Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    14 vulnerabilities by silc

    CVE-2008-1552 (GCVE-0-2008-1552)

    Vulnerability from nvd – Published: 2008-03-31 17:00 – Updated: 2024-08-07 08:24
    VLAI
    Summary
    The silc_pkcs1_decode function in the silccrypt library (silcpkcs1.c) in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.7, SILC Client before 1.1.4, and SILC Server before 1.1.2 allows remote attackers to execute arbitrary code via a crafted PKCS#1 message, which triggers an integer underflow, signedness error, and a buffer overflow. NOTE: the researcher describes this as an integer overflow, but CVE uses the "underflow" term in cases of wraparound from unsigned subtraction.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/29465 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/29622 third-party-advisoryx_refsource_SECUNIA
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://www.securitytracker.com/id?1019690 vdb-entryx_refsource_SECTRACK
    http://security.gentoo.org/glsa/glsa-200804-27.xml vendor-advisoryx_refsource_GENTOO
    http://securityreason.com/securityalert/3795 third-party-advisoryx_refsource_SREASON
    http://silcnet.org/general/news/?item=server_20080320_1 x_refsource_CONFIRM
    http://www.securityfocus.com/archive/1/490069/100… mailing-listx_refsource_BUGTRAQ
    http://silcnet.org/general/news/?item=toolkit_200… x_refsource_CONFIRM
    http://secunia.com/advisories/29463 third-party-advisoryx_refsource_SECUNIA
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://www.vupen.com/english/advisories/2008/0974… vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/29946 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/28373 vdb-entryx_refsource_BID
    http://www.coresecurity.com/?action=item&id=2206 x_refsource_MISC
    http://silcnet.org/general/news/?item=client_20080320_1 x_refsource_CONFIRM
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    Date Public
    2008-03-25 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T08:24:42.749Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "29465",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/29465"
              },
              {
                "name": "29622",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/29622"
              },
              {
                "name": "SUSE-SR:2008:008",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html"
              },
              {
                "name": "1019690",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1019690"
              },
              {
                "name": "GLSA-200804-27",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200804-27.xml"
              },
              {
                "name": "3795",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/3795"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://silcnet.org/general/news/?item=server_20080320_1"
              },
              {
                "name": "20080325 CORE-2007-1212: SILC pkcs_decode buffer overflow",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/490069/100/0/threaded"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://silcnet.org/general/news/?item=toolkit_20080320_1"
              },
              {
                "name": "29463",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/29463"
              },
              {
                "name": "FEDORA-2008-2641",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00538.html"
              },
              {
                "name": "ADV-2008-0974",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/0974/references"
              },
              {
                "name": "29946",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/29946"
              },
              {
                "name": "28373",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/28373"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.coresecurity.com/?action=item\u0026id=2206"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://silcnet.org/general/news/?item=client_20080320_1"
              },
              {
                "name": "MDVSA-2008:158",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:158"
              },
              {
                "name": "silc-silcpkcs1decode-bo(41474)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41474"
              },
              {
                "name": "FEDORA-2008-2616",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00513.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-03-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The silc_pkcs1_decode function in the silccrypt library (silcpkcs1.c) in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.7, SILC Client before 1.1.4, and SILC Server before 1.1.2 allows remote attackers to execute arbitrary code via a crafted PKCS#1 message, which triggers an integer underflow, signedness error, and a buffer overflow.  NOTE: the researcher describes this as an integer overflow, but CVE uses the \"underflow\" term in cases of wraparound from unsigned subtraction."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-11T19:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "29465",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/29465"
            },
            {
              "name": "29622",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/29622"
            },
            {
              "name": "SUSE-SR:2008:008",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html"
            },
            {
              "name": "1019690",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1019690"
            },
            {
              "name": "GLSA-200804-27",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200804-27.xml"
            },
            {
              "name": "3795",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/3795"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://silcnet.org/general/news/?item=server_20080320_1"
            },
            {
              "name": "20080325 CORE-2007-1212: SILC pkcs_decode buffer overflow",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/490069/100/0/threaded"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://silcnet.org/general/news/?item=toolkit_20080320_1"
            },
            {
              "name": "29463",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/29463"
            },
            {
              "name": "FEDORA-2008-2641",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00538.html"
            },
            {
              "name": "ADV-2008-0974",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/0974/references"
            },
            {
              "name": "29946",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/29946"
            },
            {
              "name": "28373",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/28373"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.coresecurity.com/?action=item\u0026id=2206"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://silcnet.org/general/news/?item=client_20080320_1"
            },
            {
              "name": "MDVSA-2008:158",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:158"
            },
            {
              "name": "silc-silcpkcs1decode-bo(41474)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41474"
            },
            {
              "name": "FEDORA-2008-2616",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00513.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-1552",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The silc_pkcs1_decode function in the silccrypt library (silcpkcs1.c) in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.7, SILC Client before 1.1.4, and SILC Server before 1.1.2 allows remote attackers to execute arbitrary code via a crafted PKCS#1 message, which triggers an integer underflow, signedness error, and a buffer overflow.  NOTE: the researcher describes this as an integer overflow, but CVE uses the \"underflow\" term in cases of wraparound from unsigned subtraction."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "29465",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/29465"
                },
                {
                  "name": "29622",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/29622"
                },
                {
                  "name": "SUSE-SR:2008:008",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html"
                },
                {
                  "name": "1019690",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1019690"
                },
                {
                  "name": "GLSA-200804-27",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200804-27.xml"
                },
                {
                  "name": "3795",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/3795"
                },
                {
                  "name": "http://silcnet.org/general/news/?item=server_20080320_1",
                  "refsource": "CONFIRM",
                  "url": "http://silcnet.org/general/news/?item=server_20080320_1"
                },
                {
                  "name": "20080325 CORE-2007-1212: SILC pkcs_decode buffer overflow",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/490069/100/0/threaded"
                },
                {
                  "name": "http://silcnet.org/general/news/?item=toolkit_20080320_1",
                  "refsource": "CONFIRM",
                  "url": "http://silcnet.org/general/news/?item=toolkit_20080320_1"
                },
                {
                  "name": "29463",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/29463"
                },
                {
                  "name": "FEDORA-2008-2641",
                  "refsource": "FEDORA",
                  "url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00538.html"
                },
                {
                  "name": "ADV-2008-0974",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2008/0974/references"
                },
                {
                  "name": "29946",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/29946"
                },
                {
                  "name": "28373",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/28373"
                },
                {
                  "name": "http://www.coresecurity.com/?action=item\u0026id=2206",
                  "refsource": "MISC",
                  "url": "http://www.coresecurity.com/?action=item\u0026id=2206"
                },
                {
                  "name": "http://silcnet.org/general/news/?item=client_20080320_1",
                  "refsource": "CONFIRM",
                  "url": "http://silcnet.org/general/news/?item=client_20080320_1"
                },
                {
                  "name": "MDVSA-2008:158",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:158"
                },
                {
                  "name": "silc-silcpkcs1decode-bo(41474)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41474"
                },
                {
                  "name": "FEDORA-2008-2616",
                  "refsource": "FEDORA",
                  "url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00513.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-1552",
        "datePublished": "2008-03-31T17:00:00.000Z",
        "dateReserved": "2008-03-31T00:00:00.000Z",
        "dateUpdated": "2024-08-07T08:24:42.749Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-1429 (GCVE-0-2008-1429)

