Lucene search
+L

523 matches found

prion
prion
added 2008/07/01 9:41 p.m.19 views

Code injection

liblber/io.c in OpenLDAP 2.2.4 to 2.4.10 allows remote attackers to cause a denial of service program termination via crafted ASN.1 BER datagrams that trigger an assertion error...

5CVSS6.3AI score0.13173EPSS
Exploits0References31Affected Software1
osv
osv
added 2008/07/01 9:41 p.m.7 views

CVE-2008-2952

liblber/io.c in OpenLDAP 2.2.4 to 2.4.10 allows remote attackers to cause a denial of service program termination via crafted ASN.1 BER datagrams that trigger an assertion error...

6.3AI score
Exploits0References31
ubuntucve
ubuntucve
added 2008/07/01 9:41 p.m.22 views

CVE-2008-2952

liblber/io.c in OpenLDAP 2.2.4 to 2.4.10 allows remote attackers to cause a denial of service program termination via crafted ASN.1 BER datagrams that trigger an assertion error...

5CVSS5.9AI score0.13173EPSS
Exploits0References2
osv
osv
added 2008/07/01 9:41 p.m.2 views

DEBIAN-CVE-2008-2952

liblber/io.c in OpenLDAP 2.2.4 to 2.4.10 allows remote attackers to cause a denial of service program termination via crafted ASN.1 BER datagrams that trigger an assertion error...

5CVSS6.3AI score0.13173EPSS
Exploits0References1
debiancve
debiancve
added 2008/07/01 9:0 p.m.31 views

CVE-2008-2952

liblber/io.c in OpenLDAP 2.2.4 to 2.4.10 allows remote attackers to cause a denial of service program termination via crafted ASN.1 BER datagrams that trigger an assertion error...

5CVSS6.3AI score0.13173EPSS
Exploits0
cvelist
cvelist
added 2008/07/01 9:0 p.m.28 views

CVE-2008-2952

liblber/io.c in OpenLDAP 2.2.4 to 2.4.10 allows remote attackers to cause a denial of service program termination via crafted ASN.1 BER datagrams that trigger an assertion error...

9AI score0.13173EPSS
Exploits0References31
seebug
seebug
added 2008/07/01 12:0 a.m.14 views

OpenLDAP BER解码远程拒绝服务漏洞

BUGTRAQ ID: 30013 OpenLDAP是一款开放源代码的轻量级目录访问协议(LDAP)实现。 OpenLDAP的libraries/liblber/io.c文件中的bergetnext函数没有正确地解码ASN.1 BER网络数据报,如果数据报的单元(标签 + 长度 + 内容)包含有 4字节长的多字节标签 4字节长的多字节大小 则解码后的整个大小为BerElement结构缓冲区加1个字节,这导致函数返回说明仍需更多数据,但读指针仍指向缓冲区末尾,这是不允许的。之后的函数调用会出现失败: assert 0 ; / ber structure is messed up ?/...

6.9AI score
Exploits0
seebug
seebug
added 2008/06/11 12:0 a.m.92 views

Linux Kernel BER解码缓冲区溢出漏洞

BUGTRAQ ID: 29589 CVECAN ID: CVE-2008-1673 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的cifs和ipnatsnmpbasic模块中的ASN.1 BER解码器没有正确地计算缓冲区大小,如果远程攻击者向有漏洞的系统发送了特制的BER编码数据的话,就可以触发缓冲区溢出,导致拒绝服务或执行任意指令。 Linux kernel 2.6.x Linux kernel 2.4.x Debian ------ Debian已经为此发布了一个安全公告(DSA-1592-2)以及相应补丁: DSA-1592-2:N...

10CVSS2AI score0.07091EPSS
Exploits2
ubuntucve
ubuntucve
added 2008/06/10 12:32 a.m.28 views

CVE-2008-1673

The asn1 implementation in a the Linux kernel 2.4 before 2.4.36.6 and 2.6 before 2.6.25.5, as used in the cifs and ipnatsnmpbasic modules; and b the gxsnmp package; does not properly validate length values during decoding of ASN.1 BER data, which allows remote attackers to cause a denial of servi...

10CVSS6.2AI score0.07091EPSS
Exploits2References2
cvelist
cvelist
added 2007/05/02 10:0 p.m.40 views

CVE-2007-2466

Unspecified vulnerability in the LDAP Software Development Kit SDK for C, as used in Sun Java System Directory Server 5.2 up to Patch 4 and Sun ONE Directory Server 5.1, allows remote attackers to cause a denial of service crash via certain BER encodings...

