ID CVE-2016-4008
Summary The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 before 4.8, when used without the ASN1_DECODE_FLAG_STRICT_DER flag, allows remote attackers to cause a denial of service (infinite recursion) via a crafted certificate.
References
Vulnerable Configurations
  • Canonical Ubuntu Linux 12.04 LTS
    cpe:2.3:o:canonical:ubuntu_linux:12.04:-:-:-:lts
  • Canonical Ubuntu Linux 14.04 LTS (Long-Term Support)
    cpe:2.3:o:canonical:ubuntu_linux:14.04:-:-:-:lts
  • Canonical Ubuntu Linux 15.10
    cpe:2.3:o:canonical:ubuntu_linux:15.10
  • Canonical Ubuntu Linux 16.04 LTS (Long-Term Support)
    cpe:2.3:o:canonical:ubuntu_linux:16.04:-:-:-:lts
  • OpenSUSE 13.2
    cpe:2.3:o:opensuse:opensuse:13.2
  • GNU Libtasn 1 4.7
    cpe:2.3:a:gnu:libtasn1:4.7
  • Fedora 22
    cpe:2.3:o:fedoraproject:fedora:22
  • Fedora Project Fedora 23
    cpe:2.3:o:fedoraproject:fedora:23
  • Fedora 24
    cpe:2.3:o:fedoraproject:fedora:24
CVSS
Base: 4.3 (as of 17-06-2016 - 21:03)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2016-048FFB6235.NASL
    description Update to 4.8 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2016-10-18
    plugin id 90640
    published 2016-04-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=90640
    title Fedora 24 : libtasn1-4.8-1.fc24 (2016-048ffb6235)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2016-1601-1.NASL
    description This update for libtasn1 fixes the following issues : - Malformed asn1 definitions could have caused a segmentation fault in the asn1 definition parser (bsc#961491) - CVE-2015-3622: Fixed invalid read in octet string decoding (bsc#929414) - CVE-2016-4008: Fixed infinite loop while parsing DER certificates (bsc#982779) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-29
    plugin id 93152
    published 2016-08-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=93152
    title SUSE SLED12 / SLES12 Security Update : libtasn1 (SUSE-SU-2016:1601-1)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-2957-1.NASL
    description Pascal Cuoq and Miod Vallat discovered that Libtasn1 incorrectly handled certain malformed DER certificates. A remote attacker could possibly use this issue to cause applications using Libtasn1 to hang, resulting in a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 90856
    published 2016-05-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=90856
    title Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : libtasn1-3, libtasn1-6 vulnerability (USN-2957-1)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201703-05.NASL
    description The remote host is affected by the vulnerability described in GLSA-201703-05 (GNU Libtasn1: Denial of Service) Libtasn1 does not correctly handle certain malformed DER certificates. Impact : A remote attacker could entice a user or automated system to process a specially crafted certificate using Libtasn1, resulting in a Denial of Service condition. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2017-03-28
    plugin id 99012
    published 2017-03-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=99012
    title GLSA-201703-05 : GNU Libtasn1: Denial of Service
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2016-716.NASL
    description This update for libtasn1 fixes the following issues : - Malformed asn1 definitions could have caused a segmentation fault in the asn1 definition parser (bsc#961491) - CVE-2015-3622: Fixed invalid read in octet string decoding (bsc#929414) - CVE-2016-4008: Fixed infinite loop while parsing DER certificates (bsc#982779)
    last seen 2019-02-21
    modified 2016-10-13
    plugin id 91619
    published 2016-06-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=91619
    title openSUSE Security Update : libtasn1 (openSUSE-2016-716)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_1B0D2938076611E694FA002590263BF5.NASL
    description GNU Libtasn1 NEWS reports : Fixes to avoid an infinite recursion when decoding without the ASN1_DECODE_FLAG_STRICT_DER flag. Reported by Pascal Cuoq.
