Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
445
VMScore

CVE-2017-10790

Published: 02/07/2017 Updated: 07/11/2023
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Libtasn1

Vulnerability Summary

The _asn1_check_identifier function in GNU Libtasn1 up to and including 4.12 causes a NULL pointer dereference and crash when reading crafted input that triggers assignment of a NULL value within an asn1_node structure. It may lead to a remote denial of service attack.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

gnu libtasn1

Vendor Advisories

Debian CVElist Bug Report Logs: libtasn1-6: CVE-2017-10790
Debian Bug report logs - #867398 libtasn1-6: CVE-2017-10790 Package: src:libtasn1-6; Maintainer for src:libtasn1-6 is Debian GnuTLS Maintainers <pkg-gnutls-maint@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 6 Jul 2017 12:54:02 UTC Severity: normal Tags: patch, security, ...
Ubuntu Security Notice: libtasn1-6 vulnerabilities
Several security issues were fixed in Libtasn1 ...
Red Hat: CVE-2017-10790
The _asn1_check_identifier function in GNU Libtasn1 through 412 causes a NULL pointer dereference and crash when reading crafted input that triggers assignment of a NULL value within an asn1_node structure It may lead to a remote denial of service attack ...

Github Repositories

https://github.com/heathd/alpine-scan

Checks a given docker image against alpine-secdb

Alpine scan A simple tool to compare a given docker image against the alpine-secdb which is Alpine's official source of security updates Dependencies ruby bundler git (used to clone alpine-secdb) an internet connection (used to clone alpine-secdb) Usage $ bundle install $ docker pull library/alpine:latest latest: Pulling from library/alpine b56ae66c2937: Pulling fs lay

References

CWE-476https://bugzilla.redhat.com/show_bug.cgi?id=1464141https://security.gentoo.org/glsa/201710-11https://www.debian.org/security/2018/dsa-4106https://usn.ubuntu.com/3547-1/https://lists.debian.org/debian-lts-announce/2020/06/msg00026.htmlhttps://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3Ehttps://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3Ehttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867398https://usn.ubuntu.com/3547-1/https://nvd.nist.gov
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
encryptionCVE-2024-4331CVE-2024-26925arbitrary codeCVE-2006-4304CVE-2024-25458CVE-2024-27077reflected XSSCVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook