Download
| Alert*
oval:org.secpod.oval:def:1800015
libtasn1 is installed oval:org.secpod.oval:def:700848 libtasn1-3: Library to manage ASN.1 structures Libtasn1 could be made to crash or run programs as your login if it received specially crafted input. oval:org.secpod.oval:def:1601282 A flaw was found in the way libtasn1 decoded DER data. An attacker could create carefully-crafted DER encoded input that, when parsed by an application that uses libtasn1 , could cause the application to crash oval:org.secpod.oval:def:89045231 This update for libtasn1 fixes the following issues: - Malformed asn1 definitions could have caused a segmentation fault in the asn1 definition parser - CVE-2015-3622: Fixed invalid read in octet string decoding - CVE-2016-4008: Fixed infinite loop while parsing DER certificates oval:org.secpod.oval:def:203240 libtasn1 is installed oval:org.secpod.oval:def:703072 libtasn1-6: Library to manage ASN.1 structures - libtasn1-3: Library to manage ASN.1 structures Libtasn1 could be made to hang if it processed specially crafted data. oval:org.secpod.oval:def:204595 Libtasn1 is a library that provides Abstract Syntax Notation One parsing and structures management, and Distinguished Encoding Rules encoding and decoding functions. The following packages have been upgraded to a later upstream version: libtasn1 . Security Fix: * A heap-based buffer overflow flaw ... oval:org.secpod.oval:def:701675 libtasn1-3 is installed oval:org.secpod.oval:def:600762 Matthew Hall discovered that many callers of the asn1_get_length_der function did not check the result against the overall buffer length before processing it further. This could result in out-of-bounds memory accesses and application crashes. Applications using GNUTLS are exposed to this issue. oval:org.secpod.oval:def:702555 libtasn1-6: Library to manage ASN.1 structures - libtasn1-3: Library to manage ASN.1 structures Libtasn1 could be made to crash or run programs if it processed specially crafted data. oval:org.secpod.oval:def:89003353 This update for libtasn1 fixes the following issues: Security issues fixed: - CVE-2018-1000654: Fixed a denial of service in the asn1 parser . - CVE-2017-6891: Fixed a stack overflow in asn1_find_node . oval:org.secpod.oval:def:202301 libtasn1 is a library developed for ASN.1 structures management that includes DER encoding and decoding. A flaw was found in the way libtasn1 decoded DER data. An attacker could create carefully-crafted DER encoded input that, when parsed by an application that uses libtasn1 , could cause the app ... oval:org.secpod.oval:def:1503763 Updated libtasn1 packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is availabl ... oval:org.secpod.oval:def:500770 libtasn1 is a library developed for ASN.1 structures management that includes DER encoding and decoding. A flaw was found in the way libtasn1 decoded DER data. An attacker could create carefully-crafted DER encoded input that, when parsed by an application that uses libtasn1 , could cause the app ... oval:org.secpod.oval:def:507473 A library that provides Abstract Syntax Notation One parsing and structures management, and Distinguished Encoding Rules encoding and decoding functions. Security Fix: * libtasn1: Out-of-bound access in ETYPE_OK For more details about the security issue, including the impact, a CVSS score, acknow ... oval:org.secpod.oval:def:3301276 SUSE Security Update: Security update for libtasn1 oval:org.secpod.oval:def:89050714 This update for samba fixes the following issues: Security issue fixed: - CVE-2019-3880: Fixed a path/symlink traversal vulnerability, which allowed an unprivileged user to save registry files outside a share . ldb was updated to version 1.2.4 : - Out of bound read in ldb_wildcard_compare - Hold at ... oval:org.secpod.oval:def:1506342 [4.13-4] - Resolves: rhbz#2140600 oval:org.secpod.oval:def:1506391 [4.16.0-9] - Resolves: rhbz#2140602 oval:org.secpod.oval:def:1800013 An issue was discovered in the _asn1_decode_simple_ber function in decoding.c in GNU Libtasn1 before 4.13. Unlimited recursion in the BER decoder leads to stack exhaustion and DoS. oval:org.secpod.oval:def:1800715 An issue was discovered in the _asn1_decode_simple_ber function in decoding.c in GNU Libtasn1 before 4.13. Unlimited recursion in the BER decoder leads to stack exhaustion and DoS. oval:org.secpod.oval:def:1800785 The _asn1_check_identifier function in GNU Libtasn1 through 4.12 causes a NULL pointer dereference and crash when reading crafted input that