rpm package
opensuse/nmap&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/nmap&distro=openSUSE%20Tumbleweed
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-3712 | Hig | 7.4 | < 7.93-1.1 | 7.93-1.1 | Aug 24, 2021 | ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated | |
| CVE-2017-18594 | — | < 7.92-4.1 | 7.92-4.1 | Aug 28, 2019 | nse_libssh2.cc in Nmap 7.70 is subject to a denial of service condition due to a double free when an SSH connection fails, as demonstrated by a leading \n character to ssh-brute.nse or ssh-auth-methods.nse. | ||
| CVE-2018-15173 | Hig | 7.5 | < 7.92-2.1 | 7.92-2.1 | Aug 8, 2018 | Nmap through 7.70, when the -sV option is used, allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted TCP-based service. |
- affected < 7.93-1.1fixed 7.93-1.1
ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated
- CVE-2017-18594Aug 28, 2019affected < 7.92-4.1fixed 7.92-4.1
nse_libssh2.cc in Nmap 7.70 is subject to a denial of service condition due to a double free when an SSH connection fails, as demonstrated by a leading \n character to ssh-brute.nse or ssh-auth-methods.nse.
- affected < 7.92-2.1fixed 7.92-2.1
Nmap through 7.70, when the -sV option is used, allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted TCP-based service.