13 matches found
EUVD-2016-7933
Malware in sbrugna...
CVE-2016-7053
In OpenSSL 1.1.0 before 1.1.0c, applications parsing invalid CMS structures can crash with a NULL pointer dereference. This is caused by a bug in the handling of the ASN.1 CHOICE type in OpenSSL 1.1.0 which can result in a NULL value being passed to the structure callback if an attempt is made to...
Debian DSA-3866-1 : strongswan - security update
Two denial of service vulnerabilities were identified in strongSwan, an IKE/IPsec suite, using Google's OSS-Fuzz fuzzing project. - CVE-2017-9022 RSA public keys passed to the gmp plugin aren't validated sufficiently before attempting signature verification, so that invalid input might lead to a...
Ubuntu: Security Advisory (USN-3301-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DEBIAN-CVE-2016-7053
In OpenSSL 1.1.0 before 1.1.0c, applications parsing invalid CMS structures can crash with a NULL pointer dereference. This is caused by a bug in the handling of the ASN.1 CHOICE type in OpenSSL 1.1.0 which can result in a NULL value being passed to the structure callback if an attempt is made to...
CVE-2016-7053 CMS Null dereference
In OpenSSL 1.1.0 before 1.1.0c, applications parsing invalid CMS structures can crash with a NULL pointer dereference. This is caused by a bug in the handling of the ASN.1 CHOICE type in OpenSSL 1.1.0 which can result in a NULL value being passed to the structure callback if an attempt is made to...
OpenSSL Patches High-Severity Denial-of-Service Bug
OpenSSL on Thursday patched three vulnerabilities in its latest update, and reminded users running version 1.0.1 of the cryptographic library that that security support will end Dec. 31. Of the three bugs, only one was rated high severity and could lead to OpenSSL crashes. Only OpenSSL 1.1.0 is...
CVE-2011-1142
Stack consumption vulnerability in the dissectberchoice function in the BER dissector in Wireshark 1.2.x through 1.2.15 and 1.4.x through 1.4.4 might allow remote attackers to cause a denial of service infinite loop via vectors involving self-referential ASN.1 CHOICE values...
CVE-2011-1142
Stack consumption vulnerability in the dissectberchoice function in the BER dissector in Wireshark 1.2.x through 1.2.15 and 1.4.x through 1.4.4 might allow remote attackers to cause a denial of service infinite loop via vectors involving self-referential ASN.1 CHOICE values...
Stack overflow
Stack consumption vulnerability in the dissectberchoice function in the BER dissector in Wireshark 1.2.x through 1.2.15 and 1.4.x through 1.4.4 might allow remote attackers to cause a denial of service infinite loop via vectors involving self-referential ASN.1 CHOICE values...
CVE-2011-1142
Stack consumption vulnerability in the dissectberchoice function in the BER dissector in Wireshark 1.2.x through 1.2.15 and 1.4.x through 1.4.4 might allow remote attackers to cause a denial of service infinite loop via vectors involving self-referential ASN.1 CHOICE values...
CVE-2011-1142
Stack consumption vulnerability in the dissectberchoice function in the BER dissector in Wireshark 1.2.x through 1.2.15 and 1.4.x through 1.4.4 might allow remote attackers to cause a denial of service infinite loop via vectors involving self-referential ASN.1 CHOICE values...
CVE-2011-1142
Stack consumption vulnerability in the dissectberchoice function in the BER dissector in Wireshark 1.2.x through 1.2.15 and 1.4.x through 1.4.4 might allow remote attackers to cause a denial of service infinite loop via vectors involving self-referential ASN.1 CHOICE values...