FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-24 21:00:48 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
c651c898-e90d-11e1-b230-0024e830109b	libotr -- buffer overflows OTR developers report: The otrl_base64_otr_decode() function and similar functions within OTR suffer from buffer overflows in the case of malformed input; specifically if a message of the format of "?OTR:===." is received then a zero-byte allocation is performed without a similar correlation between the subsequent base64 decoding write, as such it becomes possible to write between zero and three bytes incorrectly to the heap, albeit only with a value of '='. Because this code path is highly utilized, specifically in the reception of instant messages over pidgin or similar, this vulnerability is considered severe even though in many platforms and circumstances the bug would yield an unexploitable state and result simply in denial of service. The developers of OTR promptly fixed the errors and users of OTR are advised to upgrade the software at the next release cycle. Discovery 2012-07-27 Entry 2012-08-18 libotr < 3.2.1 CVE-2012-3461 http://lists.cypherpunks.ca/pipermail/otr-dev/2012-July/001347.html
c2b1652c-e647-11e5-85be-14dae9d210b8	libotr -- integer overflow X41 D-Sec reports: A remote attacker may crash or execute arbitrary code in libotr by sending large OTR messages. Discovery 2016-02-17 Entry 2016-03-09 Modified 2016-03-09 libotr < 4.1.1 libotr3 ge 0 https://www.x41-dsec.de/lab/advisories/x41-2016-001-libotr/ CVE-2016-2851

VuXML ID

Description

c651c898-e90d-11e1-b230-0024e830109b

libotr -- buffer overflows

OTR developers report:

The otrl_base64_otr_decode() function and similar functions within OTR suffer from buffer overflows in the case of malformed input; specifically if a message of the format of "?OTR:===." is received then a zero-byte allocation is performed without a similar correlation between the subsequent base64 decoding write, as such it becomes possible to write between zero and three bytes incorrectly to the heap, albeit only with a value of '='.

Because this code path is highly utilized, specifically in the reception of instant messages over pidgin or similar, this vulnerability is considered severe even though in many platforms and circumstances the bug would yield an unexploitable state and result simply in denial of service.

The developers of OTR promptly fixed the errors and users of OTR are advised to upgrade the software at the next release cycle.

Discovery 2012-07-27
Entry 2012-08-18
libotr

< 3.2.1

CVE-2012-3461
http://lists.cypherpunks.ca/pipermail/otr-dev/2012-July/001347.html

c2b1652c-e647-11e5-85be-14dae9d210b8

libotr -- integer overflow

X41 D-Sec reports:

A remote attacker may crash or execute arbitrary code in libotr by sending large OTR messages.

Discovery 2016-02-17
Entry 2016-03-09
Modified 2016-03-09
libotr

< 4.1.1

libotr3

ge 0

https://www.x41-dsec.de/lab/advisories/x41-2016-001-libotr/
CVE-2016-2851