12 matches found
MCrypt: User-assisted execution of arbitrary code
Background MCrypt is a replacement of the old unix crypt1 utility. Description Multiple vulnerabilities have been discovered in MCrypt: A boundary error in MCrypt could cause a stack-based buffer overflow CVE-2012-4409. MCrypt contains multiple format string errors CVE-2012-4426. MCrypt does not...
mcrypt 2.5.8 - Local Stack Overflow
mcrypt 2.5.8 - Local Stack Overflow !/usr/bin/perl Title : mcrypt ', $filename; print F $file; close F; sub buildfile magic $file .= "\x00m\x03"; flags $file .= pack'C', 1 6; algorithm $file .= "H@Ck3d\x00"; keysize $file .= pack'S', 0xdead; mode $file .= "h@cK3d\x00"; keymode $file .=...
mcrypt 2.5.8 - Local Stack Overflow
!/usr/bin/perl Title : mcrypt ', $filename; print F $file; close F; sub buildfile magic $file .= "\x00m\x03"; flags $file .= pack'C', 1 6; algorithm $file .= "H@Ck3d\x00"; keysize $file .= pack'S', 0xdead; mode $file .= "h@cK3d\x00"; keymode $file .= "H@CK3D\x00"; sflags $file .= "\xff"; payload...
CVE-2012-4409
Stack-based buffer overflow in the checkfilehead function in extra.c in mcrypt 2.6.8 and earlier allows user-assisted remote attackers to execute arbitrary code via an encrypted file with a crafted header containing long salt data that is not properly handled during decryption...
CVE-2012-4409
Stack-based buffer overflow in the checkfilehead function in extra.c in mcrypt 2.6.8 and earlier allows user-assisted remote attackers to execute arbitrary code via an encrypted file with a crafted header containing long salt data that is not properly handled during decryption...
CVE-2012-4409
The CVE-2012-4409 issue affects MCrypt, specifically mcrypt versions up to and including 2.6.8, due to a flaw in the check_file_head() function (extra.c). A crafted header with long salt data during decryption can trigger a stack-based buffer overflow, enabling a user-assisted remote attacker to ...
Fedora Update for mcrypt FEDORA-2012-17290
Check for the Version of mcrypt OpenVAS Vulnerability Test Fedora Update for mcrypt FEDORA-2012-17290 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
Fedora Update for mcrypt FEDORA-2012-17318
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for mcrypt FEDORA-2012-13657
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for mcrypt FEDORA-2012-13657
Check for the Version of mcrypt OpenVAS Vulnerability Test Fedora Update for mcrypt FEDORA-2012-13657 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
Fedora Update for mcrypt FEDORA-2012-13656
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora 18 : mcrypt-2.6.8-9.fc18 (2012-13599)
Resolve buffer overflow in CVE-2012-4409. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVE...