DEBIAN-CVE-2017-15601

In GNU Libextractor 1.4, there is a heap-based buffer overflow in the EXTRACTORpngextractmethod function in plugins/pngextractor.c, related to processiTXt and stndup...

UBUNTU-CVE-2017-15602

In GNU Libextractor 1.4, there is an integer signedness error for the chunk size in the EXTRACTORnsfeextractmethod function in plugins/nsfeextractor.c, leading to an infinite loop for a crafted size...

DEBIAN-CVE-2017-15600

In GNU Libextractor 1.4, there is a NULL Pointer Dereference in the EXTRACTORnsfextractmethod function of plugins/nsfextractor.c...

UBUNTU-CVE-2017-15601

In GNU Libextractor 1.4, there is a heap-based buffer overflow in the EXTRACTORpngextractmethod function in plugins/pngextractor.c, related to processiTXt and stndup...

CVE-2017-15601

In GNU Libextractor 1.4, there is a heap-based buffer overflow in the EXTRACTORpngextractmethod function in plugins/pngextractor.c, related to processiTXt and stndup...

CVE-2017-15601

In GNU Libextractor 1.4, there is a heap-based buffer overflow in the EXTRACTORpngextractmethod function in plugins/pngextractor.c, related to processiTXt and stndup...

GNU Libextractor Denial of Service Vulnerability

GNU Libextractor is a set of libraries developed by the GNU Project for extracting metadata from files. A denial of service vulnerability exists in the 'EXTRACTORwavextractmethod' method of the wavextractor.c file in GNU Libextractor version 1.4, which stems from the program failing to detect the...

UBUNTU-CVE-2017-15266

In GNU Libextractor 1.4, there is a Divide-By-Zero in EXTRACTORwavextractmethod in wavextractor.c via a zero sample rate...

DEBIAN-CVE-2017-15266

In GNU Libextractor 1.4, there is a Divide-By-Zero in EXTRACTORwavextractmethod in wavextractor.c via a zero sample rate...

DEBIAN-CVE-2017-15267

In GNU Libextractor 1.4, there is a NULL Pointer Dereference in flacmetadata in flacextractor.c...

UBUNTU-CVE-2017-15267

In GNU Libextractor 1.4, there is a NULL Pointer Dereference in flacmetadata in flacextractor.c...

BitCracker - BitLocker Password Cracking Tool (Windows Encryption Tool)

BitLocker is a full-disk encryption feature available in recent Windows versions Vista, 7, 8.1 and 10 Pro and Enterprise. BitCracker is a mono-GPU password cracking tool for memory units encrypted with the password authentication mode of BitLocker see picture below. Our attack has been tested on...

Open Source BitLocker Password Cracking Tool: BitCracker

BitCracker is the first open source BitLocker password cracking tool. BitLocker is a full-disk encryption feature available in recent Windows versions Vista, 7, 8.1 and 10 Pro and Enterprise. BitCracker is a mono-GPU password cracking tool for memory units encrypted with the password authenticati...

UPDATE: Cuckoo Sandbox 2.0.4

PenTestIT RSS Feed My previous post was about this open source, malware analysis automation framework - Cuckoo Sandbox 2.0.0. This post however, is about an update made to the framework. We now have Cuckoo Sandbox 2.0.4 which include a number of important improvements simplifying and improving yo...

The vulnerability in the FLACExtractor.cpp function of the libstagefright service in the Mediaserver application of the Android operating system allows a hacker to induce a service failure.

The vulnerability of the FLACExtractor.cpp function in the libstagefright service of the Android Mediaserver application arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to trigger a service failure memory corruption...

UBUNTU-CVE-2017-0592

A remote code execution vulnerability in FLACExtractor.cpp in libstagefright in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution...

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference. The function TextExtractor::ExtractText in TextExtractor.cpp:77 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted PDF document...

DEBIAN-CVE-2017-7994

The function TextExtractor::ExtractText in TextExtractor.cpp:77 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted PDF document...

Linux Memory Extractor: LiME

Linux Memory Extractor LiME formerly DMD is A Loadable Kernel Module LKM which allows for volatile memory acquisition from Linux and Linux-based devices, such as Android. This makes LiME unique as it is the first tool that allows for full memory captures on Android devices. It also minimizes its...

Canon IR-ADV Password Extractor

An authentication bypass vulnerability exists in Canon IR-ADV. A remote attacker can exploit this vulnerability by extracting the passwords from address books on various Canon IR-Adv mfp devices...