Lucene search
K

35 matches found

The Hacker News
The Hacker News
added 2019/03/19 10:27 a.m.146 views

Libssh Releases Update to Patch 9 New Security Vulnerabilities

Libssh2, a popular open source client-side C library implementing the SSHv2 protocol, has released the latest version of its software to patch a total of nine security vulnerabilities. The Libssh2 library is available for all major distributors of the Linux operating systems, including Ubuntu, Re...

9.3CVSS2.9AI score0.09219EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2015/03/05 9:38 a.m.5 views

krb5: denial of service flaws when handling padding length longer than the plaintext

A buffer over-read flaw was found in the way MIT Kerberos handled certain requests. A remote, unauthenticated attacker who is able to inject packets into a client or server application's GSSAPI session could use this flaw to crash the application...

5CVSS7.3AI score0.07138EPSS
Exploits0References4
myhack58
myhack58
added 2014/11/12 12:0 a.m.66 views

Use the phpinfo information LFI temporary file[POC]-vulnerability warning-the black bar safety net

Remember before foreign cattle raised by LFI contain temporary files? Did feel a little tasteless, because the temporary file path and name is unknown, although the temporary file name can use a similar? Other wildcards let's call it a wildcard match, while the N individual together with requests...

7.3AI score
Exploits0
RedHat Linux
RedHat Linux
added 2014/09/16 5:28 a.m.7 views

krb5: denial of service flaws when handling padding length longer than the plaintext

A buffer over-read flaw was found in the way MIT Kerberos handled certain requests. A remote, unauthenticated attacker who is able to inject packets into a client or server application's GSSAPI session could use this flaw to crash the application...

5CVSS7.2AI score0.07138EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2013/07/16 5:3 p.m.4 views

gnutls: out of bounds read in _gnutls_ciphertext2compressed (GNUTLS-SA-2013-2)

The gnutlsciphertext2compressed function in lib/gnutlscipher.c in GnuTLS 2.12.23 allows remote attackers to cause a denial of service buffer over-read and crash via a crafted padding length. NOTE: this might be due to an incorrect fix for CVE-2013-0169...

5CVSS6.8AI score0.03761EPSS
Exploits0References4
Prion
Prion
added 2013/07/03 6:55 p.m.32 views

Design/Logic Flaw

The gnutlsciphertext2compressed function in lib/gnutlscipher.c in GnuTLS 2.12.23 allows remote attackers to cause a denial of service buffer over-read and crash via a crafted padding length. NOTE: this might be due to an incorrect fix for CVE-2013-0169...

5CVSS7AI score0.35584EPSS
Exploits1References15Affected Software1
RedHat Linux
RedHat Linux
added 2013/05/30 6:8 p.m.4 views

gnutls: out of bounds read in _gnutls_ciphertext2compressed (GNUTLS-SA-2013-2)

The gnutlsciphertext2compressed function in lib/gnutlscipher.c in GnuTLS 2.12.23 allows remote attackers to cause a denial of service buffer over-read and crash via a crafted padding length. NOTE: this might be due to an incorrect fix for CVE-2013-0169...

5CVSS6.8AI score0.03761EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2013/05/30 12:0 a.m.4 views

PT-2013-1059 · Gnu +4 · Gnutls +4

Name of the Vulnerable Software and Affected Versions: GnuTLS versions prior to 2.12.23 Description: The issue is related to multiple vulnerabilities in the GnuTLS package, which can be exploited remotely to cause a denial of service, leading to disruption of protected information availability...

5.8CVSS6.1AI score0.29958EPSS
Exploits2References47
UbuntuCve
UbuntuCve
added 2013/05/29 12:0 a.m.35 views

CVE-2013-2116

The gnutlsciphertext2compressed function in lib/gnutlscipher.c in GnuTLS 2.12.23 allows remote attackers to cause a denial of service buffer over-read and crash via a crafted padding length. NOTE: this might be due to an incorrect fix for CVE-2013-0169...

5CVSS6.8AI score0.03761EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2013/02/08 7:55 p.m.33 views

CVE-2013-1621

Array index error in the SSL module in PolarSSL before 1.2.5 might allow remote attackers to cause a denial of service via vectors involving a crafted padding-length value during validation of CBC padding in a TLS session, a different vulnerability than CVE-2013-0169...

4.3CVSS5.9AI score0.02068EPSS
Exploits0References3
CVE
CVE
added 2013/02/08 7:0 p.m.67 views

CVE-2013-1621

Technical details about CVE-2013-1621 are not provided in the connected documents. The Initial Description notes an array-index error in PolarSSL’s SSL module and TLS CBC padding validation, but no specific versions, impact, vectors, or fixes are disclosed here.

4.3CVSS6.4AI score0.02068EPSS
Exploits0References4Affected Software1
exploitpack
exploitpack
added 2010/10/20 12:0 a.m.37 views

Microsoft ASP.NET - Auto-Decryptor File Download (MS10-070)

Microsoft ASP.NET - Auto-Decryptor File Download MS10-070 !/usr/bin/ruby -w aspxadchotextattack.rb Copyright c 2010 AmpliaSECURITY. All rights reserved http://www.ampliasecurity.com Agustin Azubel - [email protected] MS10-070 ASPX proof of concept Decrypt data using an auto decryptor...

7.4AI score
Exploits0
OSV
OSV
added 2007/12/07 11:46 a.m.4 views

DEBIAN-CVE-2007-6277

Multiple buffer overflows in Free Lossless Audio Codec FLAC libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via large 1 Metadata Block Size, 2 VORBIS Comment String Size, 3 Picture Metadata MIME-TYPE Size, 4 Picture Description Size, 5 Picture Data Length, 6...

9.3CVSS8.4AI score0.06742EPSS
Exploits0References1
seebug.org
seebug.org
added 2006/10/24 12:0 a.m.20 views

Utility for generating HTTP/1.x requests for shellcodes

No description provided by source. / genhttpreq.c, utility for generating HTTP/1.x requests for shellcodes SIZES: HTTP/1.0 header request size - 18 bytes+ HTTP/1.1 header request size - 26 bytes+ NOTE: The length of the selected HTTP header is stored at EDX register. Thus the generated MOV...

7.1AI score
Exploits0
Ubuntu
Ubuntu
added 2005/05/13 6:46 p.m.45 views

USN-126-1: GNU TLS library vulnerability

A Denial of Service vulnerability was discovered in the GNU TLS library, which provides common cryptographic algorithms and is used by many applications in Ubuntu. Due to a missing consistency check of the padding length field, specially crafted ciphertext blocks caused an out of bounds memory...

5CVSS5.5AI score0.01931EPSS
Exploits0
Rows per page
Query Builder