Linux Distros Unpatched Vulnerability : CVE-2016-4356

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The appendutf8value function in the DN decoder dn.c in Libksba before 1.3.3 allows remote attackers to cause a denial of service out-of-bounds read by clearing...

EulerOS 2.0 SP2 : libksba (EulerOS-SA-2021-1317)

According to the versions of the libksba package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The appendutf8value function in the DN decoder dn.c in Libksba before 1.3.3 allows remote attackers to cause a denial of service out-of-bounds...

Huawei EulerOS: Security Advisory for libksba (EulerOS-SA-2021-1317)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP5 : libksba (EulerOS-SA-2021-1203)

According to the versions of the libksba package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The appendutf8value function in the DN decoder dn.c in Libksba before 1.3.3 allows remote attackers to cause a denial of service out-of-bounds...

EulerOS 2.0 SP3 : libksba (EulerOS-SA-2021-1086)

According to the versions of the libksba package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The appendutf8value function in the DN decoder dn.c in Libksba before 1.3.3 allows remote attackers to cause a denial of service out-of-bounds...

Huawei EulerOS: Security Advisory for libksba (EulerOS-SA-2021-1086)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2016-4356

The appendutf8value function in the DN decoder dn.c in Libksba before 1.3.3 allows remote attackers to cause a denial of service out-of-bounds read by clearing the high bit of the byte after invalid utf-8 encoded data...

CVE-2016-4356

CVE-2016-4356 affects Libksba’s DN decoder (dn.c) with the append_utf8_value function: older releases before 1.3.3 may incur an out-of-bounds read when the high bit of a byte after invalid UTF-8 data is cleared, enabling denial of service. Several connected advisories/plugins reference this issue...

Fedora Update for libksba FEDORA-2016-fd26f713e7

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Medium: libksba

Issue Overview: The following security-related issues were resolved: Incomplete fix for CVE-2016-4356 CVE-2016-4574 Out-of-bounds read in ksbaberparsetl CVE-2016-4579 Affected Packages: libksba Issue Correction: Run yum update libksba or yum update --advisory ALAS-2016-712 to update your system...

openSUSE Security Update : libksba (openSUSE-2016-624)

This update for libksba fixes the following issues : Security issue fixed : - boo979261: OOB read access bugs remote DoS - CVE-2016-4574: off-by-one OOB read access incomplete fix for CVE-2016-4356 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in thi...

Updated libksba packages fix security vulnerabilities

Updated libksba packages fix security vulnerabilities: An out-of-bounds read access in ksbadntostr in libksba 1.3.3, due to an incomplete fix for CVE-2016-4356, could result in denial of service CVE-2016-4574. In liksba 1.3.3, the returned length of the object from ksbaberparsetl ti.length was no...

Ubuntu 14.04 LTS / 16.04 LTS : Libksba vulnerabilities (USN-2982-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2982-1 advisory. Hanno Bck discovered that Libksba incorrectly handled decoding certain BER data. An attacker could use this issue to cause Libksba to crash,...

libksba: denial of service

An out-of-bound read access due to incorrect utf-8 strings handling has been in found in the ksbadntostr function. This issue is due to an incomplete fix for CVE-2016-4356, caused by an off-by-one error when handling incorrect utf-8 strings...