objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::dup_top (called from acommon::StringMap::add and acommon::Config::lookup_list).

The remote host is affected by the vulnerability described in GLSA-202402-31 (GNU Aspell: Heap Buffer Overflow)

  - objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::dup_top (called from     acommon::StringMap::add and acommon::Config::lookup_list). (CVE-2019-25051)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of aspell installed on the remote host is prior to 0.60.6.1-22. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2199 advisory.

  - objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::dup_top (called from     acommon::StringMap::add and acommon::Config::lookup_list). (CVE-2019-25051)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:1808 advisory.

  - objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::dup_top (called from     acommon::StringMap::add and acommon::Config::lookup_list). (CVE-2019-25051)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-1808 advisory.

  - objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::dup_top (called from     acommon::StringMap::add and acommon::Config::lookup_list). (CVE-2019-25051)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2022:1808 advisory.

  - objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::dup_top (called from     acommon::StringMap::add and acommon::Config::lookup_list). (CVE-2019-25051)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:1808 advisory.

  - aspell: Heap-buffer-overflow in acommon::ObjStack::dup_top (CVE-2019-25051)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED12 / SLES12 / SLES_SAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:2848-1 advisory.

  - objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::dup_top (called from     acommon::StringMap::add and acommon::Config::lookup_list). (CVE-2019-25051)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:1181-1 advisory.

  - objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::dup_top (called from     acommon::StringMap::add and acommon::Config::lookup_list). (CVE-2019-25051)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:2794-1 advisory.

  - objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::dup_top (called from     acommon::StringMap::add and acommon::Config::lookup_list). (CVE-2019-25051)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:2794-1 advisory.

  - objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::dup_top (called from     acommon::StringMap::add and acommon::Config::lookup_list). (CVE-2019-25051)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES11 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2021:14783-1 advisory.

  - objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::dup_top (called from     acommon::StringMap::add and acommon::Config::lookup_list). (CVE-2019-25051)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-4948 advisory.

  - libaspell.a in GNU Aspell before 0.60.8 has a stack-based buffer over-read in acommon::unescape in     common/getdata.cpp via an isolated \ character. (CVE-2019-17544)

  - objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::dup_top (called from     acommon::StringMap::add and acommon::Config::lookup_list). (CVE-2019-25051)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 21.04 host has packages installed that are affected by a vulnerability as referenced in the USN-5023-1 advisory.

  - objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::dup_top (called from     acommon::StringMap::add and acommon::Config::lookup_list). (CVE-2019-25051)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
191001	GLSA-202402-31 : GNU Aspell: Heap Buffer Overflow	Nessus	Gentoo Local Security Checks	high
179774	Amazon Linux 2 : aspell (ALAS-2023-2199)	Nessus	Amazon Linux Local Security Checks	high
161343	Rocky Linux 8 : aspell (RLSA-2022:1808)	Nessus	Rocky Linux Local Security Checks	high
161314	Oracle Linux 8 : aspell (ELSA-2022-1808)	Nessus	Oracle Linux Local Security Checks	high
161110	AlmaLinux 8 : aspell (ALSA-2022:1808)	Nessus	Alma Linux Local Security Checks	high
161021	RHEL 8 : aspell (RHSA-2022:1808)	Nessus	Red Hat Local Security Checks	high
152836	SUSE SLED12 / SLES12 Security Update : aspell (SUSE-SU-2021:2848-1)	Nessus	SuSE Local Security Checks	high
152755	openSUSE 15 Security Update : aspell (openSUSE-SU-2021:1181-1)	Nessus	SuSE Local Security Checks	high
152728	openSUSE 15 Security Update : aspell (openSUSE-SU-2021:2794-1)	Nessus	SuSE Local Security Checks	high
152705	SUSE SLED15 / SLES15 Security Update : aspell (SUSE-SU-2021:2794-1)	Nessus	SuSE Local Security Checks	high
152551	SUSE SLES11 Security Update : aspell (SUSE-SU-2021:14783-1)	Nessus	SuSE Local Security Checks	high
152169	Debian DSA-4948-1 : aspell - security update	Nessus	Debian Local Security Checks	critical
152079	Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS : Aspell vulnerability (USN-5023-1)	Nessus	Ubuntu Local Security Checks	high

Detections

Analytics

CVE-2019-25051

high

Tenable Plugins

high

high

high

high

high

high

high

high

high

high

high

critical

high