FreeBSD : libtasn1 -- stack-based buffer overflow in asn1_der_decoding (82595123-e8b8-11e4-a008-047d7b492d07)

Critical Nessus Plugin ID 83024


The remote FreeBSD host is missing a security-related update.


Debian reports :

Hanno Boeck discovered a stack-based buffer overflow in the asn1_der_decoding function in Libtasn1, a library to manage ASN.1 structures. A remote attacker could take advantage of this flaw to cause an application using the Libtasn1 library to crash, or potentially to execute arbitrary code.


Update the affected package.

See Also

Plugin Details

Severity: Critical

ID: 83024

File Name: freebsd_pkg_82595123e8b811e4a008047d7b492d07.nasl

Version: $Revision: 1.1 $

Type: local

Published: 2015/04/23

Modified: 2015/04/23

Dependencies: 12634

Risk Information

Risk Factor: Critical


Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:libtasn1, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2015/04/22

Vulnerability Publication Date: 2015/04/11

Reference Information

CVE: CVE-2015-2806