triggers assignment of a NULL value within an asn1_node structure. It may lead to a remote denial of service attack. oval:org.secpod.oval:def:1800743 The _asn1_check_identifier function in GNU Libtasn1 through 4.12 causes a NULL pointer dereference and crash when reading crafted input that triggers assignment of a NULL value within an asn1_node structure. It may lead to a remote denial of service attack. oval:org.secpod.oval:def:1800839 The _asn1_check_identifier function in GNU Libtasn1 through 4.12 causes a NULL pointer dereference and crash when reading crafted input that triggers assignment of a NULL value within an asn1_node structure. It may lead to a remote denial of service attack. oval:org.secpod.oval:def:1800128 The _asn1_check_identifier function in GNU Libtasn1 through 4.12 causes a NULL pointer dereference and crash when reading crafted input that triggers assignment of a NULL value within an asn1_node structure. It may lead to a remote denial of service attack. oval:org.secpod.oval:def:1800298 Two errors in the "asn1_find_node" function within GnuTLS libtasn1 version 4.10 can be exploited to cause a stacked-based buffer overflow by tricking a user into processing a specially crafted assignments file via the e.g. asn1Coding utility. oval:org.secpod.oval:def:1800732 Two errors in the "asn1_find_node" function within GnuTLS libtasn1 version 4.10 can be exploited to cause a stacked-based buffer overflow by tricking a user into processing a specially crafted assignments file via the e.g. asn1Coding utility. oval:org.secpod.oval:def:110411 A library that provides Abstract Syntax Notation One parsing and structures management, and Distinguished Encoding Rules encoding and decoding functions. oval:org.secpod.oval:def:110453 A library that provides Abstract Syntax Notation One parsing and structures management, and Distinguished Encoding Rules encoding and decoding functions. oval:org.secpod.oval:def:108873 A library that provides Abstract Syntax Notation One parsing and structures management, and Distinguished Encoding Rules encoding and decoding functions. oval:org.secpod.oval:def:2500923 A library that provides Abstract Syntax Notation One parsing and structures management, and Distinguished Encoding Rules encoding and decoding functions. oval:org.secpod.oval:def:2600142 A library that provides Abstract Syntax Notation One parsing and structures management, and Distinguished Encoding Rules encoding and decoding functions. oval:org.secpod.oval:def:89047799 This update for libtasn1 fixes the following issues: - CVE-2021-46848: Fixed off-by-one array size check that affects asn1_encode_simple_der oval:org.secpod.oval:def:5800005 A library that provides Abstract Syntax Notation One parsing and structures management, and Distinguished Encoding Rules encoding and decoding functions. Security Fix: * libtasn1: Out-of-bound access in ETYPE_OK For more details about the security issue, including the impact, a CVSS score, acknow ... oval:org.secpod.oval:def:4501214 A library that provides Abstract Syntax Notation One parsing and structures management, and Distinguished Encoding Rules encoding and decoding functions. Security Fix: * libtasn1: Out-of-bound access in ETYPE_OK For more details about the security issue, including the impact, a CVSS score, acknow ... oval:org.secpod.oval:def:1501967 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:108727 A library that provides Abstract Syntax Notation One parsing and structures management, and Distinguished Encoding Rules encoding and decoding functions. oval:org.secpod.oval:def:602037 Hanno Boeck discovered a stack-based buffer overflow in the asn1_der_decoding function in Libtasn1, a library to manage ASN.1 structures. A remote attacker could take advantage of this flaw to cause an application using the Libtasn1 library to crash, or potentially to execute arbitrary code. oval:org.secpod.oval:def:108708 A library that provides Abstract Syntax Notation One parsing and structures management, and Distinguished Encoding Rules encoding and decoding functions. oval:org.secpod.oval:def:502112 Libtasn1 is a library that provides Abstract Syntax Notation One parsing and structures management, and Distinguished Encoding Rules encoding and decoding functions. The following packages have been upgraded to a later upstream version: libtasn1 . Security Fix: * A heap-based buffer overflow flaw ... oval:org.secpod.oval:def:1800695 The libtasn1 library, in its 4.7 version, can loop for a long time or indefinitely