Debian: Security Advisory (DSA-3746-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Libical Heap Buffer Overflow Vulnerability

Libical is an open source implementation of the icalendar protocol and protocol data units. A stack buffer overflow vulnerability exists in libical. An attacker could exploit this vulnerability to crash an affected program, resulting in a denial of service...

DCMTK 3.6.0 storescp - Stack Buffer Overflow Exploit

Exploit for linux platform in category dos / poc !/usr/bin/env python -- coding: utf8 -- DCMTK storescp DICOM storage C-STORE SCP Remote Stack Buffer Overflow Vendor: OFFIS e. V. Product web page: http://www.dcmtk.org Affected version: = 3.6.0 Not affected: DCMTK-3.6.120160216 -...

ConQuest DICOM Server 1.4.17d - Stack Buffer Overflow Exploit

Exploit for windows platform in category dos / poc !/usr/bin/env python -- coding: utf8 -- ConQuest DICOM Server 1.4.17d Remote Stack Buffer Overflow RCE Vendor: University of Manchester. Developed by Marcel van Herk, Lambert Zijp and Jan Meinders. The Netherlands Cancer Institute Product web pag...

Horos 2.1.0 DICOM Medical Image Viewer - Denial of Service Exploit

Exploit for macOS platform in category dos / poc !/usr/bin/env python -- coding: utf8 -- Horos 2.1.0 DICOM Medical Image Viewer Remote Memory Overflow Vulnerability Vendor: Horos Project Product web page: https://www.horosproject.org Affected version: 2.1.0 Summary: Horos™ is an open-source, free...

Orthanc DICOM Server 1.1.0 - Memory Corruption

!/usr/bin/env python -- coding: utf8 -- Orthanc DICOM Server 1.1.0 Remote Memory Corruption Vulnerability Vendor: Sébastien Jodogne Product web page: http://www.orthanc-server.com Affected version: 1.1.0 Summary: Orthanc is a Belgian, open-source, lightweight RESTful DICOM server for healthcare a...

Fatek Automation Communication Server Stack Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Fatek Automation Communication Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of query requests. An overly long string sent while...

Samsung Devices KNOX Extensions - OTP TrustZone Trustlet Stack Buffer Overflow

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=938 As a part of the KNOX extensions available on Samsung devices, Samsung provides a TrustZone trustlet which allows the generation of OTP tokens. The tokens themselves are generated in a TrustZone application within the TEE UID...

[ASA-201612-9] jasper: multiple issues

Arch Linux Security Advisory ASA-201612-9 ========================================= Severity: Critical Date : 2016-12-07 CVE-ID : CVE-2015-5203 CVE-2015-8751 CVE-2016-2089 CVE-2016-8690 CVE-2016-8691 CVE-2016-8692 CVE-2016-8693 CVE-2016-8884 CVE-2016-8885 CVE-2016-8887 CVE-2016-9262 CVE-2016-9387...

Extreme ExtremeXOS glibc Vulnerability (VN-2016-003)

Extreme ExtremeXOS is prone to a vulnerability in glibc. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:extremenetworks:exos"; i...

Jasper 'jpc_tsfb.c' Stack Buffer Overflow Vulnerability

JasPer is an open source implementation of the JPEG-2000 codec . Jasper 'jpctsfb.c' suffers from a stack buffer overflow vulnerability due to a failure to adequately copy user-supplied data into a buffer. An attacker could use this vulnerability to execute arbitrary script code in the context of ...

Dlink DIR Routers - Unauthenticated HNAP Login Stack Buffer Overflow (Metasploit) Exploit

Exploit for hardware platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' Payload working status: MIPS: - all valid payloads working the ones that we are able to send...

Dlink DIR Routers Unauthenticated HNAP Login Stack Buffer Overflow

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' Payload working status: MIPS: - all valid payloads working the ones that we are able to send without null bytes ARM: - inline rev/bind shell works...

Palo Alto Networks PanOS appweb3 - Stack Buffer Overflow Vulnerability

Exploit for linux platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=908 Palo Alto Networks have published a fix for this issue: http://securityadvisories.paloaltonetworks.com/Home/Detail/68 PanOS uses a modified version of the appweb3 embedded...

Palo Alto Networks PanOS - appweb3 Stack Buffer Overflow

Palo Alto Networks PanOS - appweb3 Stack Buffer Overflow Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=908 Palo Alto Networks have published a fix for this issue: http://securityadvisories.paloaltonetworks.com/Home/Detail/68 PanOS uses a modified version of the appweb3 embedde...

Palo Alto Networks PanOS - appweb3 Stack Buffer Overflow

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=908 Palo Alto Networks have published a fix for this issue: http://securityadvisories.paloaltonetworks.com/Home/Detail/68 PanOS uses a modified version of the appweb3 embedded webserver, it's used for a variety of tasks and is...

openSUSE Security Update : php5 (openSUSE-2016-1308)

This update for php5 fixes the following security issues : - CVE-2016-7568: A specially crafted image file could cause an application crash or potentially execute arbitrary code when the image is converted to webp bsc1001900 - CVE-2016-8670: Stack Buffer Overflow in GD dynamicGetbuf bsc1004924 -...

openSUSE Security Update : php5 (openSUSE-2016-1321)

This update for php5 fixes the following security issues : - CVE-2016-7568: A specially crafted image file could cause an application crash or potentially execute arbitrary code when the image is converted to webp bsc1001900 - CVE-2016-8670: Stack Buffer Overflow in GD dynamicGetbuf bsc1004924 -...

Updated gnuchess packages fix security vulnerability

gnuchess before 6.2.4 is vulnerable to a stack buffer overflow related to user move input, where 160 characters of input can crash gnuchess CVE-2015-8972...

MGASA-2016-0390 Updated gnuchess packages fix security vulnerability

gnuchess before 6.2.4 is vulnerable to a stack buffer overflow related to user move input, where 160 characters of input can crash gnuchess CVE-2015-8972...