what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

CVE-2014-3469

Status Candidate

Overview

The (1) asn1_read_value_type and (2) asn1_read_value functions in GNU Libtasn1 before 3.6 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via a NULL value in an ivalue argument.

Related Files

Mandriva Linux Security Advisory 2015-116
Posted Mar 30, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-116 - Multiple buffer boundary check issues were discovered in libtasn1 library, causing it to read beyond the boundary of an allocated buffer. An untrusted ASN.1 input could cause an application using the library to crash. It was discovered that libtasn1 library function asn1_get_bit_der() could incorrectly report negative bit length of the value read from ASN.1 input. This could possibly lead to an out of bounds access in an application using libtasn1, for example in case if application tried to terminate read value with NUL byte. A NULL pointer dereference flaw was found in libtasn1's asn1_read_value_type() / asn1_read_value() function. If an application called the function with a NULL value for an ivalue argument to determine the amount of memory needed to store data to be read from the ASN.1 input, libtasn1 could incorrectly attempt to dereference the NULL pointer, causing an application using the library to crash.

tags | advisory
systems | linux, mandriva
advisories | CVE-2014-3467, CVE-2014-3468, CVE-2014-3469
SHA-256 | c4e199c0ab79d1649e49098959c6c8f3c0dcefdc5a01643028b98300c6a849fb
Debian Security Advisory 3056-1
Posted Oct 27, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3056-1 - Several vulnerabilities were discovered in libtasn1-3, a library that manages ASN1 (Abstract Syntax Notation One) structures. An attacker could use those to cause a denial-of-service via out-of-bounds access or NULL pointer dereference.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2014-3467, CVE-2014-3468, CVE-2014-3469
SHA-256 | 7a048cf39a7d9acfccb3492f25d8e0dd5367015cd8eb9a4bcf864c1326fff9a5
Gentoo Linux Security Advisory 201408-09
Posted Aug 29, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201408-9 - Multiple vulnerabilities have been discovered in GNU Libtasn1, the worse of which can allow a context-dependent attacker to cause a Denial of Service condition. Versions less than 3.6 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2014-3467, CVE-2014-3468, CVE-2014-3469
SHA-256 | 9eb259c7ad52db023b5746739662027753337b7e5aa8cf8018a3c533be9cfb5b
Ubuntu Security Notice USN-2294-1
Posted Jul 22, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2294-1 - It was discovered that Libtasn1 incorrectly handled certain ASN.1 data structures. An attacker could exploit this with specially crafted ASN.1 data and cause applications using Libtasn1 to crash, resulting in a denial of service. It was discovered that Libtasn1 incorrectly handled negative bit lengths. An attacker could exploit this with specially crafted ASN.1 data and cause applications using Libtasn1 to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-3467, CVE-2014-3468, CVE-2014-3469
SHA-256 | a15de4c2e04bfec1afe8e723c19c93779c39f5421110554b9e8dd54be15fa159
Red Hat Security Advisory 2014-0815-01
Posted Jun 30, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0815-01 - The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: a subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. A flaw was found in the way GnuTLS parsed session IDs from ServerHello messages of the TLS/SSL handshake. A malicious server could use this flaw to send an excessively long session ID value, which would trigger a buffer overflow in a connecting TLS/SSL client application using GnuTLS, causing the client application to crash or, possibly, execute arbitrary code.

