openSUSE: Security Advisory for openvpn (openSUSE-SU-2017:1680-1)

The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Mozilla Firefox and Firefox ESR Graphite 2 Denial of Service Vulnerability (CNVD-2017-12542)

Mozilla Firefox and Firefox ESR are both browser products developed by the Mozilla Foundation in the U.S. Firefox is an open source web browser; Firefox ESR is an extended support version of Firefox.Graphite is a suite of enterprise-class open source system monitoring tools data plotting written ...

graphite2: assertion error "size() > n"

An assertion error has been reported in graphite2. An attacker could possibly exploit this flaw to cause an application crash...

openSUSE Security Update : tor (openSUSE-2017-690)

This update to tor 0.2.9.11 fixes the following vulnerabilities : - CVE-2017-0375: remotely triggerable assertion failure when a hidden service handles a malformed BEGIN cell bsc1043455 - CVE-2017-0376: remotely triggerable assertion failure caused by receiving a BEGINDIR cell on a hidden service...

CVE-2017-9501

In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function LockSemaphoreInfo, which allows attackers to cause a denial of service via a crafted file...

MGASA-2017-0176 Updated tor packages fix security vulnerability

A remotely triggerable assertion failure caused by receiving a BEGINDIR cell on a hidden service rendezvous circuit CVE-2017-0376...

Updated tor packages fix security vulnerability

A remotely triggerable assertion failure caused by receiving a BEGINDIR cell on a hidden service rendezvous circuit CVE-2017-0376...

graphite2: assertion error "size() > n"

An assertion error has been reported in graphite2. An attacker could possibly exploit this flaw to cause an application crash...

Tor Denial of Service Vulnerability (CNVD-2017-14149)

Tor The Onion Router is a second-generation implementation of onion routing, primarily used for anonymous access to the Internet. A denial of service vulnerability exists in the 'connectionedgeprocessrelaycell' function of the hidden service function in versions of Tor prior to 0.3.0.8. An attack...

Tor Denial of Service Vulnerability (CNVD-2017-14148)

Tor The Onion Router is a second-generation implementation of onion routing, primarily used for anonymous access to the Internet. A denial of service vulnerability exists in the 'relaysendendcellfromedge' function of the hidden services function in versions of Tor prior to 0.3.0.8. An attacker ca...

ImageMagick Denial of Service Vulnerability (CNVD-2017-09693)

ImageMagick is a set of open-source image processing software from the U.S. company ImageMagick Studio. The software can read, convert and write pictures in a variety of formats. A denial of service vulnerability exists in the 'SetPixelChannelAttributes' function in ImageMagick version 7.0.5-7 Q1...

OpenVPN P_CONTROL Denial of Service (CVE-2017-7478)

A denial-of-service vulnerability exists in OpenVPN. This vulnerability is due to an assertion in OpenVPN server that can be reached during the processing of a malicious packet. A remote, unauthenticated attacker can exploit this vulnerability to cause the OpenVPN server program to terminate,...

Debian Security Advisory DSA 3877-1 (tor - security update)

It has been discovered that Tor, a connection-based low-latency anonymous communication system, contain a flaw in the hidden service code when receiving a BEGINDIR cell on a hidden service rendezvous circuit. A remote attacker can take advantage of this flaw to cause a hidden service to crash wit...

Updated zziplib packages fix security vulnerability

Heap-based buffer overflow in zzipget32 in fetch.c CVE-2017-5974. Heap-based buffer overflow in zzipget64 in fetch.c CVE-2017-5975. Heap-based buffer overflow in zzipmementryextrablock in memdisk.c CVE-2017-5976. Invalid memory read in zzipmementryextrablock in memdisk.c CVE-2017-5977. Out of...

CVE-2017-0376

The hidden-service feature in Tor before 0.3.0.8 allows a denial of service assertion failure and daemon exit in the connectionedgeprocessrelaycell function via a BEGINDIR cell on a rendezvous circuit...

Design/Logic Flaw

The hidden-service feature in Tor before 0.3.0.8 allows a denial of service assertion failure and daemon exit in the relaysendendcellfromedge function via a malformed BEGIN cell...

Design/Logic Flaw

The hidden-service feature in Tor before 0.3.0.8 allows a denial of service assertion failure and daemon exit in the connectionedgeprocessrelaycell function via a BEGINDIR cell on a rendezvous circuit...

DEBIAN-CVE-2017-0376

The hidden-service feature in Tor before 0.3.0.8 allows a denial of service assertion failure and daemon exit in the connectionedgeprocessrelaycell function via a BEGINDIR cell on a rendezvous circuit...

CVE-2017-0376

The hidden-service feature in Tor before 0.3.0.8 allows a denial of service assertion failure and daemon exit in the connectionedgeprocessrelaycell function via a BEGINDIR cell on a rendezvous circuit...

CVE-2017-0375

The CVE-2017-0375 issue affects Tor’s hidden-service feature prior to 0.3.0.8, where a malformed BEGIN cell can trigger an assertion failure in relay_send_end_cell_from_edge_, causing a daemon crash (DoS). Affected software is Tor, with the root cause in the hidden service handling code. Remediat...