    Vulnerability from nvd – Published: 2008-03-20 18:00 – Updated: 2024-08-07 08:24
    VLAI
    Summary
    Secure Internet Live Conferencing (SILC) Server before 1.1.1 allows remote attackers to cause a denial of service (daemon crash) via a NEW_CLIENT packet without a nickname.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://security.gentoo.org/glsa/glsa-200804-27.xml vendor-advisoryx_refsource_GENTOO
    http://www.securityfocus.com/bid/28450 vdb-entryx_refsource_BID
    http://secunia.com/advisories/29946 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://silcnet.org/docs/release/SILC%20Server%201.1.1 x_refsource_CONFIRM
    http://www.vupen.com/english/advisories/2008/0919… vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/29459 third-party-advisoryx_refsource_SECUNIA
    http://www.securitytracker.com/id?1019711 vdb-entryx_refsource_SECTRACK
    Date Public
    2008-03-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T08:24:41.610Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "GLSA-200804-27",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200804-27.xml"
              },
              {
                "name": "28450",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/28450"
              },
              {
                "name": "29946",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/29946"
              },
              {
                "name": "silc-server-newclient-dos(41307)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41307"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://silcnet.org/docs/release/SILC%20Server%201.1.1"
              },
              {
                "name": "ADV-2008-0919",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/0919/references"
              },
              {
                "name": "29459",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/29459"
              },
              {
                "name": "1019711",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1019711"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-03-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Secure Internet Live Conferencing (SILC) Server before 1.1.1 allows remote attackers to cause a denial of service (daemon crash) via a NEW_CLIENT packet without a nickname."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-07T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "GLSA-200804-27",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200804-27.xml"
            },
            {
              "name": "28450",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/28450"
            },
            {
              "name": "29946",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/29946"
            },
            {
              "name": "silc-server-newclient-dos(41307)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41307"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://silcnet.org/docs/release/SILC%20Server%201.1.1"
            },
            {
              "name": "ADV-2008-0919",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/0919/references"
            },
            {
              "name": "29459",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/29459"
            },
            {
              "name": "1019711",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1019711"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-1429",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Secure Internet Live Conferencing (SILC) Server before 1.1.1 allows remote attackers to cause a denial of service (daemon crash) via a NEW_CLIENT packet without a nickname."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "GLSA-200804-27",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200804-27.xml"
                },
                {
                  "name": "28450",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/28450"
                },
                {
                  "name": "29946",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/29946"
                },
                {
                  "name": "silc-server-newclient-dos(41307)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41307"
                },
                {
                  "name": "http://silcnet.org/docs/release/SILC%20Server%201.1.1",
                  "refsource": "CONFIRM",
                  "url": "http://silcnet.org/docs/release/SILC%20Server%201.1.1"
                },
                {
                  "name": "ADV-2008-0919",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2008/0919/references"
                },
                {
                  "name": "29459",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/29459"
                },
                {
                  "name": "1019711",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1019711"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-1429",
        "datePublished": "2008-03-20T18:00:00.000Z",
        "dateReserved": "2008-03-20T00:00:00.000Z",
        "dateUpdated": "2024-08-07T08:24:41.610Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-1227 (GCVE-0-2008-1227)

    Vulnerability from nvd – Published: 2008-03-10 17:00 – Updated: 2024-08-07 08:17
    VLAI
    Summary
    Stack-based buffer overflow in the silc_fingerprint function in lib/silcutil/silcutil.c in Secure Internet Live Conferencing (SILC) Toolkit 1.1.5, and unspecified earlier versions, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via long input data. NOTE: some of these details are obtained from third party information.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://silcnet.org/docs/changelog/SILC%20Toolkit%… x_refsource_CONFIRM
    http://security.gentoo.org/glsa/glsa-200804-27.xml vendor-advisoryx_refsource_GENTOO
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    https://bugzilla.redhat.com/show_bug.cgi?id=372021 x_refsource_MISC
    http://www.vupen.com/english/advisories/2008/0769 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/29174 third-party-advisoryx_refsource_SECUNIA
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://secunia.com/advisories/29946 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/28101 vdb-entryx_refsource_BID
    http://secunia.com/advisories/29323 third-party-advisoryx_refsource_SECUNIA
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    Date Public
    2008-03-05 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T08:17:33.370Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://silcnet.org/docs/changelog/SILC%20Toolkit%201.1.6"
              },
              {
                "name": "GLSA-200804-27",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200804-27.xml"
              },
              {
                "name": "silctoolkit-silcfingerprint-bo(41012)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41012"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=372021"
              },
              {
                "name": "ADV-2008-0769",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/0769"
              },
              {
                "name": "29174",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/29174"
              },
              {
                "name": "SUSE-SR:2008:006",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html"
              },
              {
                "name": "29946",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/29946"
              },
              {
                "name": "28101",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/28101"
              },
              {
                "name": "29323",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/29323"
              },
              {
                "name": "MDVSA-2008:158",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:158"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-03-05T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in the silc_fingerprint function in lib/silcutil/silcutil.c in Secure Internet Live Conferencing (SILC) Toolkit 1.1.5, and unspecified earlier versions, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via long input data.  NOTE: some of these details are obtained from third party information."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-07T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://silcnet.org/docs/changelog/SILC%20Toolkit%201.1.6"
            },
            {
              "name": "GLSA-200804-27",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200804-27.xml"
            },
            {
              "name": "silctoolkit-silcfingerprint-bo(41012)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41012"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=372021"
            },
            {
              "name": "ADV-2008-0769",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/0769"
            },
            {
              "name": "29174",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/29174"
            },
            {
              "name": "SUSE-SR:2008:006",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html"
            },
            {
              "name": "29946",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/29946"
            },
            {
              "name": "28101",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/28101"
            },
            {
              "name": "29323",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/29323"
            },
            {
              "name": "MDVSA-2008:158",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:158"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-1227",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in the silc_fingerprint function in lib/silcutil/silcutil.c in Secure Internet Live Conferencing (SILC) Toolkit 1.1.5, and unspecified earlier versions, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via long input data.  NOTE: some of these details are obtained from third party information."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://silcnet.org/docs/changelog/SILC%20Toolkit%201.1.6",
                  "refsource": "CONFIRM",
                  "url": "http://silcnet.org/docs/changelog/SILC%20Toolkit%201.1.6"
                },
                {
                  "name": "GLSA-200804-27",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200804-27.xml"
                },
                {
                  "name": "silctoolkit-silcfingerprint-bo(41012)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41012"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=372021",
                  "refsource": "MISC",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=372021"
                },
                {
                  "name": "ADV-2008-0769",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2008/0769"
                },
                {
                  "name": "29174",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/29174"
                },
                {
                  "name": "SUSE-SR:2008:006",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html"
                },
                {
                  "name": "29946",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/29946"
                },
                {
                  "name": "28101",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/28101"
                },
                {
                  "name": "29323",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/29323"
                },
                {
                  "name": "MDVSA-2008:158",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:158"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-1227",
        "datePublished": "2008-03-10T17:00:00.000Z",
        "dateReserved": "2008-03-10T00:00:00.000Z",
        "dateUpdated": "2024-08-07T08:17:33.370Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-3728 (GCVE-0-2007-3728)

