Antti Levomäki

Nome do software vulnerável e versões afetadas: WithSecure Atlant (anteriormente F-Secure Atlant) versão 1.0.35-1 Descrição: A vulnerabilidade permite um ataque remoto de negação de serviço devido à corrupção de memória durante a verificação de um arquivo PE32. Recomendações: Para a versão 1.0.35-1, considere desativar a verificação de arquivos PE32 até que uma correção esteja disponível. No momento, não há informações sobre uma versão mais recente que contenha uma correção para essa vulnerabilidade.

**Name of the Vulnerable Software and Affected Versions** WithSecure Client Security version 15 WithSecure Server Security version 15 WithSecure Email and Server Security version 15 WithSecure Elements Endpoint Protection versions 17 and later WithSecure Client Security for Mac version 15 WithSecure Elements Endpoint Protection for Mac versions 17 and later WithSecure Linux Security 64 version 12.0 WithSecure Linux Protection version 12.0 WithSecure Atlant versions 15 and later **Description** The issue allows a Denial of Service (DoS) in the antivirus engine when scanning a fuzzed PE32 file. **Recommendations** For WithSecure Client Security version 15, update to a fixed version when available. For WithSecure Server Security version 15, update to a fixed version when available. For WithSecure Email and Server Security version 15, update to a fixed version when available. For WithSecure Elements Endpoint Protection versions 17 and later, update to a fixed version when available. For WithSecure Client Security for Mac version 15, update to a fixed version when available. For WithSecure Elements Endpoint Protection for Mac versions 17 and later, update to a fixed version when available. For WithSecure Linux Security 64 version 12.0, update to a fixed version when available. For WithSecure Linux Protection version 12.0, update to a fixed version when available. For WithSecure Atlant versions 15 and later, update to a fixed version when available.

**Nome do software vulnerável e versões afetadas** F-Secure Atlant (versões afetadas não especificadas) **Descrição** Foi descoberta uma vulnerabilidade de negação de serviço (DoS) no componente fsicapd utilizado em determinados produtos da F-Secure. Ao verificar pacotes maiores ou arquivos submetidos a testes de fuzzing, o componente consome memória em excesso, o que pode eventualmente causar a falha do mecanismo de verificação. Essa vulnerabilidade pode ser explorada remotamente por um invasor. **Recomendações** No momento, não há informações sobre uma versão mais recente que contenha uma correção para essa vulnerabilidade.

**Nome do software vulnerável e versões afetadas** Versões do Google Chrome anteriores à 95.0.4638.54 **Descrição** O problema está relacionado a um estouro de buffer de heap no manipulador de conteúdo PDF PDFium. Ele pode ser explorado por um invasor remoto por meio de uma página HTML especialmente criada, podendo levar à corrupção do heap. **Recomendações** Para versões anteriores à 95.0.4638.54, atualize para a versão 95.0.4638.54 ou posterior para resolver o problema. Como solução temporária, considere restringir o acesso a conteúdo PDF no Google Chrome até que a atualização seja aplicada.

**Name of the Vulnerable Software and Affected Versions** tcpdump versions prior to 4.9.2 **Description** The issue is related to the ISAKMP parser in tcpdump, which could enter an infinite loop due to bugs in print-isakmp.c, affecting several functions. Additionally, it could allow a remote attacker to obtain sensitive information by exploiting a buffer overread memory in the HNCP component. This can be achieved by sending a specially crafted request. **Recommendations** For versions prior to 4.9.2, update to version 4.9.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the HNCP component to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** tcpdump versions prior to 4.9.2 **Description** The issue concerns a buffer over-read in the telnet parser, specifically in the `telnet parse()` function within `print-telnet.c`. This could allow a remote attacker to obtain sensitive information by sending a specially crafted request. **Recommendations** For versions prior to 4.9.2, update to version 4.9.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the telnet parser until the update can be applied.

**Name of the Vulnerable Software and Affected Versions** tcpdump versions prior to 4.9.2 **Description** The issue is related to a bug in the RESP parser, specifically in the `resp get length()` function within `print-resp.c`, which could cause an infinite loop. Additionally, there is a buffer overread memory issue in the HNCP component that could allow a remote attacker to obtain sensitive information by sending a specially crafted request. **Recommendations** For versions prior to 4.9.2, update to version 4.9.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the HNCP component to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** tcpdump versions prior to 4.9.2 **Description** The issue concerns a buffer over-read in the BGP parser component of tcpdump, specifically in the `bgp attr print()` function within `print-bgp.c`. This could allow a remote attacker to obtain sensitive information by sending a specially crafted request. **Recommendations** For versions prior to 4.9.2, update to version 4.9.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the BGP parser component until the update can be applied.