tags | advisory, overflow, arbitrary, kernel
systems | linux, redhat
advisories | CVE-2014-3466, CVE-2014-3467, CVE-2014-3468, CVE-2014-3469
SHA-256 | a010735c07300e81c05307db46a722929722e51bde6e7a4c5df209d29725b131
Red Hat Security Advisory 2014-0687-01
Posted Jun 11, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0687-01 - The libtasn1 library provides Abstract Syntax Notation One parsing and structures management, and Distinguished Encoding Rules encoding and decoding functions. It was discovered that the asn1_get_bit_der() function of the libtasn1 library incorrectly reported the length of ASN.1-encoded data. Specially crafted ASN.1 input could cause an application using libtasn1 to perform an out-of-bounds access operation, causing the application to crash or, possibly, execute arbitrary code. Multiple incorrect buffer boundary check issues were discovered in libtasn1. Specially crafted ASN.1 input could cause an application using libtasn1 to crash.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2014-3467, CVE-2014-3468, CVE-2014-3469
SHA-256 | 822c88ae36d5215b0d611a8605c6c91e9253af0d2d6533a8933792993155a472
Mandriva Linux Security Advisory 2014-107
Posted Jun 10, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-107 - Multiple buffer boundary check issues were discovered in libtasn1 library, causing it to read beyond the boundary of an allocated buffer. An untrusted ASN.1 input could cause an application using the library to crash. It was discovered that libtasn1 library function asn1_get_bit_der() could incorrectly report negative bit length of the value read from ASN.1 input. This could possibly lead to an out of bounds access in an application using libtasn1, for example in case if application tried to terminate read value with NUL byte. A NULL pointer dereference flaw was found in libtasn1's asn1_read_value_type() / asn1_read_value() function. If an application called the function with a NULL value for an ivalue argument to determine the amount of memory needed to store data to be read from the ASN.1 input, libtasn1 could incorrectly attempt to dereference the NULL pointer, causing an application using the library to crash. The packages for mes5 have been patched to correct these issues and the packages for mbs1 have been upgraded to the 3.6 version where these issues has been fixed.

tags | advisory
systems | linux, mandriva
advisories | CVE-2014-3467, CVE-2014-3468, CVE-2014-3469
SHA-256 | 6084645b18303c08ddea0b6685c126bac08365a0a77c976b079a38f918704baa
Slackware Security Advisory - gnutls Updates
Posted Jun 6, 2014
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New gnutls packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2014-3465, CVE-2014-3466, CVE-2014-3467, CVE-2014-3468, CVE-2014-3469
SHA-256 | 7048df4ef4b612681d06186dbc787300b6781fa7ea3008f07aee1f4b25a28b84
Slackware Security Advisory - libtasn1 Updates
Posted Jun 6, 2014
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New libtasn1 packages are available for Slackware 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2014-3467, CVE-2014-3468, CVE-2014-3469
SHA-256 | af948750ad6da705a091b7519b18f56b895aebed42dd621fd411bb84d610378c
Red Hat Security Advisory 2014-0596-01
Posted Jun 3, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0596-01 - The libtasn1 library provides Abstract Syntax Notation One parsing and structures management, and Distinguished Encoding Rules encoding and decoding functions. It was discovered that the asn1_get_bit_der() function of the libtasn1 library incorrectly reported the length of ASN.1-encoded data. Specially crafted ASN.1 input could cause an application using libtasn1 to perform an out-of-bounds access operation, causing the application to crash or, possibly, execute arbitrary code. Multiple incorrect buffer boundary check issues were discovered in libtasn1. Specially crafted ASN.1 input could cause an application using libtasn1 to crash.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2014-3467, CVE-2014-3468, CVE-2014-3469
SHA-256 | f836b4e6265be37b61ebbaeb05c7c0654914fc9b847e41d68406944ce2824ce7
Red Hat Security Advisory 2014-0594-01
Posted Jun 3, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0594-01 - The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security. The gnutls packages also include the libtasn1 library, which provides Abstract Syntax Notation One parsing and structures management, and Distinguished Encoding Rules encoding and decoding functions. A flaw was found in the way GnuTLS parsed session IDs from ServerHello messages of the TLS/SSL handshake. A malicious server could use this flaw to send an excessively long session ID value, which would trigger a buffer overflow in a connecting TLS/SSL client application using GnuTLS, causing the client application to crash or, possibly, execute arbitrary code.

tags | advisory, overflow, arbitrary, protocol
systems | linux, redhat
advisories | CVE-2014-3466, CVE-2014-3467, CVE-2014-3468, CVE-2014-3469
SHA-256 | 5383daf04f0ecec5ab448cbfb42ba4c12d0682950ec05432c8551747b9422d50
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close