    Vulnerability from nvd – Published: 2007-07-12 17:00 – Updated: 2024-08-07 14:28
    VLAI
    Summary
    Buffer overflow in lib/silcclient/client_notify.c of SILC Client and SILC Toolkit before 1.1.2 allows remote attackers to cause a denial of service via "NICK_CHANGE" notifications.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://osvdb.org/36730 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/bid/24795 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/25939 third-party-advisoryx_refsource_SECUNIA
    http://silcnet.org/docs/changelog/changes.txt x_refsource_CONFIRM
    http://www.vupen.com/english/advisories/2007/2454 vdb-entryx_refsource_VUPEN
    http://www.silcnet.org/docs/release/SILC%20Toolki… x_refsource_CONFIRM
    Date Public
    2007-07-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:28:52.460Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "36730",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/36730"
              },
              {
                "name": "24795",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/24795"
              },
              {
                "name": "silc-clienttoolkit-nickchange-bo(35281)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35281"
              },
              {
                "name": "25939",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25939"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://silcnet.org/docs/changelog/changes.txt"
              },
              {
                "name": "ADV-2007-2454",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/2454"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.silcnet.org/docs/release/SILC%20Toolkit%201.1.2"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-07-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in lib/silcclient/client_notify.c of SILC Client and SILC Toolkit before 1.1.2 allows remote attackers to cause a denial of service via \"NICK_CHANGE\" notifications."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "36730",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/36730"
            },
            {
              "name": "24795",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/24795"
            },
            {
              "name": "silc-clienttoolkit-nickchange-bo(35281)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35281"
            },
            {
              "name": "25939",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25939"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://silcnet.org/docs/changelog/changes.txt"
            },
            {
              "name": "ADV-2007-2454",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2454"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.silcnet.org/docs/release/SILC%20Toolkit%201.1.2"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-3728",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in lib/silcclient/client_notify.c of SILC Client and SILC Toolkit before 1.1.2 allows remote attackers to cause a denial of service via \"NICK_CHANGE\" notifications."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "36730",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/36730"
                },
                {
                  "name": "24795",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/24795"
                },
                {
                  "name": "silc-clienttoolkit-nickchange-bo(35281)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35281"
                },
                {
                  "name": "25939",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25939"
                },
                {
                  "name": "http://silcnet.org/docs/changelog/changes.txt",
                  "refsource": "CONFIRM",
                  "url": "http://silcnet.org/docs/changelog/changes.txt"
                },
                {
                  "name": "ADV-2007-2454",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/2454"
                },
                {
                  "name": "http://www.silcnet.org/docs/release/SILC%20Toolkit%201.1.2",
                  "refsource": "CONFIRM",
                  "url": "http://www.silcnet.org/docs/release/SILC%20Toolkit%201.1.2"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-3728",
        "datePublished": "2007-07-12T17:00:00.000Z",
        "dateReserved": "2007-07-12T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:28:52.460Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-1327 (GCVE-0-2007-1327)

    Vulnerability from nvd – Published: 2007-03-07 21:00 – Updated: 2024-08-07 12:50
    VLAI
    Summary
    The SILC_SERVER_CMD_FUNC function in apps/silcd/command.c in silc-server 1.0.2 allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via a request without a cipher algorithm and an invalid HMAC algorithm.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/24426 third-party-advisoryx_refsource_SECUNIA
    http://security.gentoo.org/glsa/glsa-200703-12.xml vendor-advisoryx_refsource_GENTOO
    http://secunia.com/advisories/24431 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/22846 vdb-entryx_refsource_BID
    http://osvdb.org/33887 vdb-entryx_refsource_OSVDB
    http://marc.info/?l=full-disclosure&m=11732082361… mailing-listx_refsource_FULLDISC
    Date Public
    2007-03-06 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T12:50:34.959Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "24426",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/24426"
              },
              {
                "name": "GLSA-200703-12",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200703-12.xml"
              },
              {
                "name": "24431",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/24431"
              },
              {
                "name": "silc-command-dos(32846)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32846"
              },
              {
                "name": "22846",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/22846"
              },
              {
                "name": "33887",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/33887"
              },
              {
                "name": "20070306 silc-server 1.0.2 denial-of-service vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=full-disclosure\u0026m=117320823618036\u0026w=2"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-03-06T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The SILC_SERVER_CMD_FUNC function in apps/silcd/command.c in silc-server 1.0.2 allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via a request without a cipher algorithm and an invalid HMAC algorithm."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "24426",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/24426"
            },
            {
              "name": "GLSA-200703-12",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200703-12.xml"
            },
            {
              "name": "24431",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/24431"
            },
            {
              "name": "silc-command-dos(32846)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32846"
            },
            {
              "name": "22846",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/22846"
            },
            {
              "name": "33887",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/33887"
            },
            {
              "name": "20070306 silc-server 1.0.2 denial-of-service vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://marc.info/?l=full-disclosure\u0026m=117320823618036\u0026w=2"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-1327",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The SILC_SERVER_CMD_FUNC function in apps/silcd/command.c in silc-server 1.0.2 allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via a request without a cipher algorithm and an invalid HMAC algorithm."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "24426",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/24426"
                },
                {
                  "name": "GLSA-200703-12",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200703-12.xml"
                },
                {
                  "name": "24431",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/24431"
                },
                {
                  "name": "silc-command-dos(32846)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32846"
                },
                {
                  "name": "22846",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/22846"
                },
                {
                  "name": "33887",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/33887"
                },
                {
                  "name": "20070306 silc-server 1.0.2 denial-of-service vulnerability",
                  "refsource": "FULLDISC",
                  "url": "http://marc.info/?l=full-disclosure\u0026m=117320823618036\u0026w=2"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-1327",
        "datePublished": "2007-03-07T21:00:00.000Z",
        "dateReserved": "2007-03-07T00:00:00.000Z",
        "dateUpdated": "2024-08-07T12:50:34.959Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-2809 (GCVE-0-2005-2809)

