132 matches found
UBUNTU-CVE-2017-7700
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the NetScaler file parser could go into an infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by ensuring a nonzero record size...
ALPINE-CVE-2017-7700
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the NetScaler file parser could go into an infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by ensuring a nonzero record size...
DEBIAN-CVE-2016-5418
The sandboxing code in libarchive 3.2.0 and earlier mishandles hardlink archive entries of non-zero data size, which might allow remote attackers to write to arbitrary files via a crafted archive file...
libarchive: Archive Entry with type 1 (hardlink), but has a non-zero data size file overwrite
A flaw was found in the way libarchive handled hardlink archive entries of non-zero size. Combined with flaws in libarchive's file system sandboxing, this issue could cause an application using libarchive to overwrite arbitrary files with arbitrary data from the archive...
ALPINE-CVE-2012-6702
Expat, when used in a parser that has not called XMLSetHashSalt or passed it a seed of 0, makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via vectors involving use of the srand function...
openssl: Divide-and-conquer session key recovery in SSLv2
It was discovered that the SSLv2 servers using OpenSSL accepted SSLv2 connection handshakes that indicated non-zero clear key length for non-export cipher suites. An attacker could use this flaw to decrypt recorded SSLv2 sessions with the server by using it as a decryption oracle...
UBUNTU-CVE-2016-2522
The dissectberconstrainedbitstring function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 2.0.x before 2.0.2 does not verify that a certain length is nonzero, which allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafte...
The vulnerability of the Red Hat Enterprise Linux operating system, which allows a hacker to trigger a service failure
The vulnerability of the Linux kernel driver for the USBvision device in the Red Hat Enterprise Linux operating system is related to code errors. Exploiting this vulnerability could allow an attacker, operating locally, to cause a service failure by setting a non-zero value of bInterfaceNumber in...
UBUNTU-CVE-2015-7833
The usbvision driver in the Linux kernel package 3.10.0-123.20.1.el7 through 3.10.0-229.14.1.el7 in Red Hat Enterprise Linux RHEL 7.1 allows physically proximate attackers to cause a denial of service panic via a nonzero bInterfaceNumber value in a USB device descriptor...
openssl: Divide-and-conquer session key recovery in SSLv2
It was discovered that the SSLv2 servers using OpenSSL accepted SSLv2 connection handshakes that indicated non-zero clear key length for non-export cipher suites. An attacker could use this flaw to decrypt recorded SSLv2 sessions with the server by using it as a decryption oracle...
CVE-2008-2833
admin/upload.php in le.cms 1.4 and earlier allows remote attackers to bypass administrative authentication, and upload and execute arbitrary files in images/, via a nonzero value for the submit0 parameter in conjunction with filenames in the filename and upload parameters...
PT-1997-1019 · Sgi · Irix Login Program
Name of the Vulnerable Software and Affected Versions: IRIX login program affected versions not specified Description: The issue concerns the IRIX login program, where a nonzero LOCKOUT parameter allows unauthorized creation or damage to files. Recommendations: At the moment, there is no...