ALPINE-CVE-2016-7975

The TCP parser in tcpdump before 4.9.0 has a buffer overflow in print-tcp.c:tcpprint...

Fedora 22 : knot-1.6.6-1.fc22 (2015-b5a8f09e32)

New upstream release: - security fix: out-of-bound read in packet parser for malformed NAPTR record - fix: systemd startup notifications Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...

Fedora 23 : knot-2.0.2-1.fc23 (2015-df0f324367)

New upstream release: - security fix: out-of-bound read in packet parser for malformed NAPTR record Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...

openSUSE Security Update : gpg2 (openSUSE-SU-2013:1546-1)

gpg2 was updated to fix a denial of service attack through infinite recursion in the compressed packet parser bnc844175 CVE-2013-4402. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

DEBIAN-CVE-2013-4402

The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service infinite recursion via a crafted OpenPGP message...

CVE-2013-4402

The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service infinite recursion via a crafted OpenPGP message...

Oracle Linux 5 : gnupg (ELSA-2013-1458)

The remote Oracle Linux 5 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2013-1458 advisory. - fix CVE-2013-4351 gpg treats no-usage-permitted keys as all-usages-permitted - fix CVE-2012-6085 GnuPG: readblock corrupt key input validation - fix...

GnuPG: infinite recursion in the compressed packet parser DoS

The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service infinite recursion via a crafted OpenPGP message...

GnuPG: infinite recursion in the compressed packet parser DoS

The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service infinite recursion via a crafted OpenPGP message...

Debian DSA-2774-1 : gnupg2 - several vulnerabilities

Two vulnerabilities were discovered in GnuPG 2, the GNU privacy guard, a free PGP replacement. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2013-4351 When a key or subkey had its 'key flags' subpacket set to all bits off, GnuPG currently would treat t...

Debian DSA-2773-1 : gnupg - several vulnerabilities

Two vulnerabilities were discovered in GnuPG, the GNU privacy guard, a free PGP replacement. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2013-4351 When a key or subkey had its 'key flags' subpacket set to all bits off, GnuPG currently would treat the...

Debian Security Advisory DSA 2774-1 (gnupg2 - several vulnerabilities)

Two vulnerabilities were discovered in GnuPG 2, the GNU privacy guard, a free PGP replacement. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2013-4351When a key or subkey had its key flags subpacket set to all bits off, GnuPG currently would treat the key...

Debian: Security Advisory (DSA-2773-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2013-4402

The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service infinite recursion via a crafted OpenPGP message...

gnupg -- possible infinite recursion in the compressed packet parser

Werner Koch reports: Special crafted input data may be used to cause a denial of service against GPG GnuPG's OpenPGP part and some other OpenPGP implementations. All systems using GPG to process incoming data are affected...

Fedora 19 : gpsd-3.9-1.fc19 (2013-7276)

This is an update to the latest upstream release, which fixes a denial of service flaw found in the way AIS driver packet parser processed certain malformed packets. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenabl...

wireshark: multiple file parser vulnerabilities (wnpa-sec-2012-01)

The dissectpacket function in epan/packet.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service application crash via a long packet in a capture file, as demonstrated by an airopeek file...

BlueZ: Arbitrary code execution

Background BlueZ is a set of Bluetooth tools and system daemons for Linux. Description It has been reported that the Bluetooth packet parser does not validate string length fields in SDP packets. Impact A physically proximate attacker using a Bluetooth device with an already established trust...

Moderate: Red Hat Security Advisory: bluez-libs and bluez-utils security update

Updated bluez-libs and bluez-utils packages that fix a security flaw are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The bluez-libs package contains libraries for use in Bluetooth...