Lucene search
Veracode Vulnerability DatabaseVERACODE:26820HistorySep 21, 2020 - 6:19 a.m.
Denial Of Service (DoS)
2020-09-2106:19:49
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
denial of service
pgpdump
buffer overflow
vulnerability
cpu consumption
crafted input
software
EPSS
0.01
Percentile
83.6%
pgpdump:precise is vulnerable to denial of service (DoS). The read_binary function in buffer.c in pgpdump allows context-dependent attackers to cause a denial of service (infinite loop and CPU consumption) via crafted input, as demonstrated by the \xa3\x03 string.
References
lists.fedoraproject.org/pipermail/package-announce/2016-May/183750.html
lists.fedoraproject.org/pipermail/package-announce/2016-May/184617.html
lists.fedoraproject.org/pipermail/package-announce/2016-May/184689.html
seclists.org/bugtraq/2016/Apr/99
github.com/kazu-yamamoto/pgpdump/pull/16
www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2016-030.txt
Related
prion
prion
Design/Logic Flaw
2016-05-26 14:59:00
packetstorm
packetstorm
pgpdump 0.29 Endless Loop
2016-04-18 00:00:00
cve
cve
CVE-2016-4021
2016-05-26 14:59:01
cvelist
cvelist
CVE-2016-4021
2016-05-26 14:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: pgpdump-0.30-1.fc22
2016-05-10 17:59:30
[SECURITY] Fedora 23 Update: pgpdump-0.30-1.fc23
2016-05-10 18:08:58
[SECURITY] Fedora 24 Update: pgpdump-0.30-1.fc24
2016-05-07 12:30:59
openvas
openvas
Fedora Update for pgpdump FEDORA-2016-6
2016-05-11 00:00:00
Mageia: Security Advisory (MGASA-2016-0157)
2016-05-09 00:00:00
Debian: Security Advisory (DLA-768-1)
2023-03-08 00:00:00
nvd
nvd
CVE-2016-4021
2016-05-26 14:59:01
nessus
nessus
Debian DLA-768-1 : pgpdump security update
2017-01-03 00:00:00
Fedora 23 : pgpdump-0.30-1.fc23 (2016-5733ad20f5)
2016-05-12 00:00:00
Fedora 22 : pgpdump-0.30-1.fc22 (2016-6fd7a31d36)
2016-05-12 00:00:00
debian
debian
[SECURITY] [DLA 768-1] pgpdump security update
2016-12-30 21:33:55
ubuntucve
ubuntucve
CVE-2016-4021
2016-05-26 00:00:00
archlinux
archlinux
pgpdump: denial of service
2016-04-22 00:00:00
imlib2: multiple issues
2016-05-01 00:00:00
imlib2: multiple issues
2016-05-01 00:00:00
debiancve
debiancve
CVE-2016-4021
2016-05-26 14:59:01
osv
osv
pgpdump - security update
2016-12-30 00:00:00
mageia
mageia
Updated pgpdump packages fix security vulnerability
2016-04-29 20:21:35