First published: Tue Jan 03 2017(Updated: )
A heap-buffer overflow vulnerability was discovered in cryptopp. This vulnerability can be used to remotely gain access to shell. References: <a href="http://seclists.org/oss-sec/2016/q4/760">http://seclists.org/oss-sec/2016/q4/760</a> <a href="https://pony7.fr/ctf:public:32c3:cryptmsg">https://pony7.fr/ctf:public:32c3:cryptmsg</a> Upstream bug: <a href="https://github.com/dlitz/pycrypto/issues/176">https://github.com/dlitz/pycrypto/issues/176</a>
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Dlitz Pycrypto | <=2.6.1 | |
Fedoraproject Fedora | =24 | |
Fedoraproject Fedora | =25 | |
pip/pycrypto | <=2.6.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.