Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2012-0698

Published: 26/11/2012 Updated: 07/11/2023
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 505
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Trustedcomputinggroup

Vulnerability Summary

tcsd in TrouSerS prior to 0.3.10 allows remote malicious users to cause a denial of service (daemon crash) via a crafted type_offset value in a TCP packet to port 30003.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

trustedcomputinggroup trousers 0.2.8

trustedcomputinggroup trousers 0.2.9

trustedcomputinggroup trousers 0.2.9.1

trustedcomputinggroup trousers 0.2.9.2

trustedcomputinggroup trousers 0.3.0

trustedcomputinggroup trousers 0.3.1

trustedcomputinggroup trousers 0.3.2

trustedcomputinggroup trousers 0.3.3

trustedcomputinggroup trousers 0.3.4

trustedcomputinggroup trousers 0.3.5

trustedcomputinggroup trousers 0.3.6

trustedcomputinggroup trousers 0.3.7

trustedcomputinggroup trousers 0.3.8

trustedcomputinggroup trousers

Vendor Advisories

Debian CVElist Bug Report Logs: trousers: CVE-2012-0698
Debian Bug report logs - #692649 trousers: CVE-2012-0698 Package: trousers; Maintainer for trousers is Pierre Chifflier <pollux@debianorg>; Source for trousers is src:trousers (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Thu, 8 Nov 2012 07:09:01 UTC Severity: grave Tags: security F ...
Debian Security Advisories: DSA-2576-1 trousers -- denial of service
Andy Lutomirski discovered that tcsd (the TPM userspace daemon) was missing input validation Using carefully crafted input, it can lead to a denial of service by making the daemon crash with a segmentation fault For the stable distribution (squeeze), this problem has been fixed in version 035-2+squeeze1 For the testing distribution (wheezy), t ...

Exploits

Exploit DB: TrouSerS - Denial of Service
# crash_tcsdpy # Copyright (c) 2012 Andy Lutomirski All rights reserved # # Permission is granted to anyone to copy and redistribute this file verbatim # Permission is *not* granted to distribute modified copies or derivative works import struct import socket import time # UnloadBlob_PCR_EVENT also appears buggy crasher = structpack('&gt ...

References

CWE-119https://bugzilla.redhat.com/show_bug.cgi?id=781648http://sourceforge.net/tracker/index.php?func=detail&aid=3473554&group_id=126012&atid=704358http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692649http://www.exploit-db.com/exploits/22904/http://www.debian.org/security/2012/dsa-2576http://secunia.com/advisories/51295https://blogs.oracle.com/sunsecurity/entry/cve_2012_0698_denial_ofhttp://packetstormsecurity.com/files/118281/TrouSerS-Denial-Of-Service.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/80226http://trousers.git.sourceforge.net/git/gitweb.cgi?p=trousers/trousers%3Ba=commit%3Bh=50dd06a6f639b76b3bb629606ef71b2dc5407601http://trousers.git.sourceforge.net/git/gitweb.cgi?p=trousers/trousers%3Ba=commit%3Bh=ae0c2f8c1fd7a96ba0191f83b6057f8cbc51e786https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692649https://nvd.nist.govhttps://www.exploit-db.com/exploits/22904/https://www.debian.org/security/./dsa-2576
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322CVE-2006-4304wirelessCVE-2023-23022local file inclusionCVE-2024-27058CVE-2024-33820open redirectCVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook