Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
suseSuseSUSE-SA:2003:0010
HistoryFeb 26, 2003 - 11:22 a.m.

local privilege escalation in libmcrypt

2003-02-2611:22:44
lists.opensuse.org
14

0.004 Low

EPSS

Percentile

71.9%

JSON

Libmcrypt is a data encryption library that is able to load crypto- modules at run-time by using libltdl. Versions of libmcrypt prior to 2.5.5 include several buffer overflows that can be triggered by passing very long input to the mcrypt_* functions. The way libmcrypt handles dynamic crypto-modules via libltdl leads to memory-leaks that can cause a Denial-of-Service condition. This Problem can just be solved by linking modules static. This security update does not solve the memory-leak problem to avoid compatibility problems. Future releases of libmcrypt will be linked statically.

OSVersionArchitecturePackageVersionFilename
openSUSE7.3ppclibmcrypt-devel< 2.4.15-89libmcrypt-devel-2.4.15-89.ppc.rpm
openSUSE7.1ppclibmcrypt-devel< 2.4.7-23libmcrypt-devel-2.4.7-23.ppc.rpm
openSUSE8.1i586libmcrypt-devel< 2.5.2-48libmcrypt-devel-2.5.2-48.i586.rpm
openSUSE7.1i386libmcrypt-devel< 2.4.7-19libmcrypt-devel-2.4.7-19.i386.rpm
openSUSE7.3i386libmcrypt-devel< 2.4.15-98libmcrypt-devel-2.4.15-98.i386.rpm
openSUSE8.0i386libmcrypt-devel< 2.4.20-114libmcrypt-devel-2.4.20-114.i386.rpm
openSUSE7.3sparclibmcrypt-devel< 2.4.15-53libmcrypt-devel-2.4.15-53.sparc.rpm
openSUSE7.3i386libmcrypt< 2.4.15-98libmcrypt-2.4.15-98.i386.rpm
openSUSE7.2i386libmcrypt-devel< 2.4.10-59libmcrypt-devel-2.4.10-59.i386.rpm
openSUSE7.1alphalibmcrypt-devel< 2.4.7-26libmcrypt-devel-2.4.7-26.alpha.rpm
Rows per page:
1-10 of 181

Related

debian 2
nessus 4
openvas 4
freebsd 1
cve 2
debiancve 2
debian
debian
[SECURITY] [DSA 228-1] New libmcrypt packages fix buffer overflows and memory leak
2003-01-14 15:37:48
[SECURITY] [DSA 228-1] New libmcrypt packages fix buffer overflows and memory leak
2003-01-14 15:37:48
nessus
nessus
Debian DSA-228-1 : libmcrypt - buffer overflows and memory leak
2004-09-29 00:00:00
FreeBSD : Buffer overflows in libmcrypt (92)
2004-07-06 00:00:00
FreeBSD : Buffer overflows in libmcrypt (c4b7badf-24ca-11d8-82e5-0020ed76ef5a)
2009-04-23 00:00:00
openvas
openvas
FreeBSD Ports: libmcrypt
2008-09-04 00:00:00
Debian: Security Advisory (DSA-228)
2008-01-17 00:00:00
FreeBSD Ports: libmcrypt
2008-09-04 00:00:00
freebsd
freebsd
Buffer overflows in libmcrypt
2003-10-25 00:00:00
cve
cve
CVE-2003-0032
2003-01-17 05:00:00
CVE-2003-0031
2003-01-17 05:00:00
debiancve
debiancve
CVE-2003-0032
2003-01-17 05:00:00
CVE-2003-0031
2003-01-17 05:00:00

0.004 Low

EPSS

Percentile

71.9%

JSON
Related for SUSE-SA:2003:0010
debian2nessus4openvas4freebsd1cve2debiancve2