110 matches found
Debian Security Advisory DSA 2526-1 (libotr)
The remote host is missing an update to libotr announced via advisory DSA 2526-1. OpenVAS Vulnerability Test $Id: deb25261.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2526-1 libotr Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...
Fedora Update for libotr FEDORA-2012-11934
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
FreeBSD Ports: libotr
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Fedora 17 : libotr-3.2.1-1.fc17 (2012-11959)
Updated to 3.2.1, updates patch for rhbz846377, CVE-2012-3461 Patch for multiple heap-based buffer overflows in the Base64 decoder Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically...
Fedora 16 : libotr-3.2.1-1.fc16 (2012-11934)
Updated to 3.2.1, updates patch for rhbz846377, CVE-2012-3461 Patch for multiple heap-based buffer overflows in the Base64 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and...
[SECURITY] Fedora 16 Update: libotr-3.2.1-1.fc16
Off-the-Record Messaging Library and Toolkit This is a library and toolkit which implements Off-the-Record OTR Messagi ng. OTR allows you to have private conversations over IM by providing Encryptio n, Authentication, Deniability and Perfect forward secrecy...
CVE-2012-3461
The 1 otrlbase64otrdecode function in src/b64.c; 2 otrlprotodatareadflags and 3 otrlprotoacceptdata functions in src/proto.c; and 4 decode function in toolkit/parse.c in libotr before 3.2.1 allocates a zero-length buffer when decoding a base64 string, which allows remote attackers to cause a deni...
CVE-2012-3461
The 1 otrlbase64otrdecode function in src/b64.c; 2 otrlprotodatareadflags and 3 otrlprotoacceptdata functions in src/proto.c; and 4 decode function in toolkit/parse.c in libotr before 3.2.1 allocates a zero-length buffer when decoding a base64 string, which allows remote attackers to cause a deni...
DEBIAN-CVE-2012-3461
The 1 otrlbase64otrdecode function in src/b64.c; 2 otrlprotodatareadflags and 3 otrlprotoacceptdata functions in src/proto.c; and 4 decode function in toolkit/parse.c in libotr before 3.2.1 allocates a zero-length buffer when decoding a base64 string, which allows remote attackers to cause a deni...
CVE-2012-3461
The CVE-2012-3461 issue affects the libotr library (Base64 decoding paths: otrl_base64_otr_decode in b64.c; data read/accept in proto.c; and decode in toolkit/parse.c). Public docs indicate that before 3.2.1, libotr allocated a zero-length or insufficient buffer during base64 decoding, enabling a...
CVE-2012-3461
The 1 otrlbase64otrdecode function in src/b64.c; 2 otrlprotodatareadflags and 3 otrlprotoacceptdata functions in src/proto.c; and 4 decode function in toolkit/parse.c in libotr before 3.2.1 allocates a zero-length buffer when decoding a base64 string, which allows remote attackers to cause a deni...
CVE-2012-3461
The 1 otrlbase64otrdecode function in src/b64.c; 2 otrlprotodatareadflags and 3 otrlprotoacceptdata functions in src/proto.c; and 4 decode function in toolkit/parse.c in libotr before 3.2.1 allocates a zero-length buffer when decoding a base64 string, which allows remote attackers to cause a deni...
libotr multiple buffer overflows
multiple heap overflows...
FreeBSD : libotr -- buffer overflows (c651c898-e90d-11e1-b230-0024e830109b)
OTR developers report : The otrlbase64otrdecode function and similar functions within OTR suffer from buffer overflows in the case of malformed input; specifically if a message of the format of '?OTR:===.' is received then a zero-byte allocation is performed without a similar correlation between...
[USN-1541-1] libotr vulnerability
========================================================================== Ubuntu Security Notice USN-1541-1 August 16, 2012 libotr vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
Ubuntu Update for libotr USN-1541-1
Ubuntu Update for Linux kernel vulnerabilities USN-1541-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN15411.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for libotr USN-1541-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...
Ubuntu: Security Advisory (USN-1541-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : libotr vulnerability (USN-1541-1)
Justin Ferguson discovered multiple heap overflows in libotr. A remote attacker could use this to craft a malformed OTR message that could cause a denial of service via application crash or possibly execute arbitrary code. Note that Tenable Network Security has extracted the preceding description...
USN-1541-1: libotr vulnerability
Justin Ferguson discovered multiple heap overflows in libotr. A remote attacker could use this to craft a malformed OTR message that could cause a denial of service via application crash or possibly execute arbitrary code...
Mandriva Update for libotr MDVSA-2012:131 (libotr)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...