CVE-2017-5500
published 2017-03-01CVE-2017-5500: libjasper/jpc/jpc_dec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value.
PriorityP419medium5.5CVSS 3.0
AVLACLPRNUIRSUCNINAH
EPSS
1.33%
67.6th percentile
libjasper/jpc/jpc_dec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jasper_project | jasper | — | — |
CVSS provenance
nvdv3.05.5MEDIUMCVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:N/A:P
osv5.5MEDIUM
vendor_cisco8.8HIGH
vendor_redhat5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Cisco
Cisco IOS XR Software Denial of Service Vulnerability
vendor_cisco·2017-10-04·CVSS 5.3
CVE-2017-12270 [MEDIUM] CWE-119 Cisco IOS XR Software Denial of Service Vulnerability
Cisco IOS XR Software Denial of Service Vulnerability
A vulnerability in the gRPC code of Cisco IOS XR Software for Cisco Network Convergence System (NCS) 5500 Series Routers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition when the emsd service stops.
The vulnerability is due to the software's inability to process HTTP/2 packets. An attacker could exploit this vulnerability by sending a malformed HTTP/2 frame to the affected device. A successful exploit could allow the attacker to create a DoS condition when the emsd service stops.
There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-ncs
Cisco
Cisco ASR 5500 System Architecture Evolution Gateway GPRS Tunneling Protocol Denial of Service Vulnerability
vendor_cisco·2017-09-06·CVSS 5.8
CVE-2017-12217 [MEDIUM] CWE-20 Cisco ASR 5500 System Architecture Evolution Gateway GPRS Tunneling Protocol Denial of Service Vulnerability
Cisco ASR 5500 System Architecture Evolution Gateway GPRS Tunneling Protocol Denial of Service Vulnerability
A vulnerability in the General Packet Radio Service (GPRS) Tunneling Protocol ingress packet handler of Cisco ASR 5500 System Architecture Evolution (SAE) Gateways could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition on an affected device.
The vulnerability is due to improper input validation of GPRS Tunneling Protocol packet headers. An attacker could exploit this vulnerability by sending a malformed GPRS Tunneling Protocol packet to an affected device. A successful exploit could allow the attacker to cause the GTPUMGR process on an affected device to restart unexpectedly, resulting in a partial DoS condition. If the GTPUMGR process
Cisco
Cisco StarOS CLI Command Injection Vulnerability
vendor_cisco·2017-07-05·CVSS 8.2
CVE-2017-6707 [HIGH] CWE-78 Cisco StarOS CLI Command Injection Vulnerability
Cisco StarOS CLI Command Injection Vulnerability
A vulnerability in the CLI command-parsing code of the Cisco StarOS operating system for Cisco ASR 5000 Series, 5500 Series, and 5700 Series devices and Cisco Virtualized Packet Core (VPC) Software could allow an authenticated, local attacker to break from the StarOS CLI of an affected system and execute arbitrary shell commands as a Linux root user on the system.
The vulnerability exists because the affected operating system does not sufficiently sanitize commands before inserting them into Linux shell commands. An attacker could exploit this vulnerability by submitting a crafted CLI command for execution in a Linux shell command as a root user. A successful exploit could allow the attacker to break from the StarOS CLI and execute arbitra
Cisco
Cisco Network Convergence System 5500 Series Routers Local Denial of Service Vulnerability
vendor_cisco·2017-06-07·CVSS 6.0
CVE-2017-6666 [MEDIUM] CWE-399 Cisco Network Convergence System 5500 Series Routers Local Denial of Service Vulnerability
Cisco Network Convergence System 5500 Series Routers Local Denial of Service Vulnerability
A vulnerability in the forwarding component of Cisco IOS XR Software for Cisco Network Convergence System (NCS) 5500 Series Routers could allow an authenticated, local attacker to cause the router to stop forwarding data traffic across Traffic Engineering (TE) tunnels, resulting in a denial of service (DoS) condition.
The vulnerability occurs because adjacency information for a Traffic Engineering (TE) tunnel's physical source interface is not propagated to hardware after the adjacency is lost. This information needs to be relearned. An attacker could exploit this vulnerability by logging in to the router's CLI with administrator privileges and issuing the clear arp-cache command.
There are no wor
Cisco
Cisco StarOS SSH Privilege Escalation Vulnerability
vendor_cisco·2017-03-15·CVSS 8.8
CVE-2017-3819 [HIGH] CWE-264 Cisco StarOS SSH Privilege Escalation Vulnerability
Cisco StarOS SSH Privilege Escalation Vulnerability
A privilege escalation vulnerability in the Secure Shell (SSH) subsystem in the StarOS operating system for Cisco ASR 5000 Series, ASR 5500 Series, ASR 5700 Series devices, and Cisco Virtualized Packet Core could allow an authenticated, remote attacker to gain unrestricted, root shell access.
