8 matches found
USN-8080-1: YARA vulnerabilities
Kamil Frankowicz discovered that a number of YARA's functions generated memory exceptions when processing specially crafted rules or files. A remote attacker could possibly use these issues to cause YARA to crash, resulting in a denial of service. These issues only affected Ubuntu 16.04 LTS...
Fedora 25 : yara (2017-1d46019681)
bump to 3.6.3 release - bugfix CVE-2017-11328 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
Fedora 24 : yara (2017-944e86b623)
bump to 3.6.3 release - bugfix CVE-2017-11328 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
Fedora 26 : yara (2017-088b16a69a)
bump to 3.6.3 release - bugfix CVE-2017-11328 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
Fedora Update for yara FEDORA-2017-944e86b623
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for yara FEDORA-2017-1d46019681
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2017-11328
Summary: CVE-2017-11328 is a heap buffer overflow in the YARA 3.x code path, specifically the yr_object_array_set_item() function in object.c. Exploitation could cause a denial of service by scanning a crafted .NET file. The vulnerability affects YARA 3.x and is reflected in multiple feeds (CNVD/...
CVE-2017-11328
Heap buffer overflow in the yrobjectarraysetitem function in object.c in YARA 3.x allows a denial-of-service attack by scanning a crafted .NET file...