CVE-2012-0698
published 2012-11-26CVE-2012-0698: tcsd in TrouSerS before 0.3.10 allows remote attackers to cause a denial of service (daemon crash) via a crafted type_offset value in a TCP packet to port…
PriorityP430medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
10.51%
95.2th percentile
tcsd in TrouSerS before 0.3.10 allows remote attackers to cause a denial of service (daemon crash) via a crafted type_offset value in a TCP packet to port 30003.
Affected
19 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | trousers | < trousers 0.3.9-1 (bookworm) | trousers 0.3.9-1 (bookworm) |
| trousers_project | trousers | >= 0 < 0.3.9-1 | 0.3.9-1 |
| trousers_project | trousers | >= 0 < 0.3.9-1 | 0.3.9-1 |
| trousers_project | trousers | >= 0 < 0.3.9-1 | 0.3.9-1 |
| trousers_project | trousers | >= 0 < 0.3.9-1 | 0.3.9-1 |
| trustedcomputinggroup | trousers | <= 0.3.9 | — |
| trustedcomputinggroup | trousers | — | — |
| trustedcomputinggroup | trousers | — | — |
| trustedcomputinggroup | trousers | — | — |
| trustedcomputinggroup | trousers | — | — |
| trustedcomputinggroup | trousers | — | — |
| trustedcomputinggroup | trousers | — | — |
| trustedcomputinggroup | trousers | — | — |
| trustedcomputinggroup | trousers | — | — |
| trustedcomputinggroup | trousers | — | — |
| trustedcomputinggroup | trousers | — | — |
| trustedcomputinggroup | trousers | — | — |
| trustedcomputinggroup | trousers | — | — |
| trustedcomputinggroup | trousers | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM
vendor_debian5.0LOW
vendor_redhat5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-wwr7-75x7-5749: tcsd in TrouSerS before 0
ghsa_unreviewed·2022-05-13
CVE-2012-0698 [MEDIUM] CWE-119 GHSA-wwr7-75x7-5749: tcsd in TrouSerS before 0
tcsd in TrouSerS before 0.3.10 allows remote attackers to cause a denial of service (daemon crash) via a crafted type_offset value in a TCP packet to port 30003.
OSV
CVE-2012-0698: tcsd in TrouSerS before 0
osv·2012-11-26·CVSS 5.0
CVE-2012-0698 [MEDIUM] CVE-2012-0698: tcsd in TrouSerS before 0
tcsd in TrouSerS before 0.3.10 allows remote attackers to cause a denial of service (daemon crash) via a crafted type_offset value in a TCP packet to port 30003.
Red Hat
trousers: DoS vulnerability in tcsd
vendor_redhat·2012-01-13·CVSS 5.0
CVE-2012-0698 [MEDIUM] trousers: DoS vulnerability in tcsd
trousers: DoS vulnerability in tcsd
tcsd in TrouSerS before 0.3.10 allows remote attackers to cause a denial of service (daemon crash) via a crafted type_offset value in a TCP packet to port 30003.
A flaw was found in the way tcsd, the daemon that manages Trusted Computing resources, processed incoming TCP packets. A remote attacker could send a specially crafted TCP packet that, when processed by tcsd, could cause the daemon to crash. Note that by default tcsd accepts requests on localhost only.
Statement: The Red Hat Security Response Team has rated this issue as having low security impact. Trousers is only useful on systems with TPM hardware, additionally local access is required to exploit of this issue. Exploitation of this issue only results in a crash of the tcsd daemon which can
Debian
CVE-2012-0698: trousers - tcsd in TrouSerS before 0.3.10 allows remote attackers to cause a denial of serv...
vendor_debian·2012·CVSS 5.0
CVE-2012-0698 [MEDIUM] CVE-2012-0698: trousers - tcsd in TrouSerS before 0.3.10 allows remote attackers to cause a denial of serv...
tcsd in TrouSerS before 0.3.10 allows remote attackers to cause a denial of service (daemon crash) via a crafted type_offset value in a TCP packet to port 30003.