**Name of the Vulnerable Software and Affected Versions** tcpdump versions prior to 4.9.2 **Description** The issue concerns a buffer over-read in the BGP parser, specifically within the `bgp attr print()` function in `print-bgp.c`. This problem affects the tcpdump tool. **Recommendations** For versions prior to 4.9.2, update to version 4.9.2 or later to resolve the issue. As a temporary workaround, consider restricting the use of the BGP parser until a patch is available.

**Name of the Vulnerable Software and Affected Versions** tcpdump versions prior to 4.9.2 **Description** The issue is related to the DNS parser in tcpdump, which could enter an infinite loop due to a bug in the `ns print()` function. This is caused by a flaw in the `print-domain.c` file. Additionally, there is a buffer overread memory issue in the HNCP component that could allow a remote attacker to obtain sensitive information by sending a specially crafted request. **Recommendations** For versions prior to 4.9.2, update to version 4.9.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the HNCP component to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** tcpdump versions prior to 4.9.2 **Description** The issue concerns a buffer over-read in the PIMv2 parser, specifically within the `pimv2 print()` function located in print-pim.c. This problem affects the tcpdump analyzer. **Recommendations** For versions prior to 4.9.2, update to version 4.9.2 or later to resolve the issue. As a temporary workaround, consider restricting the use of the PIMv2 parser until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** tcpdump versions prior to 4.9.2 **Description** The issue is related to a bug in the LLDP parser, which could cause an infinite loop due to a problem in the `lldp private 8021 print()` function. This could potentially allow a remote attacker to obtain sensitive information by sending a specially crafted request, exploiting a buffer overread memory issue in the HNCP component. **Recommendations** For versions prior to 4.9.2, update to version 4.9.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the LLDP parser or the HNCP component to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** tcpdump versions prior to 4.9.2 **Description** The issue is related to a buffer over-read in the IS-IS parser, specifically in the `isis print extd ip reach()` function within `print-isoclns.c`. This problem can lead to potential security issues. **Recommendations** For versions prior to 4.9.2, update to version 4.9.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the `isis print extd ip reach()` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** tcpdump versions prior to 4.9.2 **Description** The issue is related to a buffer over-read in the IS-IS parser, specifically in the `isis print()` function within `print-isoclns.c`. This problem can lead to potential security issues due to the over-read of buffer data. **Recommendations** For versions prior to 4.9.2, update to version 4.9.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the `isis print()` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** tcpdump versions prior to 4.9.2 **Description** The issue is related to a buffer over-read in the IEEE 802.15.4 parser, specifically in the print-802 15 4.c:ieee802 15 4 if print() function. This problem affects the tcpdump protocol analyzer. **Recommendations** For versions prior to 4.9.2, update to version 4.9.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the IEEE 802.15.4 parser until a patch is available.

**Name of the Vulnerable Software and Affected Versions** tcpdump versions prior to 4.9.2 **Description** The issue is related to a buffer over-read in the LMP parser, specifically in the `lmp print()` function within the print-lmp.c file. This problem can lead to potential data exposure or crashes. **Recommendations** For versions prior to 4.9.2, update to version 4.9.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the LMP parser until the update can be applied.

**Name of the Vulnerable Software and Affected Versions** tcpdump versions prior to 4.9.2 **Description** The issue is related to a buffer over-read in the Juniper protocols parser, specifically in the `juniper parse header()` function within `print-juniper.c`. This affects the tcpdump protocol analyzer. **Recommendations** For versions prior to 4.9.2, update to version 4.9.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the `juniper parse header()` function until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** tcpdump versions prior to 4.9.2 **Description** The issue is related to a buffer over-read in the SMB/CIFS parser of tcpdump, which could allow a remote attacker to obtain sensitive information. This can be achieved by sending a specially crafted request to exploit the buffer overread memory in the HNCP component. **Recommendations** For versions prior to 4.9.2, update to version 4.9.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the SMB/CIFS parser until a patch is available.

**Name of the Vulnerable Software and Affected Versions** tcpdump versions prior to 4.9.2 **Description** The issue is related to several protocol parsers that could cause a buffer over-read in the `lookup bytestring()` function. This could allow a remote attacker to obtain sensitive information by sending a specially crafted request, exploiting the buffer overread memory in the HNCP component. **Recommendations** For versions prior to 4.9.2, update to version 4.9.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the HNCP component to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** tcpdump versions prior to 4.9.2 **Description** The issue is related to a buffer over-read in the ICMP parser of tcpdump, specifically in the `icmp print()` function. This could allow a remote attacker to obtain sensitive information by sending a specially crafted request. **Recommendations** For versions prior to 4.9.2, update to version 4.9.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the ICMP parser until a patch is available.