110 matches found
FreeBSD : libotr -- integer overflow (c2b1652c-e647-11e5-85be-14dae9d210b8)
X41 D-Sec reports : A remote attacker may crash or execute arbitrary code in libotr by sending large OTR messages. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2018 Jacqu...
Debian DSA-3512-1 : libotr - security update
Markus Vervier of X41 D-Sec GmbH discovered an integer overflow vulnerability in libotr, an off-the-record OTR messaging library, in the way how the sizes of portions of incoming messages were stored. A remote attacker can exploit this flaw by sending crafted messages to an application that is...
openSUSE: Security Advisory for libotr, libotr2 (openSUSE-SU-2016:0708-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 3512-1] libotr security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3512-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 09, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3512-1] libotr security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3512-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 09, 2016 https://www.debian.org/security/faq -...
SUSE-SU-2016:0706-1 Security update for libotr
This update for libotr fixes the following issues: - Apply 'libotr-CVE-2016-2851.patch' to fix integer overflows that used to occur on 64-bit architectures when receiving 4GB messages. This flaw could potentially have been exploited by an attacker to remotely execute arbitrary code on the user's...
SUSE-SU-2016:0707-1 Security update for libotr
This update for libotr fixes the following issue: - Apply 'libotr-CVE-2016-2851.patch' to fix integer overflows that used to occur on 64-bit architectures when receiving 4GB messages. This flaw could potentially have been exploited by an attacker to remotely execute arbitrary code on the user's...
libotr: arbitrary code execution
CVE-2016-2851 arbitrary code execution Versions 4.1.0 and earlier of libotr in 64-bit builds contain an integer overflow security flaw. This flaw could potentially be exploited by a remote attacker to cause a heap buffer overflow and subsequently for arbitrary code to be executed on the user's...
Debian Security Advisory DSA 3512-1 (libotr - security update)
Markus Vervier of X41 D-Sec GmbH discovered an integer overflow vulnerability in libotr, an off-the-record OTR messaging library, in the way how the sizes of portions of incoming messages were stored. A remote attacker can exploit this flaw by sending crafted messages to an application that is...
CVE-2016-2851
Integer overflow in proto.c in libotr before 4.1.1 on 64-bit platforms allows remote attackers to cause a denial of service memory corruption and application crash or execute arbitrary code via a series of large OTR messages, which triggers a heap-based buffer overflow...
UBUNTU-CVE-2016-2851
Integer overflow in proto.c in libotr before 4.1.1 on 64-bit platforms allows remote attackers to cause a denial of service memory corruption and application crash or execute arbitrary code via a series of large OTR messages, which triggers a heap-based buffer overflow...
DSA-3512-1 libotr - security update
Bulletin has no description...
Debian: Security Advisory (DSA-3512-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
libotr -- integer overflow
X41 D-Sec reports: A remote attacker may crash or execute arbitrary code in libotr by sending large OTR messages...
Gentoo Security Advisory GLSA 201309-07
Gentoo Linux Local Security Checks GLSA 201309-07 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
The vulnerability of the SUSE Linux Enterprise operating system allows attackers to compromise the accessibility of protected information.
The vulnerability of the libotr package in the SUSE Linux Enterprise operating system can lead to a violation of the accessibility of protected information. Exploitation of this vulnerability can be carried out remotely...
The vulnerability of the SUSE Linux Enterprise operating system allows attackers to compromise the accessibility of protected information.
The vulnerability of the libotr-devel package in the SUSE Linux Enterprise operating system can lead to a violation of the accessibility of protected information. Exploitation of this vulnerability can be carried out remotely...
Oracle Solaris Third-Party Patch Update : libotr (cve_2012_3461_denial_of)
The remote Solaris system is missing necessary patches to address security updates : - The 1 otrlbase64otrdecode function in src/b64.c; 2 otrlprotodatareadflags and 3 otrlprotoacceptdata functions in src/ proto.c; and 4 decode function in toolkit/parse.c in libotr before 3.2.1 allocates a...
openSUSE Security Update : libotr (openSUSE-SU-2012:1525-1)
This update of libotr fixed multiple buffer overflows. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-798. The text description of this plugin is C SUSE LLC...
Ubuntu: Security Advisory (USN-2091-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...