    Vulnerability from nvd – Published: 2005-09-07 04:00 – Updated: 2024-08-07 22:45
    VLAI
    Summary
    silc daemon (silcd.c) in Secure Internet Live Conferencing (SILC) 1.0 and earlier allows local users to overwrite arbitrary files via a symlink attack on the silcd.[PID].stats temporary file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/16659/ third-party-advisoryx_refsource_SECUNIA
    http://www.zataz.net/adviso/silc-server-toolkit-0… x_refsource_MISC
    http://www.securityfocus.com/bid/14716 vdb-entryx_refsource_BID
    http://www.securityfocus.com/archive/1/409672 mailing-listx_refsource_BUGTRAQ
    http://bugs.gentoo.org/show_bug.cgi?id=94587 x_refsource_CONFIRM
    Date Public
    2005-09-01 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T22:45:02.255Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "16659",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/16659/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.zataz.net/adviso/silc-server-toolkit-06152005.txt"
              },
              {
                "name": "14716",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/14716"
              },
              {
                "name": "20050901 silc server and toolkit insecure temporary file creation",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/409672"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://bugs.gentoo.org/show_bug.cgi?id=94587"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-09-01T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "silc daemon (silcd.c) in Secure Internet Live Conferencing (SILC) 1.0 and earlier allows local users to overwrite arbitrary files via a symlink attack on the silcd.[PID].stats temporary file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2005-09-09T09:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "16659",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/16659/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.zataz.net/adviso/silc-server-toolkit-06152005.txt"
            },
            {
              "name": "14716",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/14716"
            },
            {
              "name": "20050901 silc server and toolkit insecure temporary file creation",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/409672"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://bugs.gentoo.org/show_bug.cgi?id=94587"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-2809",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "silc daemon (silcd.c) in Secure Internet Live Conferencing (SILC) 1.0 and earlier allows local users to overwrite arbitrary files via a symlink attack on the silcd.[PID].stats temporary file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "16659",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/16659/"
                },
                {
                  "name": "http://www.zataz.net/adviso/silc-server-toolkit-06152005.txt",
                  "refsource": "MISC",
                  "url": "http://www.zataz.net/adviso/silc-server-toolkit-06152005.txt"
                },
                {
                  "name": "14716",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/14716"
                },
                {
                  "name": "20050901 silc server and toolkit insecure temporary file creation",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/409672"
                },
                {
                  "name": "http://bugs.gentoo.org/show_bug.cgi?id=94587",
                  "refsource": "CONFIRM",
                  "url": "http://bugs.gentoo.org/show_bug.cgi?id=94587"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-2809",
        "datePublished": "2005-09-07T04:00:00.000Z",
        "dateReserved": "2005-09-07T00:00:00.000Z",
        "dateUpdated": "2024-08-07T22:45:02.255Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2003-1439 (GCVE-0-2003-1439)

    Vulnerability from nvd – Published: 2007-10-23 01:00 – Updated: 2024-08-08 02:28
    VLAI
    Summary
    Secure Internet Live Conferencing (SILC) 0.9.11 and 0.9.12 stores passwords and sessions in plaintext in memory, which could allow local users to obtain sensitive information.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/archive/1/309941/30/… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/6743 vdb-entryx_refsource_BID
    http://www.securityfocus.com/archive/1/309775 mailing-listx_refsource_BUGTRAQ
    Date Public
    2003-01-31 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T02:28:03.600Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "silc-plaintext-account-information(11244)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11244"
              },
              {
                "name": "20030201 Re: silc question - insecure memory",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/309941/30/26090/threaded"
              },
              {
                "name": "6743",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/6743"
              },
              {
                "name": "20030201 silc question - insecure memory",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/309775"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2003-01-31T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Secure Internet Live Conferencing (SILC) 0.9.11 and 0.9.12 stores passwords and sessions in plaintext in memory, which could allow local users to obtain sensitive information."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-19T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "silc-plaintext-account-information(11244)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11244"
            },
            {
              "name": "20030201 Re: silc question - insecure memory",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/309941/30/26090/threaded"
            },
            {
              "name": "6743",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/6743"
            },
            {
              "name": "20030201 silc question - insecure memory",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/309775"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2003-1439",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Secure Internet Live Conferencing (SILC) 0.9.11 and 0.9.12 stores passwords and sessions in plaintext in memory, which could allow local users to obtain sensitive information."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "silc-plaintext-account-information(11244)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11244"
                },
                {
                  "name": "20030201 Re: silc question - insecure memory",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/309941/30/26090/threaded"
                },
                {
                  "name": "6743",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/6743"
                },
                {
                  "name": "20030201 silc question - insecure memory",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/309775"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2003-1439",
        "datePublished": "2007-10-23T01:00:00.000Z",
        "dateReserved": "2007-10-22T00:00:00.000Z",
        "dateUpdated": "2024-08-08T02:28:03.600Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-1552 (GCVE-0-2008-1552)

