CVE-2016-4354 (libskba, ubuntu_linux)
ber-decoder.c in Libksba before 1.3.3 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (crash) via crafted BER data, which leads to a buffer overflow.
[월:] 2016년 06월
CVE-2016-4354
CVE-2016-4354
ber-decoder.c in Libksba before 1.3.3 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (crash) via crafted BER data, which leads to a buffer overflow.
Source: CVE-2016-4354
CVE-2016-4353 (libskba, ubuntu_linux)
CVE-2016-4353 (libskba, ubuntu_linux)
ber-decoder.c in Libksba before 1.3.3 does not properly handle decoder stack overflows, which allows remote attackers to cause a denial of service (abort) via crafted BER data.
CVE-2016-4353
CVE-2016-4353
ber-decoder.c in Libksba before 1.3.3 does not properly handle decoder stack overflows, which allows remote attackers to cause a denial of service (abort) via crafted BER data.
Source: CVE-2016-4353
CVE-2016-3698 (debian_linux, enterprise_linux_desktop, enterprise_linux_hpc_node, enterprise_linux_hpc_node_eus, enterprise_linux_server, enterprise_linux_server_aus, enterprise_linux_server_eus, enterprise_linux_workstation, libndp, ubuntu_linux)
CVE-2016-3698 (debian_linux, enterprise_linux_desktop, enterprise_linux_hpc_node, enterprise_linux_hpc_node_eus, enterprise_linux_server, enterprise_linux_server_aus, enterprise_linux_server_eus, enterprise_linux_workstation, libndp, ubuntu_linux)
libndp before 1.6, as used in NetworkManager, does not properly validate the origin of Neighbor Discovery Protocol (NDP) messages, which allows remote attackers to conduct man-in-the-middle attacks or cause a denial of service (network connectivity disruption) by advertising a node as a router from a non-local network.
CVE-2016-3698
CVE-2016-3698
libndp before 1.6, as used in NetworkManager, does not properly validate the origin of Neighbor Discovery Protocol (NDP) messages, which allows remote attackers to conduct man-in-the-middle attacks or cause a denial of service (network connectivity disruption) by advertising a node as a router from a non-local network.
Source: CVE-2016-3698
CVE-2015-8869 (fedora, ocaml, opensuse)
CVE-2015-8869 (fedora, ocaml, opensuse)
OCamel before 4.03.0 does not properly handle sign extensions, which allows remote attackers to conduct buffer overflow attacks or obtain sensitive information as demonstrated by a long string to the String.copy function.
CVE-2015-8869
CVE-2015-8869
OCamel before 4.03.0 does not properly handle sign extensions, which allows remote attackers to conduct buffer overflow attacks or obtain sensitive information as demonstrated by a long string to the String.copy function.
Source: CVE-2015-8869
CVE-2014-9773 (atheme, leap, opensuse)
CVE-2014-9773 (atheme, leap, opensuse)
modules/chanserv/flags.c in Atheme before 7.2.7 allows remote attackers to modify the Anope FLAGS behavior by registering and dropping the (1) LIST, (2) CLEAR, or (3) MODIFY keyword nicks.
CVE-2014-9773
CVE-2014-9773
modules/chanserv/flags.c in Atheme before 7.2.7 allows remote attackers to modify the Anope FLAGS behavior by registering and dropping the (1) LIST, (2) CLEAR, or (3) MODIFY keyword nicks.
Source: CVE-2014-9773