exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 3 of 3 RSS Feed

CVE-2019-13132

Status Candidate

Overview

In ZeroMQ libzmq before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.3.2, a remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/authentication enabled, may cause a stack overflow and overwrite the stack with arbitrary data, due to a buffer overflow in the library. Users running public servers with the above configuration are highly encouraged to upgrade as soon as possible, as there are no known mitigations.

Related Files

Gentoo Linux Security Advisory 201908-17
Posted Aug 15, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201908-17 - A vulnerability in ZeroMQ might allow an attacker to execute arbitrary code. Versions less than 4.3.2 are affected.

tags | advisory, arbitrary
systems | linux, gentoo
advisories | CVE-2019-13132
SHA-256 | ff983506ac67f3d0b68ac47fa12ff3bafe6b65afd22f1ce1e2948c6a1218c409
Debian Security Advisory 4477-1
Posted Jul 8, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4477-1 - Fang-Pen Lin discovered a stack-based buffer-overflow flaw in ZeroMQ, a lightweight messaging kernel library. A remote, unauthenticated client connecting to an application using the libzmq library, running with a socket listening with CURVE encryption/authentication enabled, can take advantage of this flaw to cause a denial of service or the execution of arbitrary code.

tags | advisory, remote, denial of service, overflow, arbitrary, kernel
systems | linux, debian
advisories | CVE-2019-13132
SHA-256 | 1a8103b9593ab0355cad1a5dd758f51d152f6a0fcada458fc2e43ea0a99d12ed
Ubuntu Security Notice USN-4050-1
Posted Jul 8, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4050-1 - It was discovered that ZeroMQ incorrectly handled certain application metadata. A remote attacker could use this issue to cause ZeroMQ to crash, or possibly execute arbitrary code.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-13132
SHA-256 | 93dd8956f07f2f2f1e2a7562e239975bbb6ab58dd6c5490466466991c3fe19b0
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    0 Files
  • 5
    Mar 5th
    0 Files
  • 6
    Mar 6th
    0 Files
  • 7
    Mar 7th
    0 Files
  • 8
    Mar 8th
    0 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    0 Files
  • 12
    Mar 12th
    0 Files
  • 13
    Mar 13th
    0 Files
  • 14
    Mar 14th
    0 Files
  • 15
    Mar 15th
    0 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    0 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close