    last seen 2019-02-21
    modified 2018-11-21
    plugin id 90605
    published 2016-04-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=90605
    title FreeBSD : libtasn1 -- denial of service parsing malicious DER certificates (1b0d2938-0766-11e6-94fa-002590263bf5)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2016-1600-1.NASL
    description This update for libtasn1 fixes the following issues : - Malformed asn1 definitions could have caused a segmentation fault in the asn1 definition parser (bsc#961491) - CVE-2015-3622: Fixed invalid read in octet string decoding (bsc#929414) - CVE-2016-4008: Fixed infinite loop while parsing DER certificates (bsc#982779) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-29
    plugin id 93151
    published 2016-08-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=93151
    title SUSE SLES11 Security Update : libtasn1 (SUSE-SU-2016:1600-1)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-2957-2.NASL
    description USN-2957-1 fixed a vulnerability in Libtasn1. This update provides the corresponding update for Ubuntu 16.04 LTS. Pascal Cuoq and Miod Vallat discovered that Libtasn1 incorrectly handled certain malformed DER certificates. A remote attacker could possibly use this issue to cause applications using Libtasn1 to hang, resulting in a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 90857
    published 2016-05-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=90857
    title Ubuntu 16.04 LTS : libtasn1-6 vulnerability (USN-2957-2)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2016-383B8250E6.NASL
    description Update to 4.8 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2016-10-18
    plugin id 90645
    published 2016-04-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=90645
    title Fedora 23 : libtasn1-4.8-1.fc23 (2016-383b8250e6)
  • NASL family PhotonOS Local Security Checks
    NASL id PHOTONOS_PHSA-2016-0013_LIBTASN1.NASL
    description An update of the libtasn1 package has been released.
    last seen 2019-02-08
    modified 2019-02-07
    plugin id 121655
    published 2019-02-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=121655
    title Photon OS 1.0: Libtasn1 PHSA-2016-0013
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-3568.NASL
    description Pascal Cuoq and Miod Vallat discovered that Libtasn1, a library to manage ASN.1 structures, does not correctly handle certain malformed DER certificates. A remote attacker can take advantage of this flaw to cause an application using the Libtasn1 library to hang, resulting in a denial of service.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 90927
    published 2016-05-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=90927
    title Debian DSA-3568-1 : libtasn1-6 - security update
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2016-96BFD9E873.NASL
    description Update to 4.8 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2016-10-18
    plugin id 90770
    published 2016-04-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=90770
    title Fedora 22 : libtasn1-4.8-1.fc22 (2016-96bfd9e873)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2016-773.NASL
    description This update for libtasn1 fixes the following issues : - Malformed asn1 definitions could have caused a segmentation fault in the asn1 definition parser (bsc#961491) - CVE-2015-3622: Fixed invalid read in octet string decoding (bsc#929414) - CVE-2016-4008: Fixed infinite loop while parsing DER certificates (bsc#982779) This update was imported from the SUSE:SLE-12:Update update project.
    last seen 2019-02-21
    modified 2016-10-13
    plugin id 91868
    published 2016-06-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=91868
    title openSUSE Security Update : libtasn1 (openSUSE-2016-773)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DLA-495.NASL
    description - CVE-2016-4008: infinite loop while parsing DER certificates The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 before 4.8, when used without the ASN1_DECODE_FLAG_STRICT_DER flag, allows remote attackers to cause a denial of service (infinite recursion) via a crafted certificate. For Debian 7 'Wheezy', these problems have been fixed in version 2.13-2+deb7u3. We recommend that you upgrade your libtasn1-3 packages. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-06
    plugin id 91362
    published 2016-05-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=91362
    title Debian DLA-495-1 : libtasn1-3 security update
  • NASL family PhotonOS Local Security Checks
    NASL id PHOTONOS_PHSA-2016-0013.NASL
    description An update of [ subversion, libtasn1, unzip, dhcp ] packages for PhotonOS has been released.
    last seen 2019-02-21
    modified 2019-02-07
    plugin id 111847
    published 2018-08-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=111847
    title Photon OS 1.0: Dhcp / Libtasn1 / Subversion / Unzip PHSA-2016-0013 (deprecated)
refmap via4
confirm
debian DSA-3568
fedora
  • FEDORA-2016-048ffb6235
  • FEDORA-2016-383b8250e6
  • FEDORA-2016-96bfd9e873
gentoo GLSA-201703-05
mlist
  • [help-libtasn1] 20160411 GNU Libtasn1 4.8 released
  • [oss-security] 20160411 Infinite loops parsing malicious DER certificates in libtasn1 4.7
suse
  • openSUSE-SU-2016:1567
  • openSUSE-SU-2016:1674
ubuntu
  • USN-2957-1
  • USN-2957-2
Last major update 30-11-2016 - 22:10
Published 05-05-2016 - 14:59
Last modified 30-10-2018 - 12:27
Back to Top