90 matches found
DEBIAN-CVE-2017-7609
elfcompress.c in elfutils 0.168 does not validate the zlib compression factor, which allows remote attackers to cause a denial of service memory consumption via a crafted ELF file...
CVE-2017-7609
elfcompress.c in elfutils 0.168 does not validate the zlib compression factor, which allows remote attackers to cause a denial of service memory consumption via a crafted ELF file...
UBUNTU-CVE-2017-7609
elfcompress.c in elfutils 0.168 does not validate the zlib compression factor, which allows remote attackers to cause a denial of service memory consumption via a crafted ELF file...
Wireshark 2.0.0 Multiple DoS
The version of Wireshark installed on the remote Windows host is 2.0.0. It is, therefore, affected by multiple denial of service vulnerabilities in the following components : - 802.11 dissector - ANSI A dissector - Ascend file parser - BER dissector - Bluetooth Attribute dissector - DIAMETER...
Wireshark 1.12.x < 1.12.9 Multiple DoS
The version of Wireshark installed on the remote Windows host is 1.12.x prior to 1.12.9. It is, therefore, affected by multiple denial of service vulnerabilities in the following components : - 802.11 dissector - AllJoyn dissector - ANSI A dissector - Ascend file parser - BER dissector - DCOM...
CVE-2015-8721
Buffer overflow in the tvbuncompress function in epan/tvbuffzlib.c in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 allows remote attackers to cause a denial of service application crash via a crafted packet with zlib compression...
DEBIAN-CVE-2015-8721
Buffer overflow in the tvbuncompress function in epan/tvbuffzlib.c in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 allows remote attackers to cause a denial of service application crash via a crafted packet with zlib compression...
CVE-2015-8721
Buffer overflow in the tvbuncompress function in epan/tvbuffzlib.c in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 allows remote attackers to cause a denial of service application crash via a crafted packet with zlib compression...
Buffer overflow
Buffer overflow in the tvbuncompress function in epan/tvbuffzlib.c in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 allows remote attackers to cause a denial of service application crash via a crafted packet with zlib compression...
CVE-2015-8721
Buffer overflow in the tvbuncompress function in epan/tvbuffzlib.c in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 allows remote attackers to cause a denial of service application crash via a crafted packet with zlib compression...
CVE-2015-8721
Buffer overflow in the tvbuncompress function in epan/tvbuffzlib.c in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 allows remote attackers to cause a denial of service application crash via a crafted packet with zlib compression...
Amazon Linux: Security Advisory (ALAS-2013-171)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Moderate: Red Hat Security Advisory: sudo security, bug fix, and enhancement update
Updated sudo packages that fix one security issue, three bugs, and add one enhancement are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
What does a pointer look like, anyway?
Posted by Chris Evans, Renderer of Modern Art In Adobe’s August 2014 Flash Player security update, we see: These updates resolve memory leakage vulnerabilities that could be used to bypass memory address randomization CVE-2014-0540, CVE-2014-0542, CVE-2014-0543, CVE-2014-0544, CVE-2014-0545. I...
openssl security update
Package: openssl Version: 0.9.8o-4squeeze16 CVE ID: CVE-2014-0224 CVE-2012-4929 CVE-2014-0224 This update updates the upstream fix for CVE-2014-0224 to address problems with renegotiation under some conditions. original text: KIKUCHI Masashi discovered that carefully crafted handshakes can force...
openssl security update
Package: openssl Version: 0.9.8o-4squeeze16 CVE ID: CVE-2014-0224 CVE-2012-4929 CVE-2014-0224 This update updates the upstream fix for CVE-2014-0224 to address problems with renegotiation under some conditions. original text: KIKUCHI Masashi discovered that carefully crafted handshakes can force...
DLA-0008-1 openssl - security update
Bulletin has no description...
Oracle Linux 5 / 6 : openssl (ELSA-2013-0587)
The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2013-0587 advisory. - fix for CVE-2013-0169 - SSL/TLS CBC timing attack 907589 - fix for CVE-2013-0166 - DoS in OCSP signatures checking 908052 - enable compression on...
RedHat Update for openssl RHSA-2013:0587-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
CVE-2012-4929
The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differenc...