Download
| Alert*
oval:org.secpod.oval:def:104098
Off-the-Record Messaging Library and Toolkit This is a library and toolkit which implements Off-the-Record Messaging. OTR allows you to have private conversations over IM by providing Encryption, Authentication, Deniability and Perfect forward secrecy. oval:org.secpod.oval:def:104096 Off-the-Record Messaging Library and Toolkit This is a library and toolkit which implements Off-the-Record Messaging. OTR allows you to have private conversations over IM by providing Encryption, Authentication, Deniability and Perfect forward secrecy. oval:org.secpod.oval:def:302951 A vulnerability was found and corrected in libotr: Just Ferguson discovered that libotr, an off-the-record messaging library, can be forced to perform zero-length allocations for heap buffers that are used in base64 decoding routines. An attacker can exploit this flaw by sending crafted messages to ... oval:org.secpod.oval:def:400447 This update of libotr fixed multiple buffer overflows. oval:org.secpod.oval:def:600865 Just Ferguson discovered that libotr, an off-the-record messaging library, can be forced to perform zero-length allocations for heap buffers that are used in base64 decoding routines. An attacker can exploit this flaw by sending crafted messages to an application that is using libotr to perform den ... oval:org.secpod.oval:def:400469 This update of libotr fixed multiple buffer overflows. oval:org.secpod.oval:def:1000463 The remote host is missing a patch 147993-10 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:1000498 The remote host is missing a patch 147992-10 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:2101117 The (1) otrl_base64_otr_decode function in src/b64.c; (2) otrl_proto_data_read_flags and (3) otrl_proto_accept_data functions in src/proto.c; and (4) decode function in toolkit/parse.c in libotr before 3.2.1 allocates a zero-length buffer when decoding a base64 string, which allows remote attackers ... oval:org.secpod.oval:def:700970 libotr: Off-the-Record Messaging library Applications using Off-the-Record messaging plugins could be made to crash or run programs if it received specially crafted network messages. |