PT-2023-11656 · Asn1C+1 · Asn1C+1
Seviezhou
·
Publicado
2023-07-18
·
Atualizado
2023-07-26
·
CVE-2020-23911
CVSS v3.1
5.5
Média
| Vetor | AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
asn1c versions prior to 0.9.29
Description
An issue exists in the
default error logger() function located in asn1fix.c, which allows an attacker to cause Denial of Service due to a NULL pointer dereference.Recommendations
For versions prior to 0.9.29, update to version 0.9.29 or later to resolve the issue. As a temporary workaround, consider restricting access to the
default error logger() function until a patch is available.Exploit
Correção
DoS
NULL Pointer Dereference
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Debian
Asn1C