The vulnerability of the ASN.1 BER analyzer of the computer network traffic analysis tool Wireshark allows a hacker to cause a service failure.

The vulnerability of the ASN.1 BER analyzer in Wireshark for analyzing computer network traffic involves an operation that goes beyond the acceptable limits of the data buffer. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

perl-Convert-ASN1 Denial of Service Vulnerability

Perl is a general-purpose, interpreted, dynamic cross-platform programming language from the Perl community. A security vulnerability exists in perl-Convert-ASN1 0.27 and earlier versions, which stems from the program's unsafe decoding of user input. A remote attacker can exploit the vulnerabilit...

wolfSSL buffer overflow vulnerability (CNVD-2019-41425)

wolfSSL formerly known as CyaSSL is the United States wolfSSL company for embedded systems developers to use a small, portable embedded SSL programming library. A buffer overflow vulnerability exists in the DecodedCert structure of GetName in wolfcrypt/src/asn.c file in wolfSSL versions 4.1.0...

DEBIAN-CVE-2019-13619

In Wireshark 3.0.0 to 3.0.2, 2.6.0 to 2.6.9, and 2.4.0 to 2.4.15, the ASN.1 BER dissector and related dissectors could crash. This was addressed in epan/asn1.c by properly restricting buffer increments...

UBUNTU-CVE-2019-13619

In Wireshark 3.0.0 to 3.0.2, 2.6.0 to 2.6.9, and 2.4.0 to 2.4.15, the ASN.1 BER dissector and related dissectors could crash. This was addressed in epan/asn1.c by properly restricting buffer increments...

DEBIAN-CVE-2019-9209

In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the ASN.1 BER and related dissectors could crash. This was addressed in epan/dissectors/packet-ber.c by preventing a buffer overflow associated with excessive digits in time values...

UBUNTU-CVE-2019-9162

In the Linux kernel before 4.20.12, net/ipv4/netfilter/nfnatsnmpbasicmain.c in the SNMP NAT module has insufficient ASN.1 length checks aka an array index error, making out-of-bounds read and write operations possible, leading to an OOPS or local privilege escalation. This affects snmpversion and...

GHSA-QCJ7-G2J5-G7R3 In Bouncy Castle JCE Provider ECDSA does not fully validate ASN.1 encoding of signature on verification

In the Bouncy Castle JCE Provider version 1.55 and earlier ECDSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up the signature and still have it validate, which in some cases may allow the introduction of...

CVE-2018-11054

RSA BSAFE Micro Edition Suite, version 4.1.6, contains an integer overflow vulnerability. A remote attacker could use maliciously constructed ASN.1 data to potentially cause a Denial Of Service...

DEBIAN-CVE-2018-14343

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ASN.1 BER dissector could crash. This was addressed in epan/dissectors/packet-ber.c by ensuring that length values do not exceed the maximum signed integer...

DEBIAN-CVE-2016-1000342

In the Bouncy Castle JCE Provider version 1.55 and earlier ECDSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up the signature and still have it validate, which in some cases may allow the introduction of...

UBUNTU-CVE-2018-0739

Constructed ASN.1 types with a recursive definition such as can be found in PKCS7 could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so...

ASN1C 'asn1f_lookup_symbol_impl' function denial of service vulnerability

ASN1C is an open source ASN.1 Abstract Syntax Notation compiler that enables a variety of codecs such as BER, DER and PER. A security vulnerability exists in the 'asn1flookupsymbolimpl' function in the asn1fixretrieve.c file of libasn1fix.a in ASN1C version 0.9.28. A remote attacker can exploit...

GNU Libtasn1 '_asn1_check_identifier' Denial of Service Vulnerability

Libtasn1 is the ASN.1 library used by GnuTLS. A denial of service vulnerability exists in GNU Libtasn1 'asn1checkidentifier'. The vulnerability stems from the asn1checkidentifier function reading specially designed input, which can be exploited by an attacker to cause a remote denial of service...

UBUNTU-CVE-2017-10790

The asn1checkidentifier function in GNU Libtasn1 through 4.12 causes a NULL pointer dereference and crash when reading crafted input that triggers assignment of a NULL value within an asn1node structure. It may lead to a remote denial of service attack...

openssl: ASN.1 BIO handling of large amounts of data

A denial of service flaw was found in the way OpenSSL parsed certain ASN.1-encoded data from BIO OpenSSL's I/O abstraction inputs. An application using OpenSSL that accepts untrusted ASN.1 BIO input could be forced to allocate an excessive amount of data...

openssl: Memory corruption in the ASN.1 encoder

A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An attacker could use this flaw to create a specially crafted certificate which, when verified or re-encoded by OpenSSL, could cause it to crash, or execute arbitrary code using the permissions of the user running an...

openssl: ASN.1 BIO handling of large amounts of data

A denial of service flaw was found in the way OpenSSL parsed certain ASN.1-encoded data from BIO OpenSSL's I/O abstraction inputs. An application using OpenSSL that accepts untrusted ASN.1 BIO input could be forced to allocate an excessive amount of data...

openssl: Memory corruption in the ASN.1 encoder

A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An attacker could use this flaw to create a specially crafted certificate which, when verified or re-encoded by OpenSSL, could cause it to crash, or execute arbitrary code using the permissions of the user running an...

USN-2976-1 linux-lts-utopic vulnerability

Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local unprivileged attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privilege...