63 matches found
EUVD-2016-7715
Malware in sbrugna...
EUVD-2017-2972
Malware in sbrugna...
EUVD-2017-15989
Malware in sbrugna...
EUVD-2017-18269
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2022-45145
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - egg-compile.scm in CHICKEN 5.x before 5.3.1 allows arbitrary OS command execution during package installation via escape characters in a .egg file. CVE-2022-451...
Linux Distros Unpatched Vulnerability : CVE-2016-6830
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The process-execute and process-spawn procedures in CHICKEN Scheme used fixed-size buffers for holding the arguments and environment variables to use in its...
Linux Distros Unpatched Vulnerability : CVE-2017-9334
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An incorrect pair? check in the Scheme length procedure results in an unsafe pointer dereference in all CHICKEN Scheme versions prior to 4.13, which allows an...
Linux Distros Unpatched Vulnerability : CVE-2017-6949
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in CHICKEN Scheme through 4.12.0. When using a nonstandard CHICKEN-specific extension to allocate an SRFI-4 vector in unmanaged memory,...
Linux Distros Unpatched Vulnerability : CVE-2017-11343
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Due to an incomplete fix for CVE-2012-6125, all versions of CHICKEN Scheme up to and including 4.12.0 are vulnerable to an algorithmic complexity attack. An...
SUSE CVE-2015-4556
The string-translate procedure in the data-structures unit in CHICKEN before 4.10.0 allows remote attackers to cause a denial of service crash...
DEBIAN-CVE-2012-6124
A casting error in Chicken before 4.8.0 on 64-bit platform caused the random number generator to return a constant value. NOTE: the vendor states "This function wasn't used for security purposes and is advertised as being unsuitable."...
UBUNTU-CVE-2013-2075
Multiple buffer overflows in the 1 R5RS char-ready, 2 tcp-accept-ready, and 3 file-select procedures in Chicken through 4.8.0.3 allows attackers to cause a denial of service crash by opening a file descriptor with a large integer value. NOTE: this issue exists because of an incomplete fix for...
CVE-2017-11343
Due to an incomplete fix for CVE-2012-6125, all versions of CHICKEN Scheme up to and including 4.12.0 are vulnerable to an algorithmic complexity attack. An attacker can provide crafted input which, when inserted into the symbol table, will result in On lookup time...
CVE-2017-11343
Due to an incomplete fix for CVE-2012-6125, all versions of CHICKEN Scheme up to and including 4.12.0 are vulnerable to an algorithmic complexity attack. An attacker can provide crafted input which, when inserted into the symbol table, will result in On lookup time...
DEBIAN-CVE-2017-11343
Due to an incomplete fix for CVE-2012-6125, all versions of CHICKEN Scheme up to and including 4.12.0 are vulnerable to an algorithmic complexity attack. An attacker can provide crafted input which, when inserted into the symbol table, will result in On lookup time...
CVE-2017-11343
Due to an incomplete fix for CVE-2012-6125, all versions of CHICKEN Scheme up to and including 4.12.0 are vulnerable to an algorithmic complexity attack. An attacker can provide crafted input which, when inserted into the symbol table, will result in On lookup time...
UBUNTU-CVE-2017-11343
Due to an incomplete fix for CVE-2012-6125, all versions of CHICKEN Scheme up to and including 4.12.0 are vulnerable to an algorithmic complexity attack. An attacker can provide crafted input which, when inserted into the symbol table, will result in On lookup time...
Input validation
Due to an incomplete fix for CVE-2012-6125, all versions of CHICKEN Scheme up to and including 4.12.0 are vulnerable to an algorithmic complexity attack. An attacker can provide crafted input which, when inserted into the symbol table, will result in On lookup time...
CHICKEN Algorithm Complexity Vulnerability
CHICKEN Scheme is a compiler and interpreter based on the Scheme language , it can compile Scheme code into standard C code , and supports extensions . A security vulnerability exists in CHICKEN Scheme 4.12.0 and earlier versions. An attacker can exploit the vulnerability to perform an algorithmi...
CVE-2017-11343
CHICKEN Scheme versions up to 4.12.0 are vulnerable to an algorithmic complexity attack due to an incomplete fix for CVE-2012-6125. The issue arises from crafted input causing O(n) symbol-table lookups. The Fedora advisory FEDORA-2017-76ce091a43 provides a fix for CVE-2017-11343 (referenced in th...