Scope: local
bookworm: resolved (fixed in 0.3.9-1)
bullseye: resolved (fixed in 0.3.9-1)
forky: resolved (fixed in 0.3.9-1)
sid: resolved (fixed in 0.3.9-1)
trixie: resolved (fixed in 0.3.9-1)
No detection rules found.
Bugzilla
CVE-2012-0698 DoS vulnerability in tcsd [fedora-all]
bugzilla·2012-01-14·CVSS 5.0
CVE-2012-0698 [MEDIUM] CVE-2012-0698 DoS vulnerability in tcsd [fedora-all]
CVE-2012-0698 DoS vulnerability in tcsd [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include this bug ID and the
bug IDs of this bug's parent bugs filed against the "Security Response"
product (the top-level CVE bugs). Please mention the CVE IDs being fixed
in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates/new/?type_=security&bugs=781648
Please no
Bugzilla
CVE-2012-0698 trousers: DoS vulnerability in tcsd
bugzilla·2012-01-14·CVSS 5.0
CVE-2012-0698 [MEDIUM] CVE-2012-0698 trousers: DoS vulnerability in tcsd
CVE-2012-0698 trousers: DoS vulnerability in tcsd
From Andy Lutomirski
The attached Python script will segfault tcsd.
This particular vulnerability is a read from an attacker-controlled address, so
getting anything more severe than information disclosure out of it may be
difficult. But there is a lot of fishy input validation, and it may be
possible to persuade the code to write out of bounds as well. It is certainly
possible to cause memory allocation failures, but I haven't seen one that's
unchecked yet.
Upstream report (currently private) here:
https://sourceforge.net/tracker/?func=detail&atid=704358&aid=3473554&group_id=126012
Discussion:
*** Bug 781637 has been marked as a duplicate of this bug. ***
---
This is CVE-2012-0698.
---
Confirmed on Fedora 16/Lenovo laptop with tro
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692649http://packetstormsecurity.com/files/118281/TrouSerS-Denial-Of-Service.htmlhttp://secunia.com/advisories/51295http://sourceforge.net/tracker/index.php?func=detail&aid=3473554&group_id=126012&atid=704358http://trousers.git.sourceforge.net/git/gitweb.cgi?p=trousers/trousers%3Ba=commit%3Bh=50dd06a6f639b76b3bb629606ef71b2dc5407601http://trousers.git.sourceforge.net/git/gitweb.cgi?p=trousers/trousers%3Ba=commit%3Bh=ae0c2f8c1fd7a96ba0191f83b6057f8cbc51e786http://www.debian.org/security/2012/dsa-2576http://www.exploit-db.com/exploits/22904/https://blogs.oracle.com/sunsecurity/entry/cve_2012_0698_denial_ofhttps://bugzilla.redhat.com/show_bug.cgi?id=781648https://exchange.xforce.ibmcloud.com/vulnerabilities/80226http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692649http://packetstormsecurity.com/files/118281/TrouSerS-Denial-Of-Service.htmlhttp://secunia.com/advisories/51295http://sourceforge.net/tracker/index.php?func=detail&aid=3473554&group_id=126012&atid=704358http://trousers.git.sourceforge.net/git/gitweb.cgi?p=trousers/trousers%3Ba=commit%3Bh=50dd06a6f639b76b3bb629606ef71b2dc5407601http://trousers.git.sourceforge.net/git/gitweb.cgi?p=trousers/trousers%3Ba=commit%3Bh=ae0c2f8c1fd7a96ba0191f83b6057f8cbc51e786http://www.debian.org/security/2012/dsa-2576http://www.exploit-db.com/exploits/22904/https://blogs.oracle.com/sunsecurity/entry/cve_2012_0698_denial_ofhttps://bugzilla.redhat.com/show_bug.cgi?id=781648https://exchange.xforce.ibmcloud.com/vulnerabilities/80226
2012-11-26
Published