)

The asn1getlengthder function in decoding.c in GNU Libtasn1 before 2.12, as used in GnuTLS before 3.0.16 and other products, does not properly handle certain large length values, which allows remote attackers to cause a denial of service heap memory corruption and application crash or possibly ha...

5CVSS7.3AI score0.0446EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2012/03/27 10:48 p.m.4 views

libtasn1: DER decoding buffer overflow (GNUTLS-SA-2012-3, MU-201202-02)

The asn1getlengthder function in decoding.c in GNU Libtasn1 before 2.12, as used in GnuTLS before 3.0.16 and other products, does not properly handle certain large length values, which allows remote attackers to cause a denial of service heap memory corruption and application crash or possibly ha...

5CVSS7.3AI score0.0446EPSS
Exploits1References4
Rows per page
Query Builder