4559 matches found
USN-3309-1: Libtasn1 vulnerability
Jakub Jirasek discovered that GnuTLS incorrectly handled certain assignments files. If a user were tricked into processing a specially crafted assignments file, a remote attacker could possibly execute arbirary code...
USN-3309-1 libtasn1-6 vulnerability
Jakub Jirasek discovered that GnuTLS incorrectly handled certain assignments files. If a user were tricked into processing a specially crafted assignments file, a remote attacker could possibly execute arbirary code...
[ASA-201706-3] libtasn1: arbitrary code execution
Arch Linux Security Advisory ASA-201706-3 ========================================= Severity: High Date : 2017-06-02 CVE-ID : CVE-2017-6891 Package : libtasn1 Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-285 Summary ======= The package libtasn1 before...
CVE-2017-6891
Two errors in the "asn1findnode" function lib/parseraux.c within GnuTLS libtasn1 version 4.10 can be exploited to cause a stacked-based buffer overflow by tricking a user into processing a specially crafted assignments file via the e.g. asn1Coding utility...
Fedora 25 : webkitgtk4 (2017-98bc28ae9e)
This update addresses the following vulnerabilities : - CVE-2017-2496, CVE-2017-2539, CVE-2017-2510 Additional fixes : - Fix URL shown in the title of beforeunload dialogs. - Focus first input field of HTTP authentication dialog. - Fix rendering glitches in HiDPI in long GitHub Gist pages when...
gnutls: Use-of-uninitialized-value in _wrap_nettle_pk_verify
Project: https://gitlab.com/gnutls/gnutls.git Detailed report: https://oss-fuzz.com/testcase?key=4994565519966208 Project: gnutls Fuzzer: libFuzzergnutlsclientfuzzer Fuzz target binary: gnutlsclientfuzzer Job Type: libfuzzermsangnutls Platform Id: linux Crash Type: Use-of-uninitialized-value Cras...
Fedora 24 : libvncserver (2017-dd5d2381e4)
Update to latest stable release, include fixes for gnutls and gtk-vnc compatibility. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible...
Debian DLA-950-1 : libtasn1-3 security update
Secunia Research has discovered multiple vulnerabilities in GnuTLS libtasn1, which can be exploited by malicious people to compromise a vulnerable system. Two errors in the 'asn1findnode' function lib/parseraux.c can be exploited to cause a stacked-based buffer overflow. Successful exploitation o...
[SECURITY] [DLA 950-1] libtasn1-3 security update
Package : libtasn1-3 Version : 2.13-2+deb7u4 CVE ID : CVE-2017-6891 Secunia Research has discovered multiple vulnerabilities in GnuTLS libtasn1, which can be exploited by malicious people to compromise a vulnerable system. Two errors in the "asn1findnode" function lib/parseraux.c can be exploited...
CVE-2017-6891
Two errors in the "asn1findnode" function lib/parseraux.c within GnuTLS libtasn1 version 4.10 can be exploited to cause a stacked-based buffer overflow by tricking a user into processing a specially crafted assignments file via the e.g. asn1Coding utility...
ALPINE-CVE-2017-6891
Two errors in the "asn1findnode" function lib/parseraux.c within GnuTLS libtasn1 version 4.10 can be exploited to cause a stacked-based buffer overflow by tricking a user into processing a specially crafted assignments file via the e.g. asn1Coding utility...
Buffer overflow
Two errors in the "asn1findnode" function lib/parseraux.c within GnuTLS libtasn1 version 4.10 can be exploited to cause a stacked-based buffer overflow by tricking a user into processing a specially crafted assignments file via the e.g. asn1Coding utility...
CVE-2017-6891
Two errors in the "asn1findnode" function lib/parseraux.c within GnuTLS libtasn1 version 4.10 can be exploited to cause a stacked-based buffer overflow by tricking a user into processing a specially crafted assignments file via the e.g. asn1Coding utility...
CVE-2017-6891
Two errors in the "asn1findnode" function lib/parseraux.c within GnuTLS libtasn1 version 4.10 can be exploited to cause a stacked-based buffer overflow by tricking a user into processing a specially crafted assignments file via the e.g. asn1Coding utility...
CVE-2017-6891
CVE-2017-6891 affects libtasn1 (GnuTLS libtasn1) with two errors in asn1_find_node() in lib/parser_aux.c of version 4.10 that can be triggered by processing a specially crafted assignments file (e.g., via asn1Coding). This can cause a stack-based buffer overflow and allow arbitrary code execution...
CVE-2017-6891
Two errors in the "asn1findnode" function lib/parseraux.c within GnuTLS libtasn1 version 4.10 can be exploited to cause a stacked-based buffer overflow by tricking a user into processing a specially crafted assignments file via the e.g. asn1Coding utility...
CVE-2017-6891
Two errors in the "asn1findnode" function lib/parseraux.c within GnuTLS libtasn1 version 4.10 can be exploited to cause a stacked-based buffer overflow by tricking a user into processing a specially crafted assignments file via the e.g. asn1Coding utility...
PT-2017-17399 · Gnu +3 · Gnutls +4
Name of the Vulnerable Software and Affected Versions: GnuTLS libtasn1 version 4.10 Description: The issue is related to two errors in the asn1 find node function within the libtasn1 library of GnuTLS. These errors can be exploited to cause a stack-based buffer overflow. This can happen when a us...
CVE-2017-6891
Two errors in the "asn1findnode" function lib/parseraux.c within GnuTLS libtasn1 version 4.10 can be exploited to cause a stacked-based buffer overflow by tricking a user into processing a specially crafted assignments file via the e.g. asn1Coding utility...
gnutls: Use-of-uninitialized-value in wrap_nettle_pk_fixup
Project: https://gitlab.com/gnutls/gnutls.git Detailed report: https://oss-fuzz.com/testcase?key=6563561801252864 Project: gnutls Fuzzer: libFuzzergnutlspkcs12keyparserfuzzer Fuzz target binary: gnutlspkcs12keyparserfuzzer Job Type: libfuzzermsangnutls Platform Id: linux Crash Type:...