4 results (0.010 seconds)

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1

The search_make_new function in evdns.c in libevent before 2.1.6-beta allows attackers to cause a denial of service (out-of-bounds read) via an empty hostname. La función search_make_new en evdns.c en libevent en versiones anteriores a 2.1.6-beta permite a atacantes provocar una denegación de servicio (fuera de límites de lectura) a través de un nombre de host vacío. An out of bounds read vulnerability was found in libevent in the search_make_new function. If an attacker could cause an application using libevent to attempt resolving an empty hostname, an out of bounds read could occur possibly leading to a crash. • http://www.debian.org/security/2017/dsa-3789 http://www.openwall.com/lists/oss-security/2017/01/31/17 http://www.openwall.com/lists/oss-security/2017/02/02/7 http://www.securityfocus.com/bid/96014 http://www.securitytracker.com/id/1038320 https://access.redhat.com/errata/RHSA-2017:1104 https://access.redhat.com/errata/RHSA-2017:1106 https://access.redhat.com/errata/RHSA-2017:1201 https://github.com/libevent/libevent/blob/release-2.1.6-beta/ChangeLog https: • CWE-125: Out-of-bounds Read •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1

The name_parse function in evdns.c in libevent before 2.1.6-beta allows remote attackers to have unspecified impact via vectors involving the label_len variable, which triggers an out-of-bounds stack read. La función name_parse en evdns.c en libevent en versiones anteriores a 2.1.6-beta permite a atacantes remotos tener un impacto no especificado a través de vectores que implican la variable label_len, lo que desencadena una lectura de pila fuera de los límites. A vulnerability was found in libevent with the parsing of DNS requests and replies. An attacker could send a forged DNS response to an application using libevent which could lead to reading data out of bounds on the heap, potentially disclosing a small amount of application memory. • http://www.debian.org/security/2017/dsa-3789 http://www.openwall.com/lists/oss-security/2017/01/31/17 http://www.openwall.com/lists/oss-security/2017/02/02/7 http://www.securityfocus.com/bid/96014 http://www.securitytracker.com/id/1038320 https://access.redhat.com/errata/RHSA-2017:1104 https://access.redhat.com/errata/RHSA-2017:1106 https://access.redhat.com/errata/RHSA-2017:1201 https://github.com/libevent/libevent/blob/release-2.1.6-beta/ChangeLog https: • CWE-125: Out-of-bounds Read •

CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 1

Stack-based buffer overflow in the evutil_parse_sockaddr_port function in evutil.c in libevent before 2.1.6-beta allows attackers to cause a denial of service (segmentation fault) via vectors involving a long string in brackets in the ip_as_string argument. Desbordamiento de búfer en la función evutil_parse_sockaddr_port en evutil.c en libevent en versiones anteriores a 2.1.6-beta permite a atacantes provocar una denegación de servicio (fallo de segmentación) a través de vectores que implican una cadena larga entre corchetes en el argumento ip_as_string. A vulnerability was found in libevent with the parsing of IPv6 addresses. If an attacker could cause an application using libevent to parse a malformed address in IPv6 notation of more than 2GiB in length, a stack overflow would occur leading to a crash. • http://www.debian.org/security/2017/dsa-3789 http://www.openwall.com/lists/oss-security/2017/01/31/17 http://www.openwall.com/lists/oss-security/2017/02/02/7 http://www.securityfocus.com/bid/96014 http://www.securitytracker.com/id/1038320 https://access.redhat.com/errata/RHSA-2017:1104 https://access.redhat.com/errata/RHSA-2017:1106 https://access.redhat.com/errata/RHSA-2017:1201 https://bugzilla.mozilla.org/show_bug.cgi?id=1343453 https://github.com/libeve • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 4%CPEs: 2EXPL: 0

Niels Provos libevent 1.2 and 1.2a allows remote attackers to cause a denial of service (infinite loop) via a DNS response containing a label pointer that references its own offset. Niels Provos libevent 1.2 y 1.2a permite a atacantes remotos provocar denegación de servicio (bucle infinito) a través de una respuesta DNS que contiene una puntero de etiqueta que referencia a su propio offset. • http://monkey.org/~provos/libevent http://osvdb.org/33228 http://secunia.com/advisories/24181 http://securityreason.com/securityalert/2268 http://www.securityfocus.com/archive/1/460530/100/0/threaded http://www.securityfocus.com/bid/22606 http://www.vupen.com/english/advisories/2007/0647 •