The vulnerability is due to missing input validation of parameters passed during SSH or SFTP login. An attacker could exploit this vulnerability by providing crafted user input to the SSH or SFTP command-line interface (CLI) during SSH or SFTP login. An exploit could allow an authenticated attacker to gain root privileges access on the router.
Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulner
Red Hat
jasper: Invalid exponent shift in jpc_calcabsstepsize() in jpc_dec.c
vendor_redhat·2016-10-28·CVSS 5.5
CVE-2017-5500 [MEDIUM] jasper: Invalid exponent shift in jpc_calcabsstepsize() in jpc_dec.c
jasper: Invalid exponent shift in jpc_calcabsstepsize() in jpc_dec.c
libjasper/jpc/jpc_dec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value.
Package: netpbm (Red Hat Enterprise Linux 5) - Not affected
Package: jasper (Red Hat Enterprise Linux 6) - Not affected
Package: jasper (Red Hat Enterprise Linux 7) - Not affected
Package: mingw-virt-viewer (Red Hat Enterprise Virtualization 3) - Not affected
Cisco
Cisco ASR 5500 System Architecture Evolution Gateway GPRS Tunneling Protocol Denial of Service Vulnerability
vendor_cisco·CVSS 3.0
CVE-2017-12217 Cisco ASR 5500 System Architecture Evolution Gateway GPRS Tunneling Protocol Denial of Service Vulnerability
CVE-2017-12217: Cisco ASR 5500 System Architecture Evolution Gateway GPRS Tunneling Protocol Denial of Service Vulnerability
A vulnerability in the General Packet Radio Service (GPRS) Tunneling Protocol ingress packet handler of Cisco ASR 5500 System Architecture Evolution (SAE) Gateways could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation of GPRS Tunneling Protocol packet headers. An attacker could exploit this vulnerability by sending a malformed GPRS Tunneling Protocol packet to an affected device. A successful exploit could allow the attacker to cause the GTPUMGR process on an affected device to restart unexpectedly, resulting in a partial DoS condition. If the G
Cisco
Cisco Network Convergence System 5500 Series Routers Local Denial of Service Vulnerability
vendor_cisco·CVSS 3.0
CVE-2017-6666 Cisco Network Convergence System 5500 Series Routers Local Denial of Service Vulnerability
CVE-2017-6666: Cisco Network Convergence System 5500 Series Routers Local Denial of Service Vulnerability
A vulnerability in the forwarding component of Cisco IOS XR Software for Cisco Network Convergence System (NCS) 5500 Series Routers could allow an authenticated, local attacker to cause the router to stop forwarding data traffic across Traffic Engineering (TE) tunnels, resulting in a denial of service (DoS) condition. The vulnerability occurs because adjacency information for a Traffic Engineering (TE) tunnel's physical source interface is not propagated to hardware after the adjacency is lost. This information needs to be relearned. An attacker could exploit this vulnerability by logging in to the router's CLI with administrator privileges and issuing the clear arp-cache command. Ther
Cisco
Cisco IOS XR Software Denial of Service Vulnerability
vendor_cisco·CVSS 3.0
CVE-2017-12270 Cisco IOS XR Software Denial of Service Vulnerability
CVE-2017-12270: Cisco IOS XR Software Denial of Service Vulnerability
A vulnerability in the gRPC code of Cisco IOS XR Software for Cisco Network Convergence System (NCS) 5500 Series Routers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition when the emsd service stops. The vulnerability is due to the software's inability to process HTTP/2 packets. An attacker could exploit this vulnerability by sending a malformed HTTP/2 frame to the affected device. A successful exploit could allow the attacker to create a DoS condition when the emsd service stops. There are no
CVSS: 3.0
CWE: CWE-119, CWE-119
Bug IDs: CSCvb99388
Cisco
Cisco StarOS CLI Command Injection Vulnerability
vendor_cisco·CVSS 3.0
CVE-2017-6707 Cisco StarOS CLI Command Injection Vulnerability
CVE-2017-6707: Cisco StarOS CLI Command Injection Vulnerability