when it is used to parse DER representations of X509 certificates, leading to a denial of service. Some of these loops may in addition increase heap or stack usage, leading to more issues. libtasn1 before version 4.8 ... oval:org.secpod.oval:def:1800568 Two errors in the "asn1_find_node" function within GnuTLS libtasn1 version 4.10 can be exploited to cause a stacked-based buffer overflow by tricking a user into processing a specially crafted assignments file via the e.g. asn1Coding utility. oval:org.secpod.oval:def:112439 A library that provides Abstract Syntax Notation One parsing and structures management, and Distinguished Encoding Rules encoding and decoding functions. oval:org.secpod.oval:def:1800550 Two errors in the "asn1_find_node" function within GnuTLS libtasn1 version 4.10 can be exploited to cause a stacked-based buffer overflow by tricking a user into processing a specially crafted assignments file via the e.g. asn1Coding utility. oval:org.secpod.oval:def:113990 A library that provides Abstract Syntax Notation One parsing and structures management, and Distinguished Encoding Rules encoding and decoding functions. oval:org.secpod.oval:def:1800330 An issue was discovered in the _asn1_decode_simple_ber function in decoding.c in GNU Libtasn1 before 4.13. Unlimited recursion in the BER decoder leads to stack exhaustion and DoS. oval:org.secpod.oval:def:1800440 An issue was discovered in the _asn1_decode_simple_ber function in decoding.c in GNU Libtasn1 before 4.13. Unlimited recursion in the BER decoder leads to stack exhaustion and DoS. oval:org.secpod.oval:def:113924 A library that provides Abstract Syntax Notation One parsing and structures management, and Distinguished Encoding Rules encoding and decoding functions. oval:org.secpod.oval:def:19500231 GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der oval:org.secpod.oval:def:601806 Several vulnerabilities were discovered in libtasn1-3, a library that manages ASN1 structures. An attacker could use those to cause a denial-of-service via out-of-bounds access or NULL pointer dereference. oval:org.secpod.oval:def:1500562 Updated libtasn1 packages that fix three security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are availabl ... oval:org.secpod.oval:def:1500641 It was discovered that the asn1_get_bit_der() function of the libtasn1 library incorrectly reported the length of ASN.1-encoded data. Specially crafted ASN.1 input could cause an application using libtasn1 to perform an out-of-bounds access operation, causing the application to crash or, possibly, e ... oval:org.secpod.oval:def:203327 The libtasn1 library provides Abstract Syntax Notation One parsing and structures management, and Distinguished Encoding Rules encoding and decoding functions. It was discovered that the asn1_get_bit_der function of the libtasn1 library incorrectly reported the length of ASN.1-encoded data. Specia ... oval:org.secpod.oval:def:107027 A library that provides Abstract Syntax Notation One parsing and structures management, and Distinguished Encoding Rules encoding and decoding functions. oval:org.secpod.oval:def:1600150 It was discovered that the asn1_get_bit_der function of the libtasn1 library incorrectly reported the length of ASN.1-encoded data. Specially crafted ASN.1 input could cause an application using libtasn1 to perform an out-of-bounds access operation, causing the application to crash or, possibly, exe ... oval:org.secpod.oval:def:702138 libtasn1-6: Library to manage ASN.1 structures - libtasn1-3: Library to manage ASN.1 structures Libtasn1 could be made to crash or run programs as your login if it processed specially crafted data. oval:org.secpod.oval:def:501302 The libtasn1 library provides Abstract Syntax Notation One parsing and structures management, and Distinguished Encoding Rules encoding and decoding functions. It was discovered that the asn1_get_bit_der function of the libtasn1 library incorrectly reported the length of ASN.1-encoded data. Specia ... oval:org.secpod.oval:def:107049 A library that provides Abstract Syntax Notation One parsing and structures management, and Distinguished Encoding Rules encoding and decoding functions. oval:org.secpod.oval:def:501313 The libtasn1 library provides Abstract Syntax Notation One parsing and structures management, and Distinguished Encoding Rules encoding and decoding functions. It was discovered that the asn1_get_bit_der function of the libtasn1 library incorrectly reported the length of ASN.1-encoded data. Specia ... |