11 matches found
Ubuntu: Security Advisory (USN-6584-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-6584-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6584-1: Libspf2 vulnerabilities
Philipp Jeitner and Haya Shulman discovered that Libspf2 incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code...
GLSA-202401-22 : libspf2: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202401-22 libspf2: Multiple vulnerabilities - Stack buffer overflow in libspf2 versions below 1.2.11 when processing certain SPF macros can lead to Denial of service and potentially code execution via malicious crafted SPF...
Debian DLA-2890-1 : libspf2 - LTS security update
The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2890 advisory. - libspf2 before 1.2.11 has a four-byte heap-based buffer overflow that might allow remote attackers to execute arbitrary code via an unauthenticated e-mail messag...
CVE-2021-33913
creationtimestamp| type| source ---|---|--- 2022-01-19 20:26:10+00:00| seen| https://t.me/cibsecurity/35880 2024-02-22 09:47:50+00:00| seen| https://t.me/arpsyndicate/3949...
CVE-2021-33913
libspf2 before 1.2.11 has a heap-based buffer overflow that might allow remote attackers to execute arbitrary code via an unauthenticated e-mail message from anywhere on the Internet with a crafted SPF DNS record, because of SPFrecordexpanddata in spfexpand.c. The amount of overflowed data depend...
CVE-2021-33913
libspf2 before 1.2.11 has a heap-based buffer overflow that might allow remote attackers to execute arbitrary code via an unauthenticated e-mail message from anywhere on the Internet with a crafted SPF DNS record, because of SPFrecordexpanddata in spfexpand.c. The amount of overflowed data depend...
ALPINE-CVE-2021-33913
libspf2 before 1.2.11 has a heap-based buffer overflow that might allow remote attackers to execute arbitrary code via an unauthenticated e-mail message from anywhere on the Internet with a crafted SPF DNS record, because of SPFrecordexpanddata in spfexpand.c. The amount of overflowed data depend...
CVE-2021-33913
libspf2 before 1.2.11 has a heap-based buffer overflow that might allow remote attackers to execute arbitrary code via an unauthenticated e-mail message from anywhere on the Internet with a crafted SPF DNS record, because of SPFrecordexpanddata in spfexpand.c. The amount of overflowed data depend...
CVE-2021-33913
CVE-2021-33912 and CVE-2021-33913 affect libspf2 prior to 1.2.11. Multiple advisories (Ubuntu USN-6584-1/2, Debian DLA-2890-1, Gentoo GLSA-202401-22, Debian DLA-2890) describe heap-based buffer overflows in SPF_record_expand_data and related code, which could allow remote attackers to execute arb...