    Vulnerability from cvelistv5 – Published: 2008-03-31 17:00 – Updated: 2024-08-07 08:24
    VLAI
    Summary
    The silc_pkcs1_decode function in the silccrypt library (silcpkcs1.c) in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.7, SILC Client before 1.1.4, and SILC Server before 1.1.2 allows remote attackers to execute arbitrary code via a crafted PKCS#1 message, which triggers an integer underflow, signedness error, and a buffer overflow. NOTE: the researcher describes this as an integer overflow, but CVE uses the "underflow" term in cases of wraparound from unsigned subtraction.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/29465 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/29622 third-party-advisoryx_refsource_SECUNIA
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://www.securitytracker.com/id?1019690 vdb-entryx_refsource_SECTRACK
    http://security.gentoo.org/glsa/glsa-200804-27.xml vendor-advisoryx_refsource_GENTOO
    http://securityreason.com/securityalert/3795 third-party-advisoryx_refsource_SREASON
    http://silcnet.org/general/news/?item=server_20080320_1 x_refsource_CONFIRM
    http://www.securityfocus.com/archive/1/490069/100… mailing-listx_refsource_BUGTRAQ
    http://silcnet.org/general/news/?item=toolkit_200… x_refsource_CONFIRM
    http://secunia.com/advisories/29463 third-party-advisoryx_refsource_SECUNIA
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://www.vupen.com/english/advisories/2008/0974… vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/29946 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/28373 vdb-entryx_refsource_BID
    http://www.coresecurity.com/?action=item&id=2206 x_refsource_MISC
    http://silcnet.org/general/news/?item=client_20080320_1 x_refsource_CONFIRM
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    Date Public
    2008-03-25 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T08:24:42.749Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "29465",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/29465"
              },
              {
                "name": "29622",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/29622"
              },
              {
                "name": "SUSE-SR:2008:008",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html"
              },
              {
                "name": "1019690",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1019690"
              },
              {
                "name": "GLSA-200804-27",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200804-27.xml"
              },
              {
                "name": "3795",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/3795"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://silcnet.org/general/news/?item=server_20080320_1"
              },
              {
                "name": "20080325 CORE-2007-1212: SILC pkcs_decode buffer overflow",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/490069/100/0/threaded"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://silcnet.org/general/news/?item=toolkit_20080320_1"
              },
              {
                "name": "29463",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/29463"
              },
              {
                "name": "FEDORA-2008-2641",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00538.html"
              },
              {
                "name": "ADV-2008-0974",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/0974/references"
              },
              {
                "name": "29946",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/29946"
              },
              {
                "name": "28373",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/28373"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.coresecurity.com/?action=item\u0026id=2206"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://silcnet.org/general/news/?item=client_20080320_1"
              },
              {
                "name": "MDVSA-2008:158",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:158"
              },
              {
                "name": "silc-silcpkcs1decode-bo(41474)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41474"
              },
              {
                "name": "FEDORA-2008-2616",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00513.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-03-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The silc_pkcs1_decode function in the silccrypt library (silcpkcs1.c) in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.7, SILC Client before 1.1.4, and SILC Server before 1.1.2 allows remote attackers to execute arbitrary code via a crafted PKCS#1 message, which triggers an integer underflow, signedness error, and a buffer overflow.  NOTE: the researcher describes this as an integer overflow, but CVE uses the \"underflow\" term in cases of wraparound from unsigned subtraction."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-11T19:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "29465",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/29465"
            },
            {
              "name": "29622",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/29622"
            },
            {
              "name": "SUSE-SR:2008:008",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html"
            },
            {
              "name": "1019690",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1019690"
            },
            {
              "name": "GLSA-200804-27",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200804-27.xml"
            },
            {
              "name": "3795",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/3795"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://silcnet.org/general/news/?item=server_20080320_1"
            },
            {
              "name": "20080325 CORE-2007-1212: SILC pkcs_decode buffer overflow",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/490069/100/0/threaded"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://silcnet.org/general/news/?item=toolkit_20080320_1"
            },
            {
              "name": "29463",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/29463"
            },
            {
              "name": "FEDORA-2008-2641",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00538.html"
            },
            {
              "name": "ADV-2008-0974",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/0974/references"
            },
            {
              "name": "29946",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/29946"
            },
            {
              "name": "28373",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/28373"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.coresecurity.com/?action=item\u0026id=2206"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://silcnet.org/general/news/?item=client_20080320_1"
            },
            {
              "name": "MDVSA-2008:158",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:158"
            },
            {
              "name": "silc-silcpkcs1decode-bo(41474)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41474"
            },
            {
              "name": "FEDORA-2008-2616",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00513.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-1552",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The silc_pkcs1_decode function in the silccrypt library (silcpkcs1.c) in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.7, SILC Client before 1.1.4, and SILC Server before 1.1.2 allows remote attackers to execute arbitrary code via a crafted PKCS#1 message, which triggers an integer underflow, signedness error, and a buffer overflow.  NOTE: the researcher describes this as an integer overflow, but CVE uses the \"underflow\" term in cases of wraparound from unsigned subtraction."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "29465",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/29465"
                },
                {
                  "name": "29622",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/29622"
                },
                {
                  "name": "SUSE-SR:2008:008",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html"
                },
                {
                  "name": "1019690",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1019690"
                },
                {
                  "name": "GLSA-200804-27",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200804-27.xml"
                },
                {
                  "name": "3795",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/3795"
                },
                {
                  "name": "http://silcnet.org/general/news/?item=server_20080320_1",
                  "refsource": "CONFIRM",
                  "url": "http://silcnet.org/general/news/?item=server_20080320_1"
                },
                {
                  "name": "20080325 CORE-2007-1212: SILC pkcs_decode buffer overflow",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/490069/100/0/threaded"
                },
                {
                  "name": "http://silcnet.org/general/news/?item=toolkit_20080320_1",
                  "refsource": "CONFIRM",
                  "url": "http://silcnet.org/general/news/?item=toolkit_20080320_1"
                },
                {
                  "name": "29463",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/29463"
                },
                {
                  "name": "FEDORA-2008-2641",
                  "refsource": "FEDORA",
                  "url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00538.html"
                },
                {
                  "name": "ADV-2008-0974",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2008/0974/references"
                },
                {
                  "name": "29946",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/29946"
                },
                {
                  "name": "28373",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/28373"
                },
                {
                  "name": "http://www.coresecurity.com/?action=item\u0026id=2206",
                  "refsource": "MISC",
                  "url": "http://www.coresecurity.com/?action=item\u0026id=2206"
                },
                {
                  "name": "http://silcnet.org/general/news/?item=client_20080320_1",
                  "refsource": "CONFIRM",
                  "url": "http://silcnet.org/general/news/?item=client_20080320_1"
                },
                {
                  "name": "MDVSA-2008:158",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:158"
                },
                {
                  "name": "silc-silcpkcs1decode-bo(41474)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41474"
                },
                {
                  "name": "FEDORA-2008-2616",
                  "refsource": "FEDORA",
                  "url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00513.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-1552",
        "datePublished": "2008-03-31T17:00:00.000Z",
        "dateReserved": "2008-03-31T00:00:00.000Z",
        "dateUpdated": "2024-08-07T08:24:42.749Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-1429 (GCVE-0-2008-1429)

