Lucene search
K

110 matches found

Tenable Nessus
Tenable Nessus
added 2016/03/10 12:0 a.m.25 views

FreeBSD : libotr -- integer overflow (c2b1652c-e647-11e5-85be-14dae9d210b8)

X41 D-Sec reports : A remote attacker may crash or execute arbitrary code in libotr by sending large OTR messages. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2018 Jacqu...

9.8CVSS8.8AI score0.254EPSS
Exploits5References3
Tenable Nessus
Tenable Nessus
added 2016/03/10 12:0 a.m.86 views

Debian DSA-3512-1 : libotr - security update

Markus Vervier of X41 D-Sec GmbH discovered an integer overflow vulnerability in libotr, an off-the-record OTR messaging library, in the way how the sizes of portions of incoming messages were stored. A remote attacker can exploit this flaw by sending crafted messages to an application that is...

9.8CVSS8.5AI score0.254EPSS
Exploits5References4
OpenVAS
OpenVAS
added 2016/03/10 12:0 a.m.19 views

openSUSE: Security Advisory for libotr, libotr2 (openSUSE-SU-2016:0708-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.5AI score0.254EPSS
Exploits5References1
Debian
Debian
added 2016/03/09 9:25 p.m.67 views

[SECURITY] [DSA 3512-1] libotr security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3512-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 09, 2016 https://www.debian.org/security/faq -...

9.8CVSS9.8AI score0.254EPSS
Exploits5
Debian
Debian
added 2016/03/09 9:25 p.m.28 views

[SECURITY] [DSA 3512-1] libotr security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3512-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 09, 2016 https://www.debian.org/security/faq -...

7.5CVSS3.2AI score0.254EPSS
Exploits5
OSV
OSV
added 2016/03/09 6:6 p.m.5 views

SUSE-SU-2016:0706-1 Security update for libotr

This update for libotr fixes the following issues: - Apply 'libotr-CVE-2016-2851.patch' to fix integer overflows that used to occur on 64-bit architectures when receiving 4GB messages. This flaw could potentially have been exploited by an attacker to remotely execute arbitrary code on the user's...

9.8CVSS9.7AI score0.254EPSS
Exploits5References3
OSV
OSV
added 2016/03/09 6:1 p.m.6 views

SUSE-SU-2016:0707-1 Security update for libotr

This update for libotr fixes the following issue: - Apply 'libotr-CVE-2016-2851.patch' to fix integer overflows that used to occur on 64-bit architectures when receiving 4GB messages. This flaw could potentially have been exploited by an attacker to remotely execute arbitrary code on the user's...

9.8CVSS9.7AI score0.254EPSS
Exploits5References3
ArchLinux
ArchLinux
added 2016/03/09 12:0 a.m.48 views

libotr: arbitrary code execution

CVE-2016-2851 arbitrary code execution Versions 4.1.0 and earlier of libotr in 64-bit builds contain an integer overflow security flaw. This flaw could potentially be exploited by a remote attacker to cause a heap buffer overflow and subsequently for arbitrary code to be executed on the user's...

7.5CVSS6.5AI score0.254EPSS
Exploits5References2
OpenVAS
OpenVAS
added 2016/03/09 12:0 a.m.28 views

Debian Security Advisory DSA 3512-1 (libotr - security update)

Markus Vervier of X41 D-Sec GmbH discovered an integer overflow vulnerability in libotr, an off-the-record OTR messaging library, in the way how the sizes of portions of incoming messages were stored. A remote attacker can exploit this flaw by sending crafted messages to an application that is...

7.5CVSS9.8AI score0.254EPSS
Exploits5References1
UbuntuCve
UbuntuCve
added 2016/03/09 12:0 a.m.26 views

CVE-2016-2851

Integer overflow in proto.c in libotr before 4.1.1 on 64-bit platforms allows remote attackers to cause a denial of service memory corruption and application crash or execute arbitrary code via a series of large OTR messages, which triggers a heap-based buffer overflow...

9.8CVSS7.8AI score0.254EPSS
Exploits5References4
OSV
OSV
added 2016/03/09 12:0 a.m.3 views

UBUNTU-CVE-2016-2851

Integer overflow in proto.c in libotr before 4.1.1 on 64-bit platforms allows remote attackers to cause a denial of service memory corruption and application crash or execute arbitrary code via a series of large OTR messages, which triggers a heap-based buffer overflow...

9.8CVSS8AI score0.254EPSS
Exploits5References5
OSV
OSV
added 2016/03/09 12:0 a.m.22 views

DSA-3512-1 libotr - security update

Bulletin has no description...

9.8CVSS9.4AI score0.254EPSS
Exploits5
OpenVAS
OpenVAS
added 2016/03/08 12:0 a.m.23 views

Debian: Security Advisory (DSA-3512-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.254EPSS
Exploits5References3
FreeBSD
FreeBSD
added 2016/02/17 12:0 a.m.24 views

libotr -- integer overflow

X41 D-Sec reports: A remote attacker may crash or execute arbitrary code in libotr by sending large OTR messages...

9.8CVSS4.9AI score0.254EPSS
Exploits5References1
OpenVAS
OpenVAS
added 2015/09/29 12:0 a.m.14 views

Gentoo Security Advisory GLSA 201309-07

Gentoo Linux Local Security Checks GLSA 201309-07 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

4.3CVSS5AI score0.03441EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.7 views

The vulnerability of the SUSE Linux Enterprise operating system allows attackers to compromise the accessibility of protected information.

The vulnerability of the libotr package in the SUSE Linux Enterprise operating system can lead to a violation of the accessibility of protected information. Exploitation of this vulnerability can be carried out remotely...

4.3CVSS5.4AI score0.03441EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.7 views

The vulnerability of the SUSE Linux Enterprise operating system allows attackers to compromise the accessibility of protected information.

The vulnerability of the libotr-devel package in the SUSE Linux Enterprise operating system can lead to a violation of the accessibility of protected information. Exploitation of this vulnerability can be carried out remotely...

4.3CVSS5.4AI score0.03441EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.12 views

Oracle Solaris Third-Party Patch Update : libotr (cve_2012_3461_denial_of)

The remote Solaris system is missing necessary patches to address security updates : - The 1 otrlbase64otrdecode function in src/b64.c; 2 otrlprotodatareadflags and 3 otrlprotoacceptdata functions in src/ proto.c; and 4 decode function in toolkit/parse.c in libotr before 3.2.1 allocates a...

4.3CVSS5.8AI score0.03441EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.12 views

openSUSE Security Update : libotr (openSUSE-SU-2012:1525-1)

This update of libotr fixed multiple buffer overflows. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-798. The text description of this plugin is C SUSE LLC...

4.3CVSS6.9AI score0.03441EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2014/02/03 12:0 a.m.11 views

Ubuntu: Security Advisory (USN-2091-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References3
Rows per page
Query Builder