Debian dla-3579 : elfutils - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3579 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3579-1 [email protected] https://www.debian.org/lts/security/...

Amazon Linux 2 : elfutils (ALAS-2023-2259)

"The version of elfutils installed on the remote host is prior to 0.176-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2259 advisory. The libcpu component which is used by libasm of elfutils version 0.177 git 47780c9e, suffers from denial-of-service vulnerability...

Design/Logic Flaw

The libcpu component which is used by libasm of elfutils version 0.177 git 47780c9e, suffers from denial-of-service vulnerability caused by application crashes due to out-of-bounds write CWE-787, off-by-one error CWE-193 and reachable assertion CWE-617; to exploit the vulnerability, the attackers...

CVE-2020-21047

The libcpu component which is used by libasm of elfutils version 0.177 git 47780c9e, suffers from denial-of-service vulnerability caused by application crashes due to out-of-bounds write CWE-787, off-by-one error CWE-193 and reachable assertion CWE-617; to exploit the vulnerability, the attackers...

CVE-2020-21047

CVE-2020-21047 affects elfutils’ libcpu (used by libasm, elfutils 0.177, git 47780c9e). It enables a denial-of-service via an out-of-bounds write (CWE-787), off-by-one error (CWE-193), and reachable assertion (CWE-617). Exploitation requires crafting ELF files that bypass bound checks. The vulner...

Accusoft ImageGear Palette box parser heap-based buffer overflow vulnerability

Summary A heap-based buffer overflow vulnerability exists in the Palette box parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions Accusoft ImageGear 19.10...

HackerOne: Mishandling of hackerone clear background checks resulting in disclosure of other hacker's information

Summary: Mishandling of hackerone clear background checks resulting in disclosure of other hacker's information . Description: I received a hackerone clear invite for "█████" I am not █████. There appears to be some kind of off by one error or similar problem with the hackerone clear invites! fir...

Johnson Controls Sensormatic Electronics VideoEdge

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Sensormatic Electronics, LLC, a subsidiary of Johnson Controls Equipment: VideoEdge Vulnerability: Off-by-one Error 2. RISK EVALUATION Under specific circumstances, a local authenticated user may be able to exploit this...

nginx 1.20.0 DNS Resolver Off-By-One Heap Write

Advisory X41-2021-002: nginx DNS Resolver Off-by-One Heap Write Vulnerability ============================================================================= Severity Rating: High Confirmed Affected Versions: 0.6.18 - 1.20.0 Confirmed Patched Versions: 1.21.0, 1.20.1 Vendor: F5, Inc. Vendor URL:...

Johnson Controls Sensormatic Tyco AI

1. EXECUTIVE SUMMARY CVSS v3 7.0 Vendor: Sensormatic Electronics, LLC, a subsidiary of Johnson Controls Equipment: Tyco AI Vulnerability: Off-by-one Error 2. RISK EVALUATION Under specific circumstances, a local attacker could use this vulnerability to obtain super-user access to the underlying...

Johnson Controls Exacq Technologies exacqVision

1. EXECUTIVE SUMMARY CVSS v3 7.0 Vendor: Exacq Technologies, Inc., a subsidiary of Johnson Controls, Inc. Equipment: exacqVision Vulnerability: Off-by-one Error 2. RISK EVALUATION A local attacker could exploit this vulnerability to obtain “Super User” access to the underlying Ubuntu Linux...

Google PDFium TIFF Image Flate Decoder Code Execution Vulnerability(CVE-2017-5133)

Summary An off-by-one read/write on the heap vulnerability exists in the TIFF image decoder functionality of Pdfium as used by Google Chrome up to and including 60.0.3112.101. A specially crafted PDF file can trigger an off-by-one read and write on the heap resulting in memory corruption and a...

WolfSSL library X509 Certificate Text Parsing Code Execution Vulnerability(CVE-2017-2800)

Summary An exploitable off-by-one write vulnerability exists in the x509 certificate parsing functionality of wolfSSL library versions up to 3.10.2. A specially crafted x509 certificate can cause a single out of bounds byte overwrite resulting in potential certificate validation vulnerabilities,...

wolfSSL 3.10.2 - x509 Certificate Text Parsing Off-by-One

TALOS-2017-0293 WOLFSSL LIBRARY X509 CERTIFICATE TEXT PARSING CODE EXECUTION VULNERABILITY MAY 8, 2017 CVE-2017-2800 SUMMARY An exploitable off-by-one write vulnerability exists in the x509 certificate parsing functionality of wolfSSL library versions up to 3.10.2. A specially crafted x509...

wolfSSL 3.10.2 - x509 Certificate Text Parsing Off-by-One

Exploit for multiple platform in category dos / poc WOLFSSL LIBRARY X509 CERTIFICATE TEXT PARSING CODE EXECUTION VULNERABILITY MAY 8, 2017 CVE-2017-2800 SUMMARY An exploitable off-by-one write vulnerability exists in the x509 certificate parsing functionality of wolfSSL library versions up to...

WolfSSL library X509 Certificate Text Parsing Code Execution Vulnerability

Summary An exploitable off-by-one write vulnerability exists in the x509 certificate parsing functionality of wolfSSL library versions up to 3.10.2. A specially crafted x509 certificate can cause a single out of bounds byte overwrite resulting in potential certificate validation vulnerabilities,...

Core Security Technologies Advisory 2010.0316

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://corelabs.coresecurity.com/ Novell iManager Multiple Vulnerabilities 1. Advisory Information Title: Novell iManager Multiple Vulnerabilities Advisory Id: CORE-2010-0316 Advisory URL:...

FreeBSD 8.0 ftpd Off-By-One Proof Of Concept

libopie readrec off-by one FreeBSD ftpd remote PoC Authors: - Maksymilian Arciemowicz - Adam 'pi3' Zabrocki http://securityreason.com/achievementsecurityalert/87 http://site.pi3.com.pl/adv/libopie-adv.txt http://blog.pi3.com.pl/?p=111 Date: - Dis.: 04.05.2010 - Pub.: 27.05.2010 CVE: CVE-2010-1938...