MiracleLinux 7 : libtasn1-4.10-1.el7 (AXSA:2017-1751:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-1751:01 advisory. Libtasn1 is a library that provides Abstract Syntax Notation One ASN.1, as specified by the X.680 ITU-T recommendation parsing and structures...

Linux Distros Unpatched Vulnerability : CVE-2015-3622

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The asn1extractderoctet function in lib/decoding.c in GNU Libtasn1 before 4.5 allows remote attackers to cause a denial of service out-of-bounds heap read via a...

RHEL 6 : libtasn1 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libtasn1: stack overflow in asn1derdecoding CVE-2015-2806 - libtasn1: Stack-based buffer overflow in...

Mageia: Security Advisory (MGASA-2015-0200)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:1600-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:1601-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2015:1518-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libtasn1 (EulerOS-SA-2017-1172)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libtasn1 (EulerOS-SA-2017-1171)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Vulnerabilities in libtasn1 affect PowerKVM

Summary PowerKVM is affected by vulnerabilities in libtasn1 library. IBM has now addressed these vulnerabilities. Vulnerability Details CVEID: CVE-2015-3622 DESCRIPTION: GNU Libtasn1 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the asn1extractderoctet...

Security Bulletin: IBM Security Access Manager appliances are affected by vulnerabilities in libtasn1 (CVE-2015-2806, CVE-2015-3622)

Summary IBM Security Access Manager has addressed these vulnerabilities, which affect the IBM Security Access Manager appliances. Vulnerability Details CVEID: CVE-2015-3622 DESCRIPTION: GNU Libtasn1 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the...

Security Bulletin: IBM QRadar Network Security is affected by vulnerabilities in libtasn1 (CVE-2015-3622, CVE-2015-2806)

Summary IBM QRadar Network Security has addressed vulnerabilities in libtasn1. Vulnerability Details CVEID: CVE-2015-3622 DESCRIPTION: GNU Libtasn1 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the asn1extractderoctet function. By sending an overly long...

EulerOS 2.0 SP1 : libtasn1 (EulerOS-SA-2017-1171)

According to the versions of the libtasn1 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A heap-based buffer overflow flaw was found in the way the libtasn1 library decoded certain DER-encoded inputs. A specially crafted DER-encode...

EulerOS 2.0 SP2 : libtasn1 (EulerOS-SA-2017-1172)

According to the versions of the libtasn1 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A heap-based buffer overflow flaw was found in the way the libtasn1 library decoded certain DER-encoded inputs. A specially crafted DER-encode...

RedHat Update for libtasn1 RHSA-2017:1860-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED12 / SLES12 Security Update : libtasn1 (SUSE-SU-2016:1601-1)

This update for libtasn1 fixes the following issues : - Malformed asn1 definitions could have caused a segmentation fault in the asn1 definition parser bsc961491 - CVE-2015-3622: Fixed invalid read in octet string decoding bsc929414 - CVE-2016-4008: Fixed infinite loop while parsing DER...

SUSE-SU-2016:1600-1 Security update for libtasn1

This update for libtasn1 fixes the following issues: - Malformed asn1 definitions could have caused a segmentation fault in the asn1 definition parser bsc961491 - CVE-2015-3622: Fixed invalid read in octet string decoding bsc929414 - CVE-2016-4008: Fixed infinite loop while parsing DER certificat...

openSUSE Security Update : libtasn1 (openSUSE-2016-716)

This update for libtasn1 fixes the following issues : - Malformed asn1 definitions could have caused a segmentation fault in the asn1 definition parser bsc961491 - CVE-2015-3622: Fixed invalid read in octet string decoding bsc929414 - CVE-2016-4008: Fixed infinite loop while parsing DER...

openSUSE Security Update : gnutls (openSUSE-2015-542)

fix for CVE-2015-3622 in bundled libtasn1 bsc929414 - invalid read in octet string - added gnutls-CVE-2015-3622.patch - fix for GNUTLS-SA-2015-2 bsc929690 - ServerKeyExchange signature issue - added gnutls-GNUTLS-SA-2015-2.patch %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive...

GnuTLS libtasn1 _asn1_extract_der_octet Memory Access Error (CVE-2015-3622)

A memory access error vulnerability exists in libtasn1, a component of GnuTLS. The vulnerability is due to a flaw in asn1extractderoctet that causes libtasn1 to read beyond the allocated buffer when processing a specially crafted DER-encoded input. A remote attacker can exploit this vulnerability...