52 matches found
CVE-2016-9037
An exploitable out-of-bounds array access vulnerability exists in the xrowheaderdecode function of Tarantool 1.7.2.0-g8e92715. A specially crafted packet can cause the function to access an element outside the bounds of a global array that is used to determine the type of the specified key's valu...
Tarantool Msgpuck Denial of Service Vulnerability
Tarantool is an embedded NoSQL database management system written in Lua that integrates Node.js web programming and Redis data persistence.Tarantool Msgpuck is one of the binary serialization libraries. A denial of service vulnerability exists in Tarantool Msgpuck version 1.0.3. An attacker can...
Fedora Update for tarantool FEDORA-2016-2d0c8ba781
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Tarantool Denial of Service Vulnerability
Tarantool is an embedded NoSQL database management system written in Lua that integrates web programming with Node.js and data persistence with Redis. A denial of service vulnerability exists in Tarantool version 1.7.2-0. An attacker can exploit this vulnerability to cause a denial of service...
Fedora Update for tarantool FEDORA-2016-badd014afe
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 24 Update: tarantool-1.6.9.52-1.fc24
Tarantool is a high performance in-memory NoSQL database and Lua application server. Tarantool supports replication, online backup and stored procedures in Lua. This package provides the server daemon and admin tools...
Fedora 25 : msgpuck / tarantool (2016-2d0c8ba781)
Security fix for CVE-2016-9036, CVE-2016-9037 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
Fedora 24 : msgpuck / tarantool (2016-badd014afe)
Security fix for CVE-2016-9036, CVE-2016-9037 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
Tarantool Msgpuck mp_check Denial Of Service Vulnerability
Summary An exploitable incorrect return value vulnerability exists in the mpcheck function of Tarantool’s Msgpuck library 1.0.3. A specially crafted packet can cause the mpcheck function to incorrectly return success when trying to check if decoding a map16 packet will read outside the bounds of ...
Tarantool Key-type Denial Of Service Vulnerability
Summary An exploitable out-of-bounds array access vulnerability exists in the xrowheaderdecode function of Tarantool 1.7.2.0-g8e92715. A specially crafted packet can cause the function to access an element outside the bounds of a global array that is used to determine the type of the specified...
PT-2016-7630 · Tarantool · Tarantool
Name of the Vulnerable Software and Affected Versions: Tarantool version 1.7.2.0-g8e92715 Description: The issue is related to an out-of-bounds array access in the xrow header decode function. A specially crafted packet can cause the function to access an element outside the bounds of a global...
PT-2016-7629 · Tarantool · Msgpuck +1
Name of the Vulnerable Software and Affected Versions: Tarantool's Msgpuck library version 1.0.3 Description: The issue is related to an incorrect return value in the mp check function, which can lead to a denial of service when a specially crafted packet is processed. This occurs because the...