CVE-2020-14937

Memory access out of buffer boundaries issues was discovered in Contiki-NG 4.4 through 4.5, in the SNMP BER encoder/decoder. The length of provided input/output buffers is insufficiently verified during the encoding and decoding of data. This may lead to out-of-bounds buffer read or write access ...

Cisco Adaptive Security Appliance Software Lightweight Directory Access Protocol Denial of Service Vulnerability (cisco-sa-20190501-asa-ftds-ldapdos)

According to its self-reported version, the Cisco ASA device is affected by a vulnerability in the implementation of the Lightweight Directory Access Protocol LDAP feature in Cisco Adaptive Security Appliance ASA Software and Firepower Threat Defense FTD Software could allow an unauthenticated,...

DEBIAN-CVE-2019-13619

In Wireshark 3.0.0 to 3.0.2, 2.6.0 to 2.6.9, and 2.4.0 to 2.4.15, the ASN.1 BER dissector and related dissectors could crash. This was addressed in epan/asn1.c by properly restricting buffer increments...

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Lightweight Directory Access Protocol Denial of Service Vulnerability

A vulnerability in the implementation of the Lightweight Directory Access Protocol LDAP feature in Cisco Adaptive Security Appliance ASA Software and Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial ...

The vulnerability of the ASN.1 BER dissector component of the Wireshark network traffic analyzer tool, which is related to the execution of operations beyond the memory limit, allows attackers to cause a service failure.

The vulnerability of the ASN.1 BER component epan/dissectors/packet-ber.c, a dissector for analyzing computer network traffic in Wireshark, is related to the execution of operations beyond the memory limits. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

CVE-2019-1598

Multiple vulnerabilities in the implementation of the Lightweight Directory Access Protocol LDAP feature in Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The...

DEBIAN-CVE-2019-9209

In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the ASN.1 BER and related dissectors could crash. This was addressed in epan/dissectors/packet-ber.c by preventing a buffer overflow associated with excessive digits in time values...

UBUNTU-CVE-2016-4579

Libksba before 1.3.4 allows remote attackers to cause a denial of service out-of-bounds read and crash via unspecified vectors, related to the "returned length of the object from ksbaberparsetl."...

Wireshark ASN.1 BER parser denial of service vulnerability (CNVD-2016-02775)

Wireshark formerly known as Ethereal is a suite of network packet analysis software developed by the Wireshark team. A denial of service vulnerability exists in the epan/dissectors/packet-ber.c file in the ASN.1 BER parser in Wireshark versions 1.12.x prior to 1.12.10, and versions 2.x prior to...

Libksba Integer Overflow Vulnerability

Libksba is a library that simplifies work tasks for X.509 certificates, CMS data and related objects in the GnuPG project developed by the GNU Project. An integer overflow vulnerability exists in the BER decoder src/ber-decoder.c file in Libksba. An attacker could use this vulnerability to cause ...

UBUNTU-CVE-2016-4353

ber-decoder.c in Libksba before 1.3.3 does not properly handle decoder stack overflows, which allows remote attackers to cause a denial of service abort via crafted BER data...

DEBIAN-CVE-2016-2522

The dissectberconstrainedbitstring function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 2.0.x before 2.0.2 does not verify that a certain length is nonzero, which allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafte...

CentOS Update for openldap CESA-2015:1840 centos6

Check the version of openldap SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882292";...

DEBIAN-CVE-2015-6908

The bergetnext function in libraries/liblber/io.c in OpenLDAP 2.4.42 and earlier allows remote attackers to cause a denial of service reachable assertion and application crash via crafted BER data, as demonstrated by an attack against slapd...

IPSwitch IMAIL LDAP Overflow - Ver2 (CVE-2004-0297)

The LDAP protocol elements are encoded for exchange using ASN.1 Basic Encoding Rules BER. Buffer overflow vulnerabilities exist in the LDAP component of IPSwitch's IMail server. The vulnerable LDAP daemon does not properly validate the content of an LDAP message. The vulnerability allows both DoS...

DEBIAN-CVE-2013-3557

The dissectberchoice function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.6.x before 1.6.15 and 1.8.x before 1.8.7 does not properly initialize a certain variable, which allows remote attackers to cause a denial of service application crash via a malformed packet...

OpenLDAP denial-of-service flaw in ASN.1 decoder

liblber/io.c in OpenLDAP 2.2.4 to 2.4.10 allows remote attackers to cause a denial of service program termination via crafted ASN.1 BER datagrams that trigger an assertion error...

PT-2007-1167 · Sun · Sun One Directory Server +1

Name of the Vulnerable Software and Affected Versions: Sun Java System Directory Server versions 5.2 Patch4 and earlier ONE Directory Server versions 5.1 and 5.2 Description: The issue allows remote attackers to cause a denial of service, resulting in a crash, by sending malformed queries to the...

security flaw

The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote attackers to cause a denial of service infinite loop via unknown vectors...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS. The asn1bufskiptail function in the ASN.1 decoder library for MIT Kerberos 5 krb5 1.2.2 through 1.3.4 allows remote attackers to cause a denial of service infinite loop via a certain BER encoding. Remediation Ther...