534 matches found
UBUNTU-CVE-2017-13090
The retr.c:fdreadbody function is called when processing OK responses. When the response is sent chunked in wget before 1.19.2, the chunk parser uses strtol to read each chunk's length, but doesn't check that the chunk length is a non-negative number. The code then tries to read the chunk in piec...
Fedora 25 : mingw-libsoup (2017-c9d8011d69)
Security fix for CVE-2017-2885 stack based buffer overflow with HTTP Chunked Encoding. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible...
Fedora 26 : mingw-libsoup (2017-1f4c82d73e)
Security fix for CVE-2017-2885 stack based buffer overflow with HTTP Chunked Encoding. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible...
libsoup -- stack based buffer overflow
Tobias Mueller reports: libsoup is susceptible to a stack based buffer overflow attack when using chunked encoding. Regardless of libsoup being used as a server or client...
openSUSE Security Update : libsoup (openSUSE-2017-914)
This update for libsoup fixes the following issues : - A bug in the HTTP Chunked Encoding code has been fixed that could have been exploited by attackers to cause a stack-based buffer overflow in client or server code running libsoup bsc1052916, CVE-2017-2885. This update was imported from the...
Fedora 25 : libsoup (2017-872a0a9a85)
Security fix for CVE-2017-2885 stack based buffer overflow with HTTP Chunked Encoding. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible...
Security update for libsoup (important)
This update for libsoup fixes the following issues: - A bug in the HTTP Chunked Encoding code has been fixed that could have been exploited by attackers to cause a stack-based buffer overflow in client or server code running libsoup bsc1052916, CVE-2017-2885. This update was imported from the...
openSUSE: Security Advisory for libsoup (openSUSE-SU-2017:2153-1)
The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE SLES12 Security Update : libsoup (SUSE-SU-2017:2130-1)
This update for libsoup fixes the following issues : - A bug in the HTTP Chunked Encoding code has been fixed that could have been exploited by attackers to cause a stack-based buffer overflow in client or server code running libsoup bsc1052916, CVE-2017-2885. Note that Tenable Network Security h...
SUSE SLED12 / SLES12 Security Update : libsoup (SUSE-SU-2017:2129-1)
This update for libsoup fixes the following issues : - A bug in the HTTP Chunked Encoding code has been fixed that could have been exploited by attackers to cause a stack-based buffer overflow in client or server code running libsoup bsc1052916, CVE-2017-2885. Note that Tenable Network Security h...
USN-3383-1 libsoup2.4 vulnerability
Aleksandar Nikolic discovered a stack based buffer overflow when handling chunked encoding. An attacker could use this to cause a denial of service or possibly execute arbitrary code...
SUSE-SU-2017:2129-1 Security update for libsoup
This update for libsoup fixes the following issues: - A bug in the HTTP Chunked Encoding code has been fixed that could have been exploited by attackers to cause a stack-based buffer overflow in client or server code running libsoup bsc1052916, CVE-2017-2885...
SUSE-SU-2017:2130-1 Security update for libsoup
This update for libsoup fixes the following issues: - A bug in the HTTP Chunked Encoding code has been fixed that could have been exploited by attackers to cause a stack-based buffer overflow in client or server code running libsoup bsc1052916, CVE-2017-2885...
miniupnpc 2.0.20170421 Denial Of Service Exploit
miniupnpc suffers from an integer signedness error when parsing a chunked encoded http response. Author: Ref: https://github.com/tintinweb/pub/tree/master/pocs/cve-2017-8798 Version: 0.6 Date: May 1st, 2017 Tag: miniupnp miniupnpc getHTTPResponse chunked encoding integer signedness error Overview...
miniupnpc 2.0.20170421 Denial Of Service
Author: Ref: https://github.com/tintinweb/pub/tree/master/pocs/cve-2017-8798 Version: 0.6 Date: May 1st, 2017 Tag: miniupnp miniupnpc getHTTPResponse chunked encoding integer signedness error Overview -------- Name: miniupnpc Vendor: Thomas Bernard References: http://miniupnp.free.fr/ 1 Version:...
CVE-2017-5659
Apache Traffic Server before 6.2.1 generates a coredump when there is a mismatch between content length and chunked encoding...
CVE-2017-5659
Apache Traffic Server before 6.2.1 generates a coredump when there is a mismatch between content length and chunked encoding...
UBUNTU-CVE-2017-5659
Apache Traffic Server before 6.2.1 generates a coredump when there is a mismatch between content length and chunked encoding...
DEBIAN-CVE-2017-5659
Apache Traffic Server before 6.2.1 generates a coredump when there is a mismatch between content length and chunked encoding...
CVE-2017-5659
Apache Traffic Server before 6.2.1 generates a coredump when there is a mismatch between content length and chunked encoding...