A vulnerability in the CLI command-parsing code of the Cisco StarOS operating system for Cisco ASR 5000 Series, 5500 Series, and 5700 Series devices and Cisco Virtualized Packet Core (VPC) Software could allow an authenticated, local attacker to break from the StarOS CLI of an affected system and execute arbitrary shell commands as a Linux root user on the system. The vulnerability exists because the affected operating system does not sufficiently sanitize commands before inserting them into Linux shell commands. An attacker could exploit this vulnerability by submitting a crafted CLI command for execution in a Linux shell command as a root user. A successful exploit could allow the attacker to break from the StarOS CLI and ex
Cisco
Cisco StarOS SSH Privilege Escalation Vulnerability
vendor_cisco·CVSS 3.0
CVE-2017-3819 Cisco StarOS SSH Privilege Escalation Vulnerability
CVE-2017-3819: Cisco StarOS SSH Privilege Escalation Vulnerability
A privilege escalation vulnerability in the Secure Shell (SSH) subsystem in the StarOS operating system for Cisco ASR 5000 Series, ASR 5500 Series, ASR 5700 Series devices, and Cisco Virtualized Packet Core could allow an authenticated, remote attacker to gain unrestricted, root shell access. The vulnerability is due to missing input validation of parameters passed during SSH or SFTP login. An attacker could exploit this vulnerability by providing crafted user input to the SSH or SFTP command-line interface (CLI) during SSH or SFTP login. An exploit could allow an authenticated attacker to gain root privileges access on the router. Note: Only traffic directed to the affected system can be used to exploit this vulnerability.
GHSA
GHSA-7655-hvf9-c7q3: libjasper/jpc/jpc_dec
ghsa_unreviewed·2022-05-13
CVE-2017-5500 [MEDIUM] GHSA-7655-hvf9-c7q3: libjasper/jpc/jpc_dec
libjasper/jpc/jpc_dec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value.
OSV
CVE-2017-5500: libjasper/jpc/jpc_dec
osv·2017-03-01·CVSS 5.5
CVE-2017-5500 [MEDIUM] CVE-2017-5500: libjasper/jpc/jpc_dec
libjasper/jpc/jpc_dec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2017-5500 jasper: Invalid exponent shift in jpc_calcabsstepsize() in jpc_dec.c
bugzilla·2017-01-24·CVSS 5.5
CVE-2017-5500 [MEDIUM] CVE-2017-5500 jasper: Invalid exponent shift in jpc_calcabsstepsize() in jpc_dec.c
CVE-2017-5500 jasper: Invalid exponent shift in jpc_calcabsstepsize() in jpc_dec.c
A vulnerability was found in jasper. A crafted file could cause a crash via invalid exponent shift.
References:
http://seclists.org/oss-sec/2017/q1/101
Discussion:
Created mingw-jasper tracking bugs for this issue:
Affects: epel-7 [bug 1406409]
---
Created jasper tracking bugs for this issue:
Affects: epel-5 [bug 1406406]
---
Upstream bug report:
https://github.com/mdadams/jasper/issues/64
This issue has not been resolved upstream yet (the current upstream version is 2.0.12).
Reporter's advisory:
https://blogs.gentoo.org/ago/2017/01/16/jasper-multiple-crashes-with-ubsan/
Relevant information from the advisory:
With the undefined behavior sanitizer enabled, jasper crashes showing some left sh
Bugzilla
CVE-2016-9591 CVE-2016-9600 CVE-2017-5503 CVE-2017-5504 CVE-2017-5505 mingw-jasper: various flaws [epel-7]
bugzilla·2016-12-20·CVSS 5.5
CVE-2016-9591 [MEDIUM] CVE-2016-9591 CVE-2016-9600 CVE-2017-5503 CVE-2017-5504 CVE-2017-5505 mingw-jasper: various flaws [epel-7]
CVE-2016-9591 CVE-2016-9600 CVE-2017-5503 CVE-2017-5504 CVE-2017-5505 mingw-jasper: various flaws [epel-7]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of epel-7.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
Discussion:
Adding parent
Bugzilla
CVE-2016-9591 CVE-2016-9600 CVE-2017-5503 CVE-2017-5504 CVE-2017-5505 jasper: various flaws [epel-5]
bugzilla·2016-12-20·CVSS 5.5
CVE-2016-9591 [MEDIUM] CVE-2016-9591 CVE-2016-9600 CVE-2017-5503 CVE-2017-5504 CVE-2017-5505 jasper: various flaws [epel-5]
CVE-2016-9591 CVE-2016-9600 CVE-2017-5503 CVE-2017-5504 CVE-2017-5505 jasper: various flaws [epel-5]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of epel-5.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
Discussion:
Adding parent bug 14
2017-03-01
Published