    Vulnerability from cvelistv5 – Published: 2008-03-20 18:00 – Updated: 2024-08-07 08:24
    VLAI
    Summary
    Secure Internet Live Conferencing (SILC) Server before 1.1.1 allows remote attackers to cause a denial of service (daemon crash) via a NEW_CLIENT packet without a nickname.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://security.gentoo.org/glsa/glsa-200804-27.xml vendor-advisoryx_refsource_GENTOO
    http://www.securityfocus.com/bid/28450 vdb-entryx_refsource_BID
    http://secunia.com/advisories/29946 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://silcnet.org/docs/release/SILC%20Server%201.1.1 x_refsource_CONFIRM
    http://www.vupen.com/english/advisories/2008/0919… vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/29459 third-party-advisoryx_refsource_SECUNIA
    http://www.securitytracker.com/id?1019711 vdb-entryx_refsource_SECTRACK
    Date Public
    2008-03-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T08:24:41.610Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "GLSA-200804-27",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200804-27.xml"
              },
              {
                "name": "28450",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/28450"
              },
              {
                "name": "29946",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/29946"
              },
              {
                "name": "silc-server-newclient-dos(41307)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41307"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://silcnet.org/docs/release/SILC%20Server%201.1.1"
              },
              {
                "name": "ADV-2008-0919",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/0919/references"
              },
              {
                "name": "29459",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/29459"
              },
              {
                "name": "1019711",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1019711"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-03-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Secure Internet Live Conferencing (SILC) Server before 1.1.1 allows remote attackers to cause a denial of service (daemon crash) via a NEW_CLIENT packet without a nickname."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-07T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "GLSA-200804-27",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200804-27.xml"
            },
            {
              "name": "28450",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/28450"
            },
            {
              "name": "29946",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/29946"
            },
            {
              "name": "silc-server-newclient-dos(41307)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41307"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://silcnet.org/docs/release/SILC%20Server%201.1.1"
            },
            {
              "name": "ADV-2008-0919",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/0919/references"
            },
            {
              "name": "29459",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/29459"
            },
            {
              "name": "1019711",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1019711"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-1429",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Secure Internet Live Conferencing (SILC) Server before 1.1.1 allows remote attackers to cause a denial of service (daemon crash) via a NEW_CLIENT packet without a nickname."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "GLSA-200804-27",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200804-27.xml"
                },
                {
                  "name": "28450",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/28450"
                },
                {
                  "name": "29946",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/29946"
                },
                {
                  "name": "silc-server-newclient-dos(41307)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41307"
                },
                {
                  "name": "http://silcnet.org/docs/release/SILC%20Server%201.1.1",
                  "refsource": "CONFIRM",
                  "url": "http://silcnet.org/docs/release/SILC%20Server%201.1.1"
                },
                {
                  "name": "ADV-2008-0919",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2008/0919/references"
                },
                {
                  "name": "29459",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/29459"
                },
                {
                  "name": "1019711",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1019711"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-1429",
        "datePublished": "2008-03-20T18:00:00.000Z",
        "dateReserved": "2008-03-20T00:00:00.000Z",
        "dateUpdated": "2024-08-07T08:24:41.610Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-1227 (GCVE-0-2008-1227)

    Vulnerability from cvelistv5 – Published: 2008-03-10 17:00 – Updated: 2024-08-07 08:17
    VLAI
    Summary
    Stack-based buffer overflow in the silc_fingerprint function in lib/silcutil/silcutil.c in Secure Internet Live Conferencing (SILC) Toolkit 1.1.5, and unspecified earlier versions, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via long input data. NOTE: some of these details are obtained from third party information.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://silcnet.org/docs/changelog/SILC%20Toolkit%… x_refsource_CONFIRM
    http://security.gentoo.org/glsa/glsa-200804-27.xml vendor-advisoryx_refsource_GENTOO
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    https://bugzilla.redhat.com/show_bug.cgi?id=372021 x_refsource_MISC
    http://www.vupen.com/english/advisories/2008/0769 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/29174 third-party-advisoryx_refsource_SECUNIA
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://secunia.com/advisories/29946 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/28101 vdb-entryx_refsource_BID
    http://secunia.com/advisories/29323 third-party-advisoryx_refsource_SECUNIA
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    Date Public
    2008-03-05 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T08:17:33.370Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://silcnet.org/docs/changelog/SILC%20Toolkit%201.1.6"
              },
              {
                "name": "GLSA-200804-27",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200804-27.xml"
              },
              {
                "name": "silctoolkit-silcfingerprint-bo(41012)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41012"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=372021"
              },
              {
                "name": "ADV-2008-0769",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/0769"
              },
              {
                "name": "29174",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/29174"
              },
              {
                "name": "SUSE-SR:2008:006",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html"
              },
              {
                "name": "29946",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/29946"
              },
              {
                "name": "28101",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/28101"
              },
              {
                "name": "29323",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/29323"
              },
              {
                "name": "MDVSA-2008:158",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:158"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-03-05T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in the silc_fingerprint function in lib/silcutil/silcutil.c in Secure Internet Live Conferencing (SILC) Toolkit 1.1.5, and unspecified earlier versions, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via long input data.  NOTE: some of these details are obtained from third party information."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-07T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://silcnet.org/docs/changelog/SILC%20Toolkit%201.1.6"
            },
            {
              "name": "GLSA-200804-27",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200804-27.xml"
            },
            {
              "name": "silctoolkit-silcfingerprint-bo(41012)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41012"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=372021"
            },
            {
              "name": "ADV-2008-0769",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/0769"
            },
            {
              "name": "29174",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/29174"
            },
            {
              "name": "SUSE-SR:2008:006",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html"
            },
            {
              "name": "29946",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/29946"
            },
            {
              "name": "28101",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/28101"
            },
            {
              "name": "29323",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/29323"
            },
            {
              "name": "MDVSA-2008:158",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:158"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-1227",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in the silc_fingerprint function in lib/silcutil/silcutil.c in Secure Internet Live Conferencing (SILC) Toolkit 1.1.5, and unspecified earlier versions, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via long input data.  NOTE: some of these details are obtained from third party information."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://silcnet.org/docs/changelog/SILC%20Toolkit%201.1.6",
                  "refsource": "CONFIRM",
                  "url": "http://silcnet.org/docs/changelog/SILC%20Toolkit%201.1.6"
                },
                {
                  "name": "GLSA-200804-27",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200804-27.xml"
                },
                {
                  "name": "silctoolkit-silcfingerprint-bo(41012)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41012"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=372021",
                  "refsource": "MISC",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=372021"
                },
                {
                  "name": "ADV-2008-0769",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2008/0769"
                },
                {
                  "name": "29174",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/29174"
                },
                {
                  "name": "SUSE-SR:2008:006",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html"
                },
                {
                  "name": "29946",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/29946"
                },
                {
                  "name": "28101",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/28101"
                },
                {
                  "name": "29323",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/29323"
                },
                {
                  "name": "MDVSA-2008:158",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:158"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-1227",
        "datePublished": "2008-03-10T17:00:00.000Z",
        "dateReserved": "2008-03-10T00:00:00.000Z",
        "dateUpdated": "2024-08-07T08:17:33.370Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2003-1439 (GCVE-0-2003-1439)

