what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

CVE-2021-4209

Status Candidate

Overview

A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances.

Related Files

Ubuntu Security Notice USN-5750-1
Posted Nov 30, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5750-1 - It was discovered that GnuTLS incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause GnuTLS to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2021-4209
SHA-256 | 8d0498e3d4da525ac2ff53dd05fc680ea245f6b6c501a2220f966f7b34f7cdc8
Ubuntu Security Notice USN-5550-1
Posted Aug 5, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5550-1 - It was discovered that GnuTLS incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause GnuTLS to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. It was discovered that GnuTLS incorrectly handled the verification of certain pkcs7 signatures. A remote attacker could use this issue to cause GnuTLS to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-4209, CVE-2022-2509
SHA-256 | e6be1b0f70c52298ac52eaf627c11fe4e6dbb1bfd6bbff03ccc185fa6c027cc5
Red Hat Security Advisory 2021-4913-04
Posted Dec 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4913-04 - Mailman is a program used to help manage e-mail discussion lists. Issues addressed include bypass and cross site request forgery vulnerabilities.

tags | advisory, vulnerability, csrf
systems | linux, redhat
advisories | CVE-2016-6893, CVE-2021-42097, CVE-2021-44227
SHA-256 | c0b2367bca6b9519cbf4eef54ab3a7cc8eece40d1140a7de1f14b7331fe671bd
Red Hat Security Advisory 2021-4837-02
Posted Nov 24, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4837-02 - Mailman is a program used to help manage e-mail discussion lists. Issues addressed include bypass and cross site request forgery vulnerabilities.

tags | advisory, vulnerability, csrf
systems | linux, redhat
advisories | CVE-2021-42096, CVE-2021-42097
SHA-256 | da322af9925df9b13306362953effa81984e67c2c5736ed7a6d7a42016b35732
Red Hat Security Advisory 2021-4838-02
Posted Nov 24, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4838-02 - Mailman is a program used to help manage e-mail discussion lists. Issues addressed include bypass and cross site request forgery vulnerabilities.

tags | advisory, vulnerability, csrf
systems | linux, redhat
advisories | CVE-2021-42096, CVE-2021-42097
SHA-256 | bb526170f9703a69821a3db3f612496e679220fb515ad16625d199b42964ede6
Red Hat Security Advisory 2021-4839-02
Posted Nov 24, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4839-02 - Mailman is a program used to help manage e-mail discussion lists. Issues addressed include bypass and cross site request forgery vulnerabilities.

tags | advisory, vulnerability, csrf
systems | linux, redhat
advisories | CVE-2021-42096, CVE-2021-42097
SHA-256 | fc6755eec5257a10ac71b7c64432cfb6808ffcb94fa7916e3ef8d310485c4506
Red Hat Security Advisory 2021-4826-02
Posted Nov 24, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4826-02 - Mailman is a program used to help manage e-mail discussion lists. Issues addressed include bypass and cross site request forgery vulnerabilities.

tags | advisory, vulnerability, csrf
systems | linux, redhat
advisories | CVE-2021-42096, CVE-2021-42097
SHA-256 | 01c9eca9735075e3086e61c04041b4419b8bdee0646991eed6726a30d52e8583
Ubuntu Security Notice USN-5121-2
Posted Nov 2, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5121-2 - USN-5009-1 fixed vulnerabilities in Mailman. This update provides the corresponding updates for Ubuntu 20.04 LTS. It was discovered that Mailman allows arbitrary content injection. An attacker could use this to inject malicious content. It was discovered that Mailman improperly sanitize the MIME content. An attacker could obtain sensitive information by sending a special type of attachment.

tags | advisory, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-12108, CVE-2020-12137, CVE-2021-42096, CVE-2021-42097
SHA-256 | 3e1981a243b75d6cb9eb3b871c11554d027734dba3c108e22426fdec3c295c82
Debian Security Advisory 4991-1
Posted Oct 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4991-1 - Several vulnerabilities were discovered in mailman, a web-based mailing list manager, which could result in arbitrary content injection via the options and private archive login pages, and CSRF attacks or privilege escalation via the user options page.

tags | advisory, web, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2020-12108, CVE-2020-15011, CVE-2021-42096, CVE-2021-42097
SHA-256 | 954d8b9822764173dd884577e87a44ad7f9a8af40f4ebc025e3d191931336710
Ubuntu Security Notice USN-5121-1
Posted Oct 22, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5121-1 - Andre Protas, Richard Cloke, and Andy Nuttall discovered that Mailman did not properly associate cross-site request forgery tokens to specific accounts. A remote attacker could use this to perform a CSRF attack to gain access to another account. Andre Protas, Richard Cloke, and Andy Nuttall discovered that Mailman's cross-site request forgery tokens for the options page are derived from the admin password. A remote attacker could possibly use this to assist in performing a brute force attack against the admin password. Various other issues were also addressed.

tags | advisory, remote, csrf
systems | linux, ubuntu
advisories | CVE-2021-42096, CVE-2021-42097
SHA-256 | 31b5089934b776c5932880b406f38f121f36e74f6461c25588737e5f22c7ff0f
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    19 Files
  • 23
    Jul 23rd
    17 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close