Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveRedhatCVE-2016-4353
HistoryJun 13, 2016 - 7:59 p.m.

CVE-2016-4353

2016-06-1319:59:03
CWE-20
redhat
web.nvd.nist.gov
39
libksba
cve-2016-4353
ber-decoder.c
denial of service
nvd

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.2

Confidence

High

EPSS

0.014

Percentile

86.5%

JSON

ber-decoder.c in Libksba before 1.3.3 does not properly handle decoder stack overflows, which allows remote attackers to cause a denial of service (abort) via crafted BER data.

Affected configurations

Nvd
Node
gnupglibksbaRange1.3.2
Node
canonicalubuntu_linuxMatch12.04lts
OR
canonicalubuntu_linuxMatch14.04lts
VendorProductVersionCPE
gnupglibksba*cpe:2.3:a:gnupg:libksba:*:*:*:*:*:*:*:*
canonicalubuntu_linux12.04cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
canonicalubuntu_linux14.04cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

Related

nvd 1
ubuntucve 1
prion 1
debiancve 1
cvelist 1
freebsd 1
nessus 8
openvas 1
ubuntu 1
nvd
nvd
CVE-2016-4353
2016-06-13 19:59:03
ubuntucve
ubuntucve
CVE-2016-4353
2016-04-29 00:00:00
prion
prion
Stack overflow
2016-06-13 19:59:00
debiancve
debiancve
CVE-2016-4353
2016-06-13 19:59:03
cvelist
cvelist
CVE-2016-4353
2016-06-13 19:00:00
freebsd
freebsd
libksba -- local denial of service vulnerabilities
2015-04-08 00:00:00
nessus
nessus
FreeBSD : libksba -- local denial of service vulnerabilities (a1134048-10c6-11e6-94fa-002590263bf5)
2016-05-03 00:00:00
Ubuntu 14.04 LTS / 16.04 LTS : Libksba vulnerabilities (USN-2982-1)
2016-05-18 00:00:00
RHEL 5 : libksba (Unpatched Vulnerability)
2024-05-11 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-2982-1)
2016-05-18 00:00:00
ubuntu
ubuntu
Libksba vulnerabilities
2016-05-17 00:00:00

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.2

Confidence

High

EPSS

0.014

Percentile

86.5%

JSON
Related for CVE-2016-4353
nvd1ubuntucve1prion1debiancve1cvelist1freebsd1nessus8openvas1ubuntu1