6.7AI score0.02971EPSS
Exploits0References7
redhat
redhat
added 2006/05/17 5:5 p.m.5 views

security flaw

The LDAP component in Fedora Directory Server 1.0 allow remote attackers to cause a denial of service crash via a certain "bad BER sequence" that results in a free of uninitialized memory, as demonstrated using the ProtoVer LDAP test suite...

7.8CVSS5.8AI score0.01841EPSS
Exploits0References4
redhat
redhat
added 2006/05/17 5:5 p.m.9 views

memory leaks using ber_scanf when handling bad BER packets (CVE-2006-0453)

Multiple memory leaks in the LDAP component in Fedora Directory Server 1.0 allow remote attackers to cause a denial of service memory consumption via invalid BER packets that trigger an error, which might prevent memory from being freed if it was allocated during the berscanf call, as demonstrate...

7.8CVSS5.8AI score0.01841EPSS
Exploits0References4
redhat
redhat
added 2006/05/03 4:19 p.m.4 views

security flaw

Multiple unspecified vulnerabilities in Ethereal 0.10.x up to 0.10.14 allow remote attackers to cause a denial of service large or infinite loops viarafted packets to the 1 UMA and 2 BER dissectors...

5CVSS5.8AI score0.03815EPSS
Exploits0References4
nessus
nessus
added 2006/04/26 12:0 a.m.21 views

Fedora Core 5 : ethereal-0.99.0-fc5.1 (2006-456)

Many security vulnerabilities have been fixed since the previous release. - The H.248 dissector could crash. Versions affected: 0.10.14. CVE: CVE-2006-1937 - The UMA dissector could go into an infinite loop. Versions affected: 0.10.12 - 0.10.14. CVE: CVE-2006-1933 - The X.509if dissector could...

10CVSS7.6AI score0.05028EPSS
Exploits0References10
prion
prion
added 2006/04/25 12:50 p.m.19 views

Design/Logic Flaw

Multiple unspecified vulnerabilities in Ethereal 0.10.x up to 0.10.14 allow remote attackers to cause a denial of service large or infinite loops viarafted packets to the 1 UMA and 2 BER dissectors...

5CVSS6.9AI score0.03815EPSS
Exploits0References25Affected Software1
ubuntucve
ubuntucve
added 2006/04/25 12:50 p.m.18 views

CVE-2006-1933

Multiple unspecified vulnerabilities in Ethereal 0.10.x up to 0.10.14 allow remote attackers to cause a denial of service large or infinite loops viarafted packets to the 1 UMA and 2 BER dissectors...

5CVSS5.9AI score0.03815EPSS
Exploits0References1
securityvulns
securityvulns
added 2006/04/25 12:0 a.m.84 views

Ethereal 0.99.0 Release Notes

Ethereal 0.99.0 Release Notes Table of Contents What is Ethereal? What's New Bug Fixes New and Updated Features New Protocol Support Updated Protocol Support New and Updated Capture File Support Getting Ethereal Microsoft Windows Sun Solaris Source Code Vendor-supplied Packages File Locations Kno...

10CVSS8.9AI score0.05028EPSS
Exploits0
nvd
nvd
added 2006/02/14 10:6 p.m.24 views

CVE-2006-0451

Multiple memory leaks in the LDAP component in Fedora Directory Server 1.0 allow remote attackers to cause a denial of service memory consumption via invalid BER packets that trigger an error, which might prevent memory from being freed if it was allocated during the berscanf call, as demonstrate...

5CVSS6.7AI score0.01588EPSS
Exploits0References4
prion
prion
added 2006/02/14 10:6 p.m.19 views

Design/Logic Flaw

The LDAP component in Fedora Directory Server 1.0 allow remote attackers to cause a denial of service crash via a certain "bad BER sequence" that results in a free of uninitialized memory, as demonstrated using the ProtoVer LDAP test suite...

7.8CVSS7.2AI score0.01841EPSS
Exploits0References4Affected Software1
nvd
nvd
added 2006/02/14 10:6 p.m.21 views

CVE-2006-0453

The LDAP component in Fedora Directory Server 1.0 allow remote attackers to cause a denial of service crash via a certain "bad BER sequence" that results in a free of uninitialized memory, as demonstrated using the ProtoVer LDAP test suite...

7.8CVSS6.7AI score0.01841EPSS
Exploits0References4
Rows per page
Query Builder