7 matches found
USN-8080-1: YARA vulnerabilities
Kamil Frankowicz discovered that a number of YARA's functions generated memory exceptions when processing specially crafted rules or files. A remote attacker could possibly use these issues to cause YARA to crash, resulting in a denial of service. These issues only affected Ubuntu 16.04 LTS...
Fedora Update for yara FEDORA-2017-156d12fa2f
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 26 : yara (2017-156d12fa2f)
Security fix for CVE-2017-9304, CVE-2017-9465 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
Fedora Update for yara FEDORA-2017-fa52efdf32
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 24 : yara (2017-47487b1223)
Security fix for CVE-2017-9304, CVE-2017-9465 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
Fedora 25 : yara (2017-fa52efdf32)
Security fix for CVE-2017-9304, CVE-2017-9465 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
CVE-2017-9465
CVE-2017-9465 affects YARA, with the root cause in yr_arena_write_data path where crafted files mishandled in yr_re_fast_exec (libyara/re.c) and _yr_scan_match_callback (libyara/scan.c). Public details from connected documents specify YARA 3.6.1 as the vulnerable version and describe the impact a...