    Vulnerability from cvelistv5 – Published: 2007-10-23 01:00 – Updated: 2024-08-08 02:28
    VLAI
    Summary
    Secure Internet Live Conferencing (SILC) 0.9.11 and 0.9.12 stores passwords and sessions in plaintext in memory, which could allow local users to obtain sensitive information.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/archive/1/309941/30/… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/6743 vdb-entryx_refsource_BID
    http://www.securityfocus.com/archive/1/309775 mailing-listx_refsource_BUGTRAQ
    Date Public
    2003-01-31 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T02:28:03.600Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "silc-plaintext-account-information(11244)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11244"
              },
              {
                "name": "20030201 Re: silc question - insecure memory",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/309941/30/26090/threaded"
              },
              {
                "name": "6743",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/6743"
              },
              {
                "name": "20030201 silc question - insecure memory",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/309775"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2003-01-31T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Secure Internet Live Conferencing (SILC) 0.9.11 and 0.9.12 stores passwords and sessions in plaintext in memory, which could allow local users to obtain sensitive information."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-19T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "silc-plaintext-account-information(11244)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11244"
            },
            {
              "name": "20030201 Re: silc question - insecure memory",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/309941/30/26090/threaded"
            },
            {
              "name": "6743",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/6743"
            },
            {
              "name": "20030201 silc question - insecure memory",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/309775"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2003-1439",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Secure Internet Live Conferencing (SILC) 0.9.11 and 0.9.12 stores passwords and sessions in plaintext in memory, which could allow local users to obtain sensitive information."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "silc-plaintext-account-information(11244)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11244"
                },
                {
                  "name": "20030201 Re: silc question - insecure memory",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/309941/30/26090/threaded"
                },
                {
                  "name": "6743",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/6743"
                },
                {
                  "name": "20030201 silc question - insecure memory",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/309775"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2003-1439",
        "datePublished": "2007-10-23T01:00:00.000Z",
        "dateReserved": "2007-10-22T00:00:00.000Z",
        "dateUpdated": "2024-08-08T02:28:03.600Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-3728 (GCVE-0-2007-3728)

    Vulnerability from cvelistv5 – Published: 2007-07-12 17:00 – Updated: 2024-08-07 14:28
    VLAI
    Summary
    Buffer overflow in lib/silcclient/client_notify.c of SILC Client and SILC Toolkit before 1.1.2 allows remote attackers to cause a denial of service via "NICK_CHANGE" notifications.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://osvdb.org/36730 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/bid/24795 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/25939 third-party-advisoryx_refsource_SECUNIA
    http://silcnet.org/docs/changelog/changes.txt x_refsource_CONFIRM
    http://www.vupen.com/english/advisories/2007/2454 vdb-entryx_refsource_VUPEN
    http://www.silcnet.org/docs/release/SILC%20Toolki… x_refsource_CONFIRM
    Date Public
    2007-07-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:28:52.460Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "36730",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/36730"
              },
              {
                "name": "24795",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/24795"
              },
              {
                "name": "silc-clienttoolkit-nickchange-bo(35281)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35281"
              },
              {
                "name": "25939",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25939"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://silcnet.org/docs/changelog/changes.txt"
              },
              {
                "name": "ADV-2007-2454",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/2454"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.silcnet.org/docs/release/SILC%20Toolkit%201.1.2"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-07-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in lib/silcclient/client_notify.c of SILC Client and SILC Toolkit before 1.1.2 allows remote attackers to cause a denial of service via \"NICK_CHANGE\" notifications."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "36730",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/36730"
            },
            {
              "name": "24795",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/24795"
            },
            {
              "name": "silc-clienttoolkit-nickchange-bo(35281)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35281"
            },
            {
              "name": "25939",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25939"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://silcnet.org/docs/changelog/changes.txt"
            },
            {
              "name": "ADV-2007-2454",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2454"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.silcnet.org/docs/release/SILC%20Toolkit%201.1.2"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-3728",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in lib/silcclient/client_notify.c of SILC Client and SILC Toolkit before 1.1.2 allows remote attackers to cause a denial of service via \"NICK_CHANGE\" notifications."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "36730",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/36730"
                },
                {
                  "name": "24795",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/24795"
                },
                {
                  "name": "silc-clienttoolkit-nickchange-bo(35281)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35281"
                },
                {
                  "name": "25939",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25939"
                },
                {
                  "name": "http://silcnet.org/docs/changelog/changes.txt",
                  "refsource": "CONFIRM",
                  "url": "http://silcnet.org/docs/changelog/changes.txt"
                },
                {
                  "name": "ADV-2007-2454",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/2454"
                },
                {
                  "name": "http://www.silcnet.org/docs/release/SILC%20Toolkit%201.1.2",
                  "refsource": "CONFIRM",
                  "url": "http://www.silcnet.org/docs/release/SILC%20Toolkit%201.1.2"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-3728",
        "datePublished": "2007-07-12T17:00:00.000Z",
        "dateReserved": "2007-07-12T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:28:52.460Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-1327 (GCVE-0-2007-1327)

