Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2023/10/20 12:0 a.m.27 views

Ubuntu 16.04 ESM : Yubico PIV Tool vulnerabilities (USN-4846-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4846-1 advisory. It was discovered that libykpiv, a supporting library of the Yubico PIV tool and YubiKey PIV Manager, mishandled specially crafted input. An attacker wit...

7.2CVSS6.7AI score0.00486EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2019/05/01 12:0 a.m.32 views

SUSE SLED15 / SLES15 Security Update : yubico-piv-tool (SUSE-SU-2019:1123-1)

This update for yubico-piv-tool fixes the following issues : Security issues fixed : Fixed an buffer overflow and an out of bounds memory read in ykpivtransferdata, which could be triggered by a malicious token. CVE-2018-14779, bsc1104809, YSA-2018-03 Fixed an buffer overflow and an out of bounds...

7.2CVSS6.1AI score0.00486EPSS
Exploits1References7
OpenVAS
OpenVAS
added 2018/09/06 12:0 a.m.17 views

openSUSE: Security Advisory for yubico-piv-tool (openSUSE-SU-2018:2623-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.2CVSS5.6AI score0.00486EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2018/09/06 12:0 a.m.23 views

openSUSE Security Update : yubico-piv-tool (openSUSE-2018-969)

This update for yubico-piv-tool fixes the following issues : Security issues fixed : - CVE-2018-14779: Fixed an buffer overflow and an out of bounds memory read in ykpivtransferdata, which could be triggered by a malicious token. boo1104809, YSA-2018-03 - CVE-2018-14780: Fixed an buffer overflow...

7.2CVSS6.1AI score0.00486EPSS
Exploits1References4
0day.today
0day.today
added 2018/08/17 12:0 a.m.66 views

Yubico PIV Tool 1.5.0 Buffer Overflow Vulnerability

A buffer overflow and an out of bounds memory read were identified in the yubico-piv-tool-1.5.0, these can be triggered by a malicious token. Multiple Vulnerabilities in Yubico Piv ====================================== Overview - -------- Confirmed Affected Versions: 1.5.0 Confirmed Patched...

0.4AI score0.00486EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2018/08/15 6:29 p.m.19 views

CVE-2018-14779

A buffer overflow issue was discovered in the Yubico-Piv 1.5.0 smartcard driver. The file lib/ykpiv.c contains the following code in the function ykpivtransferdata: % highlight c % ifoutlen + recvlen - 2 maxout fprintfstderr, "Output buffer to small, wanted to write %lu, max was %lu.", outlen +...

7.2CVSS7AI score0.00486EPSS
Exploits1References4
CVE
CVE
added 2018/08/15 6:0 p.m.192 views

CVE-2018-14779

CVE-2018-14779 describes a buffer overflow in the Yubico PIV library (libykpiv) used by the YubiKey PIV tool. The NVD report centers on Yubico-Piv 1.5.0’s smartcard driver, where the function ykpiv_transfer_data() checks buffer size but does not prevent a memcpy when the input is malicious, allow...

7.2CVSS6.6AI score0.00486EPSS
Exploits1References4Affected Software3
Rows per page
Query Builder