81 matches found
SUSE CVE-2017-9023
The ASN.1 parser in strongSwan before 5.5.3 improperly handles CHOICE types when the x509 plugin is enabled, which allows remote attackers to cause a denial of service infinite loop via a crafted certificate...
SUSE CVE-2018-1000654
GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13, libtasn1-4.12 contains a DoS, specifically CPU usage will reach 100% when running asn1Paser against the POC due to an issue in asn1expandobjectidptree, after a long time, the program will be killed. This attack appears to be exploitable via...
Debian DSA-4795-1 : krb5 - security update
Demi Obeneour discovered that unbounded recursion in the ASN1 parser of libkrb5 could result in denial of service. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4795. The text itself is copyright C Software...
[SECURITY] [DSA 4795-1] krb5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4795-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 21, 2020 https://www.debian.org/security/faq -...
ALPINE-CVE-2018-1000654
GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13, libtasn1-4.12 contains a DoS, specifically CPU usage will reach 100% when running asn1Paser against the POC due to an issue in asn1expandobjectidptree, after a long time, the program will be killed. This attack appears to be exploitable via...
DEBIAN-CVE-2018-1000654
GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13, libtasn1-4.12 contains a DoS, specifically CPU usage will reach 100% when running asn1Paser against the POC due to an issue in asn1expandobjectidptree, after a long time, the program will be killed. This attack appears to be exploitable via...
UBUNTU-CVE-2018-1000654
GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13, libtasn1-4.12 contains a DoS, specifically CPU usage will reach 100% when running asn1Paser against the POC due to an issue in asn1expandobjectidptree, after a long time, the program will be killed. This attack appears to be exploitable via...
ALPINE-CVE-2017-9023
The ASN.1 parser in strongSwan before 5.5.3 improperly handles CHOICE types when the x509 plugin is enabled, which allows remote attackers to cause a denial of service infinite loop via a crafted certificate...
DEBIAN-CVE-2017-9023
The ASN.1 parser in strongSwan before 5.5.3 improperly handles CHOICE types when the x509 plugin is enabled, which allows remote attackers to cause a denial of service infinite loop via a crafted certificate...
CVE-2017-9023
The ASN.1 parser in strongSwan before 5.5.3 improperly handles CHOICE types when the x509 plugin is enabled, which allows remote attackers to cause a denial of service infinite loop via a crafted certificate...
strongSwan ASN.1 Parser Denial of Service Vulnerability
strongSwan is an open source IPsec-based VPN solution for Linux platforms maintained by Andreas Steffen, a Swiss software developer. The solution includes authentication mechanisms such as X.509 public key certificates, secure storage of private keys, smart cards, etc. The ASN.1 parser is a tool...
SUSE SLED11 Security Update : compat-openssl097g (SUSE-SU-2016:0631-1) (DROWN)
This update for compat-openssl097g fixes the following issues : - CVE-2016-0800 aka the 'DROWN' attack bsc968046: OpenSSL was vulnerable to a cross-protocol attack that could lead to decryption of TLS sessions by using a server supporting SSLv2 and EXPORT cipher suites as a Bleichenbacher RSA...
SUSE SLED11 / SLES11 Security Update : openssl (SUSE-SU-2016:0624-1) (DROWN)
This update for openssl fixes various security issues and bugs : Security issues fixed : - CVE-2016-0800 aka the 'DROWN' attack bsc968046: OpenSSL was vulnerable to a cross-protocol attack that could lead to decryption of TLS sessions by using a server supporting SSLv2 and EXPORT cipher suites as...
Security update for openssl (important)
This update for openssl fixes various security issues: Security issues fixed: - CVE-2016-0800 aka the "DROWN" attack bsc968046: OpenSSL was vulnerable to a cross-protocol attack that could lead to decryption of TLS sessions by using a server supporting SSLv2 and EXPORT cipher suites as a...
Security update for openssl (important)
This update for openssl fixes the following issues: Security issues fixed: - CVE-2016-0800 aka the "DROWN" attack bsc968046: OpenSSL was vulnerable to a cross-protocol attack that could lead to decryption of TLS sessions by using a server supporting SSLv2 and EXPORT cipher suites as a...
nss: NSS parsing errors with zero length items
The ASN.1 decoder in the QuickDER decoder in Mozilla Network Security Services NSS before 3.13.4, as used in Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10, allows remote attackers to cause a...
CVE-2009-2185
The ASN.1 parser pluto/asn1.c, libstrongswan/asn1/asn1.c, libstrongswan/asn1/asn1parser.c in a strongSwan 2.8 before 2.8.10, 4.2 before 4.2.16, and 4.3 before 4.3.2; and b openSwan 2.6 before 2.6.22 and 2.4 before 2.4.15 allows remote attackers to cause a denial of service pluto IKE daemon crash...
Security fix for the ALT Linux 9 package openssl10 version 0.9.7g-alt5
Sept. 27, 2006 Dmitry V. Levin 0.9.7g-alt5 - Applied upstream fixes for DoS bugs in ASN1 parser CVE-2006-2937, CVE-2006-2940. - Applied fix for buffer overflow in SSLgetsharedciphers, discovery and patch from Tavis Ormandy and Will Drewry of the Google Security Team CVE-2006-3738. - Applied fix f...
Security fix for the ALT Linux 8 package openssl10 version 0.9.7g-alt5
Sept. 27, 2006 Dmitry V. Levin 0.9.7g-alt5 - Applied upstream fixes for DoS bugs in ASN1 parser CVE-2006-2937, CVE-2006-2940. - Applied fix for buffer overflow in SSLgetsharedciphers, discovery and patch from Tavis Ormandy and Will Drewry of the Google Security Team CVE-2006-3738. - Applied fix f...
Mandrake Linux Security Advisory : openssl (MDKSA-2002:046-1)
An audit of the OpenSSL code by A.L. Digital Ltd and The Bunker, under the DARPA program CHATS, discovered a number of vulnerabilities in the OpenSSL code that are all potentially remotely exploitable. From the OpenSSL advisory : 1. The client master key in SSL2 could be oversized and overrun a...