511 matches found
USN-2820-1 dpkg vulnerability | Cloud Foundry
USN-2820-1 dpkg vulnerability Medium Vendor dpkg Versions Affected Ubuntu 14.04 Description Hanno Boeck discovered that the dpkg-deb tool incorrectly handled certain old style Debian binary packages. If a user or an automated system were tricked into unpacking a specially crafted binary package, ...
CVE-2015-0860
Off-by-one error in the extracthalf function in dpkg-deb/extract.c in the dpkg-deb component in Debian dpkg 1.16.x before 1.16.17 and 1.17.x before 1.17.26 allows remote attackers to execute arbitrary code via the archive magic version number in an "old-style" Debian binary package, which trigger...
CVE-2015-0860
Off-by-one error in the extracthalf function in dpkg-deb/extract.c in the dpkg-deb component in Debian dpkg 1.16.x before 1.16.17 and 1.17.x before 1.17.26 allows remote attackers to execute arbitrary code via the archive magic version number in an "old-style" Debian binary package, which trigger...
Stack overflow
Off-by-one error in the extracthalf function in dpkg-deb/extract.c in the dpkg-deb component in Debian dpkg 1.16.x before 1.16.17 and 1.17.x before 1.17.26 allows remote attackers to execute arbitrary code via the archive magic version number in an "old-style" Debian binary package, which trigger...
CVE-2015-0860
Off-by-one error in the extracthalf function in dpkg-deb/extract.c in the dpkg-deb component in Debian dpkg 1.16.x before 1.16.17 and 1.17.x before 1.17.26 allows remote attackers to execute arbitrary code via the archive magic version number in an "old-style" Debian binary package, which trigger...
CVE-2015-0860
CVE-2015-0860 affects the dpkg-deb component of dpkg. An off-by-one error in extracthalf/extract.c can cause a stack-based buffer overflow via the archive magic version number in an old-style Debian binary package, enabling remote code execution. The issue affects dpkg 1.16.x before 1.16.17 and 1...
CVE-2015-0860
Off-by-one error in the extracthalf function in dpkg-deb/extract.c in the dpkg-deb component in Debian dpkg 1.16.x before 1.16.17 and 1.17.x before 1.17.26 allows remote attackers to execute arbitrary code via the archive magic version number in an "old-style" Debian binary package, which trigger...
Debian DSA-3407-1 : dpkg - security update
Hanno Boeck discovered a stack-based buffer overflow in the dpkg-deb component of dpkg, the Debian package management system. This flaw could potentially lead to arbitrary code execution if a user or an automated system were tricked into processing a specially crafted Debian binary package .deb i...
Ubuntu 14.04 LTS : dpkg vulnerability (USN-2820-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2820-1 advisory. Hanno Boeck discovered that the dpkg-deb tool incorrectly handled certain old style Debian binary packages. If a user or an automated system were tricked into...
dpkg stack buffer overflow vulnerability(CVE-2 0 1 5-0 8 6 0)-vulnerability warning-the black bar safety net
CVECAN ID: CVE-2 0 1 5-0 8 6 0 dpkg is“Debian” specially developed Suite of management system, easy software installation, updates and removal. dpkg of dpkg-deb component the presence of stack buffer overflow vulnerability, if a user or automated system processing structure of the old format of a...
Ubuntu: Security Advisory (USN-2820-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-2820-1: dpkg vulnerability
Hanno Boeck discovered that the dpkg-deb tool incorrectly handled certain old style Debian binary packages. If a user or an automated system were tricked into unpacking a specially crafted binary package, a remote attacker could possibly use this issue to execute arbitrary code...
USN-2820-1 dpkg vulnerability
Hanno Boeck discovered that the dpkg-deb tool incorrectly handled certain old style Debian binary packages. If a user or an automated system were tricked into unpacking a specially crafted binary package, a remote attacker could possibly use this issue to execute arbitrary code...
[SECURITY] [DSA 3407-1] dpkg security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3407-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 26, 2015 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3407-1] dpkg security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3407-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 26, 2015 https://www.debian.org/security/faq -...
CVE-2015-0860
Off-by-one error in the extracthalf function in dpkg-deb/extract.c in the dpkg-deb component in Debian dpkg 1.16.x before 1.16.17 and 1.17.x before 1.17.26 allows remote attackers to execute arbitrary code via the archive magic version number in an "old-style" Debian binary package, which trigger...
Debian Security Advisory DSA 3407-1 (dpkg - security update)
Hanno Boeck discovered a stack-based buffer overflow in the dpkg-deb component of dpkg, the Debian package management system. This flaw could potentially lead to arbitrary code execution if a user or an automated system were tricked into processing a specially crafted Debian binary package .deb i...
DSA-3407-1 dpkg - security update
Bulletin has no description...
dpkg -- stack-based buffer overflow
Salvatore Bonaccorso reports: Hanno Boeck discovered a stack-based buffer overflow in the dpkg-deb component of dpkg, the Debian package management system. This flaw could potentially lead to arbitrary code execution if a user or an automated system were tricked into processing a specially crafte...
Debian: Security Advisory (DSA-3407-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...