    Vulnerability from cvelistv5 – Published: 2007-03-07 21:00 – Updated: 2024-08-07 12:50
    VLAI
    Summary
    The SILC_SERVER_CMD_FUNC function in apps/silcd/command.c in silc-server 1.0.2 allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via a request without a cipher algorithm and an invalid HMAC algorithm.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/24426 third-party-advisoryx_refsource_SECUNIA
    http://security.gentoo.org/glsa/glsa-200703-12.xml vendor-advisoryx_refsource_GENTOO
    http://secunia.com/advisories/24431 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/22846 vdb-entryx_refsource_BID
    http://osvdb.org/33887 vdb-entryx_refsource_OSVDB
    http://marc.info/?l=full-disclosure&m=11732082361… mailing-listx_refsource_FULLDISC
    Date Public
    2007-03-06 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T12:50:34.959Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "24426",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/24426"
              },
              {
                "name": "GLSA-200703-12",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200703-12.xml"
              },
              {
                "name": "24431",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/24431"
              },
              {
                "name": "silc-command-dos(32846)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32846"
              },
              {
                "name": "22846",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/22846"
              },
              {
                "name": "33887",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/33887"
              },
              {
                "name": "20070306 silc-server 1.0.2 denial-of-service vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=full-disclosure\u0026m=117320823618036\u0026w=2"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-03-06T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The SILC_SERVER_CMD_FUNC function in apps/silcd/command.c in silc-server 1.0.2 allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via a request without a cipher algorithm and an invalid HMAC algorithm."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "24426",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/24426"
            },
            {
              "name": "GLSA-200703-12",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200703-12.xml"
            },
            {
              "name": "24431",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/24431"
            },
            {
              "name": "silc-command-dos(32846)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32846"
            },
            {
              "name": "22846",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/22846"
            },
            {
              "name": "33887",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/33887"
            },
            {
              "name": "20070306 silc-server 1.0.2 denial-of-service vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://marc.info/?l=full-disclosure\u0026m=117320823618036\u0026w=2"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-1327",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The SILC_SERVER_CMD_FUNC function in apps/silcd/command.c in silc-server 1.0.2 allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via a request without a cipher algorithm and an invalid HMAC algorithm."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "24426",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/24426"
                },
                {
                  "name": "GLSA-200703-12",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200703-12.xml"
                },
                {
                  "name": "24431",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/24431"
                },
                {
                  "name": "silc-command-dos(32846)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32846"
                },
                {
                  "name": "22846",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/22846"
                },
                {
                  "name": "33887",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/33887"
                },
                {
                  "name": "20070306 silc-server 1.0.2 denial-of-service vulnerability",
                  "refsource": "FULLDISC",
                  "url": "http://marc.info/?l=full-disclosure\u0026m=117320823618036\u0026w=2"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-1327",
        "datePublished": "2007-03-07T21:00:00.000Z",
        "dateReserved": "2007-03-07T00:00:00.000Z",
        "dateUpdated": "2024-08-07T12:50:34.959Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-2809 (GCVE-0-2005-2809)

    Vulnerability from cvelistv5 – Published: 2005-09-07 04:00 – Updated: 2024-08-07 22:45
    VLAI
    Summary
    silc daemon (silcd.c) in Secure Internet Live Conferencing (SILC) 1.0 and earlier allows local users to overwrite arbitrary files via a symlink attack on the silcd.[PID].stats temporary file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/16659/ third-party-advisoryx_refsource_SECUNIA
    http://www.zataz.net/adviso/silc-server-toolkit-0… x_refsource_MISC
    http://www.securityfocus.com/bid/14716 vdb-entryx_refsource_BID
    http://www.securityfocus.com/archive/1/409672 mailing-listx_refsource_BUGTRAQ
    http://bugs.gentoo.org/show_bug.cgi?id=94587 x_refsource_CONFIRM
    Date Public
    2005-09-01 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T22:45:02.255Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "16659",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/16659/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.zataz.net/adviso/silc-server-toolkit-06152005.txt"
              },
              {
                "name": "14716",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/14716"
              },
              {
                "name": "20050901 silc server and toolkit insecure temporary file creation",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/409672"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://bugs.gentoo.org/show_bug.cgi?id=94587"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-09-01T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "silc daemon (silcd.c) in Secure Internet Live Conferencing (SILC) 1.0 and earlier allows local users to overwrite arbitrary files via a symlink attack on the silcd.[PID].stats temporary file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2005-09-09T09:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "16659",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/16659/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.zataz.net/adviso/silc-server-toolkit-06152005.txt"
            },
            {
              "name": "14716",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/14716"
            },
            {
              "name": "20050901 silc server and toolkit insecure temporary file creation",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/409672"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://bugs.gentoo.org/show_bug.cgi?id=94587"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-2809",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "silc daemon (silcd.c) in Secure Internet Live Conferencing (SILC) 1.0 and earlier allows local users to overwrite arbitrary files via a symlink attack on the silcd.[PID].stats temporary file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "16659",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/16659/"
                },
                {
                  "name": "http://www.zataz.net/adviso/silc-server-toolkit-06152005.txt",
                  "refsource": "MISC",
                  "url": "http://www.zataz.net/adviso/silc-server-toolkit-06152005.txt"
                },
                {
                  "name": "14716",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/14716"
                },
                {
                  "name": "20050901 silc server and toolkit insecure temporary file creation",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/409672"
                },
                {
                  "name": "http://bugs.gentoo.org/show_bug.cgi?id=94587",
                  "refsource": "CONFIRM",
                  "url": "http://bugs.gentoo.org/show_bug.cgi?id=94587"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-2809",
        "datePublished": "2005-09-07T04:00:00.000Z",
        "dateReserved": "2005-09-07T00:00:00.000Z",
        "dateUpdated": "2024-08-07T22:45:02.255Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }