Astra Linux - уязвимость в libidn2

GNU libidn2 before version 2.2.0 fails to perform the round-trip checks specified in RFC3490, Section 4.2, when converting A-labels to U-labels. This allows, under certain circumstances, one domain to impersonate another. By creating a malicious domain that matches a target domain except for the...

Siemens SIMATIC S7-1500 Out-of-bounds Write (CVE-2019-18224)

idn2toascii4i in lib/lookup.c in GNU libidn2 before 2.1.1 has a heap-based buffer overflow via a long domain string. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

Siemens SIMATIC S7-1500 Improper Input Validation (CVE-2019-12290)

GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels. This makes it possible in some circumstances for one domain to impersonate another. By creating a malicious domain that matches a target domain except for the...

EUVD-2017-5575

Malware in sbrugna...

EUVD-2019-8024

Malware in sbrugna...

EUVD-2019-3931

Malware in sbrugna...

EUVD-2017-5576

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2019-18224

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - idn2toascii4i in lib/lookup.c in GNU libidn2 before 2.1.1 has a heap-based buffer overflow via a long domain string. CVE-2019-18224 Note that Nessus relies on t...

RHBA-2019:3621 Red Hat Bug Fix Advisory: libidn2 bug fix and enhancement update

Bulletin has no description...

OPENSUSE-SU-2024:10950-1 libidn2-0-2.3.2-1.2 on GA media

These are all security issues fixed in the libidn2-0-2.3.2-1.2 package on the GA media of openSUSE Tumbleweed...

RHEL 5 : libidn2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - libidn2: Integer overflow in punydecode.c/decodedigit CVE-2017-14062 Note that Nessus has not tested for this issue...

RHEL 6 : libidn2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - libidn2: Integer overflow in punydecode.c/decodedigit CVE-2017-14062 Note that Nessus has not tested for this issue...

RHEL 7 : libidn2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - libidn2: Integer overflow in punydecode.c/decodedigit CVE-2017-14062 Note that Nessus has not tested for this issue...

Integer Overflow

libidn2.so is vulnerable to Integer Overflow. The vulnerability is due to the use of an unsigned integer llen in a loop condition, which could overflow due to the post-increment operation in the loop. This can potentially lead to Denial of Service...

Improper Input Validation

libidn2.so is vulnerable to Improper Input Validation. The vulnerability is due to improper roundtrip checks while converting A-labels to U-labels. This makes it possible for an attacker to impersonate arbitrary domains...

Security Bulletin: IBM Integrated Management Module II (IMM2) is affected by vulnerability in Libidn2 (CVE-2017-14062)

Summary IBM Integrated Management Module II IMM2 has addressed the following vulnerability in Libidn2. Vulnerability Details CVEID: CVE-2017-14062 DESCRIPTION: Libidn2 is vulnerable to a denial of service, caused by an integer overflow in the decodedigit function in punydecode.c. By persuading a...

Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by a vulnerabilty in libidn2 (CVE-2017-14062)

Summary IBM Flex System Chassis Management Module CMM has addressed the following vulnerability in libidn2. Vulnerability Details CVEID: CVE-2017-14062 DESCRIPTION: Libidn2 is vulnerable to a denial of service, caused by an integer overflow in the decodedigit function in punydecode.c. By persuadi...

Ubuntu 16.04 ESM : Libidn2 vulnerability (USN-3421-2)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-3421-2 advisory. USN-3421-1 fixed a vulnerability in Libidn2. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Tenable has extracted the...

Huawei EulerOS: Security Advisory for libidn2 (EulerOS-SA-2023-1735)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.2.0 : libidn2 (EulerOS-SA-2023-1735)

According to the versions of the libidn2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to...