22 matches found
Fedora Update for libotr FEDORA-2016-2982
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2016-2851
Integer overflow in proto.c in libotr before 4.1.1 on 64-bit platforms allows remote attackers to cause a denial of service memory corruption and application crash or execute arbitrary code via a series of large OTR messages, which triggers a heap-based buffer overflow...
CVE-2016-2851
Integer overflow in proto.c in libotr before 4.1.1 on 64-bit platforms allows remote attackers to cause a denial of service memory corruption and application crash or execute arbitrary code via a series of large OTR messages, which triggers a heap-based buffer overflow...
CVE-2016-2851
CVE-2016-2851 affects libotr (Off-the-Record Messaging Library). The description and connected documents confirm an integer overflow in libotr’s proto.c on 64-bit platforms, leading to a heap-based overflow when processing large OTR messages. This can cause a denial of service (memory corruption ...
MGASA-2016-0117 Updated libotr packages fix security vulnerability
A remote attacker may crash or execute arbitrary code in libotr before 4.1.1 by sending large OTR messages. While processing specially crafted messages, attacker controlled data on the heap is written out of bounds CVE-2016-2851...
Updated libotr packages fix security vulnerability
A remote attacker may crash or execute arbitrary code in libotr before 4.1.1 by sending large OTR messages. While processing specially crafted messages, attacker controlled data on the heap is written out of bounds CVE-2016-2851...
Fedora 22 : libotr-4.1.1-1.fc22 (2016-fde759f627)
Updated to 4.1.1 for CVE-2016-2851 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300...
Fedora Update for libotr FEDORA-2016-8
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED11 / SLES11 Security Update : libotr (SUSE-SU-2016:0706-1)
This update for libotr fixes the following issues : - Apply 'libotr-CVE-2016-2851.patch' to fix integer overflows that used to occur on 64-bit architectures when receiving 4GB messages. This flaw could potentially have been exploited by an attacker to remotely execute arbitrary code on the user's...
SUSE SLED12 / SLES12 Security Update : libotr (SUSE-SU-2016:0707-1)
This update for libotr fixes the following issue : - Apply 'libotr-CVE-2016-2851.patch' to fix integer overflows that used to occur on 64-bit architectures when receiving 4GB messages. This flaw could potentially have been exploited by an attacker to remotely execute arbitrary code on the user's...
Security update for libotr,libotr2 (important)
libotr and libotr2 were updated to fix one security issue: - CVE-2016-2851: Integer overflow vulnerability allowed remote attackers to execute arbitrary code on 64 bit platforms boo969785...
libotr 4.1.0 Memory Corruption
X41 D-Sec GmbH Security Advisory: X41-2016-001 Memory Corruption Vulnerability in "libotr" =========================================== Overview -------- Severity Rating: high Confirmed Affected Version: 4.1.0 and below Confirmed Patched Version: libotr 4.1.1 Vendor: OTR Development Team Vendor UR...
Ubuntu 12.04 LTS : libotr vulnerability (USN-2926-1)
Markus Vervier discovered that OTR incorrectly handled large incoming messages. A remote attacker could use this issue to cause OTR to crash, resulting in a denial of service, or possibly execute arbitrary code. Note that Tenable Network Security has extracted the preceding description block...
openSUSE Security Update : libotr / libotr2 (openSUSE-2016-322)
libotr and libotr2 were updated to fix one security issue : - CVE-2016-2851: Integer overflow vulnerability allowed remote attackers to execute arbitrary code on 64 bit platforms boo969785 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...
Security update for libotr,libotr2 (important)
libotr and libotr2 were updated to fix one security issue: - CVE-2016-2851: Integer overflow vulnerability allowed remote attackers to execute arbitrary code on 64 bit platforms boo969785...
FreeBSD : libotr -- integer overflow (c2b1652c-e647-11e5-85be-14dae9d210b8)
X41 D-Sec reports : A remote attacker may crash or execute arbitrary code in libotr by sending large OTR messages. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2018 Jacqu...
libotr 4.1.0 - Memory Corruption
''' X41 D-Sec GmbH Security Advisory: X41-2016-001 Memory Corruption Vulnerability in "libotr" =========================================== Overview -------- Severity Rating: high Confirmed Affected Version: 4.1.0 and below Confirmed Patched Version: libotr 4.1.1 Vendor: OTR Development Team Vendo...
[SECURITY] [DSA 3512-1] libotr security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3512-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 09, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3512-1] libotr security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3512-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 09, 2016 https://www.debian.org/security/faq -...
SUSE-SU-2016:0706-1 Security update for libotr
This update for libotr fixes the following issues: - Apply 'libotr-CVE-2016-2851.patch' to fix integer overflows that used to occur on 64-bit architectures when receiving 4GB messages. This flaw could potentially have been exploited by an attacker to remotely execute arbitrary code on the user's...