Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Titlelibidn2-0 security update
Informations
NameDSA-3988First vendor Publication2017-09-30
VendorDebianLast vendor Modification2017-09-30
Severity (Vendor) N/ARevision1

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score7.5Attack RangeNetwork
Cvss Impact Score6.4Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

An integer overflow vulnerability was discovered in decode_digit() in libidn2-0, the GNU library for Internationalized Domain Names (IDNs), allowing a remote attacker to cause a denial of service against an application using the library (application crash).

For the oldstable distribution (jessie), this problem has been fixed in version 0.10-2+deb8u1.

For the stable distribution (stretch), this problem has been fixed in version 0.16-1+deb9u1.

For the testing distribution (buster), this problem has been fixed in version 2.0.2-4.

For the unstable distribution (sid), this problem has been fixed in version 2.0.2-4.

We recommend that you upgrade your libidn2-0 packages.

Original Source

Url : http://www.debian.org/security/2017/dsa-3988

CWE : Common Weakness Enumeration

%idName
100 %CWE-190Integer Overflow or Wraparound (CWE/SANS Top 25)

CPE : Common Platform Enumeration

TypeDescriptionCount
Application1

Nessus® Vulnerability Scanner

DateDescription
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-f749c70191.nasl - Type : ACT_GATHER_INFO
2018-07-30Name : The remote Debian host is missing a security update.
File : debian_DLA-1447.nasl - Type : ACT_GATHER_INFO
2018-04-10Name : The remote Fedora host is missing a security update.
File : fedora_2018-02e23192f5.nasl - Type : ACT_GATHER_INFO
2018-04-04Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201804-02.nasl - Type : ACT_GATHER_INFO
2018-01-15Name : The remote Fedora host is missing a security update.
File : fedora_2017-b469be1a72.nasl - Type : ACT_GATHER_INFO
2018-01-15Name : The remote Fedora host is missing a security update.
File : fedora_2017-09b1c3f099.nasl - Type : ACT_GATHER_INFO
2017-10-03Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-3434-1.nasl - Type : ACT_GATHER_INFO
2017-10-02Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3988.nasl - Type : ACT_GATHER_INFO
2017-09-19Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-3421-1.nasl - Type : ACT_GATHER_INFO
2017-09-05Name : The remote Debian host is missing a security update.
File : debian_DLA-1084.nasl - Type : ACT_GATHER_INFO
2017-09-05Name : The remote Debian host is missing a security update.
File : debian_DLA-1085.nasl - Type : ACT_GATHER_INFO
2017-09-05Name : The remote Fedora host is missing a security update.
File : fedora_2017-2d4ead8da9.nasl - Type : ACT_GATHER_INFO
2017-09-05Name : The remote Fedora host is missing a security update.
File : fedora_2017-57722ccd30.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
DateInformations
2017-10-04 13:25:04
  • Multiple Updates
2017-10-01 00:22:35
  • First insertion