pyasn1: pyasn1: Denial of Service due to memory exhaustion from malformed RELATIVE-OID

A flaw was found in pyasn1, a generic ASN.1 library for Python. A remote attacker could exploit this vulnerability by sending a specially crafted RELATIVE-OID with excessive continuation octets. This input validation vulnerability leads to memory exhaustion, resulting in a Denial of Service DoS f...

TencentOS Server 4: python-pyasn1 (TSSA-2026:0038)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0038 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

EUVD-2006-0652

Malware in sbrugna...

Kekeo - A Little Toolbox To Play With Microsoft Kerberos In C

kekeo is a little toolbox I have started to manipulate Microsoft Kerberos in C and for fun ASN.1 library In kekeo, I use an external commercial library to deal with Kerberos ASN.1 structures: OSS ASN.1/C http://www.oss.com/asn1/products/asn1-c/asn1-c.html It was the only code generator/library th...

libtasn1: Multiple vulnerabilities

Background libtasn1 is an ASN.1 library Description Multiple vulnerabilities have been discovered in libtasn1. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary code with the privileges of the process, or cause a Denial of...

Microsoft ASN.1 Library Bitstring Heap Overflow

No description provided by source. $Id: ms04007killbill.rb 9929 2010-07-25 21:37:54Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...

Fedora Update for libtasn1 FEDORA-2012-4357

Check for the Version of libtasn1 OpenVAS Vulnerability Test Fedora Update for libtasn1 FEDORA-2012-4357 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

[SECURITY] Fedora 15 Update: libtasn1-2.12-1.fc15

This is the ASN.1 library used in GNUTLS. More up to date information can be found at http://www.gnu.org/software/gnutls and http://www.gnutls.org...

Fedora Update for mingw-libtasn1 FEDORA-2012-4409

Check for the Version of mingw-libtasn1 OpenVAS Vulnerability Test Fedora Update for mingw-libtasn1 FEDORA-2012-4409 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify i...

Microsoft ASN.1 Library Bitstring Heap Overflow

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Microsoft...

Debian Security Advisory DSA 986-1 (gnutls11)

The remote host is missing an update to gnutls11 announced via advisory DSA 986-1. Evgeny Legerov discovered several out-of-bounds memory accesses in the DER decoding component component of the Tiny ASN.1 Library, which is also present and used in GnuTLS, the GNU implementation for Transport Laye...

Debian: Security Advisory (DSA-986-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 985-1 (libtasn1-2)

The remote host is missing an update to libtasn1-2 announced via advisory DSA 985-1. Evgeny Legerov discovered several out-of-bounds memory accesses in the DER decoding component component of the Tiny ASN.1 Library that allows attackers to crash the DER decoder and possibly execute arbitrary code...

[SECURITY] [DSA 986-1] New gnutls11 packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 986-1 [email protected] http://www.debian.org/security/ Martin Schulze March 6th, 2006 http://www.debian.org/security/faq -...

[SECURITY] [DSA 985-1] New libtasn1-2 packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 985-1 [email protected] http://www.debian.org/security/ Martin Schulze March 6th, 2006 http://www.debian.org/security/faq -...

CVE-2006-0645

Tiny ASN.1 Library libtasn1 before 0.2.18, as used by 1 GnuTLS 1.2.x before 1.2.10 and 1.3.x before 1.3.4, and 2 GNU Shishi, allows attackers to crash the DER decoder and possibly execute arbitrary code via "out-of-bounds access" caused by invalid input, as demonstrated by the ProtoVer SSL test...

CVE-2006-0645

Tiny ASN.1 Library libtasn1 before 0.2.18, as used by 1 GnuTLS 1.2.x before 1.2.10 and 1.3.x before 1.3.4, and 2 GNU Shishi, allows attackers to crash the DER decoder and possibly execute arbitrary code via "out-of-bounds access" caused by invalid input, as demonstrated by the ProtoVer SSL test...

CVE-2005-1935

Heap-based buffer overflow in the BERDecBitString function in Microsoft ASN.1 library MSASN1.DLL allows remote attackers to execute arbitrary code via nested constructed bit strings, which leads to a realloc of a non-null pointer and causes the function to overwrite previously freed memory, as...

CVE-2004-0123

Double free vulnerability in the ASN.1 library as used in Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service and possibly execute arbitrary code...

CVE-2004-0123

Double free vulnerability in the ASN.1 library as used in Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service and possibly execute arbitrary code...