glibc - getaddrinfo Stack Based Buffer Overflow (1)

Exploit for linux platform in category dos / poc Sources: https://googleonlinesecurity.blogspot.sg/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html https://github.com/fjserna/CVE-2015-7547 Technical information: glibc reserves 2048 bytes in the stack through alloca for the DNS answer at...

glibc - 'getaddrinfo' Stack Buffer Overflow (PoC)

Sources: https://googleonlinesecurity.blogspot.sg/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html https://github.com/fjserna/CVE-2015-7547 Technical information: glibc reserves 2048 bytes in the stack through alloca for the DNS answer at nssdnsgethostbyname4r for hosting responses to a DNS...

Delta Industrial Automation DCISoft 1.12.09 - Local Stack Buffer Overflow

Delta Industrial Automation DCISoft 1.12.09 - Local Stack Buffer Overflow !/usr/bin/env python Delta Industrial Automation DCISoft 1.12.09 Stack Buffer Overflow Exploit Vendor: Delta Electronics, Inc. Product web page: http://www.delta.com.tw Software link:...

pcre -- stack buffer overflow

Philip Hazel reports: PCRE does not validate that handling the ACCEPT verb will occur within the bounds of the cworkspace stack buffer, leading to a stack buffer overflow...

Trane Comfortlink II DSS Service Request Handling Remote Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0026 Trane Comfortlink II DSS Service Request Handling Remote Code Execution Vulnerability February 8, 2016 CVE Number CVE-2015-2868 Description An exploitable remote code execution vulnerability exists in the Trane ComfortLink II DSS service. An attacker who...

The vulnerabilities of the Advantech WebAccess remote monitoring software allow a intruder to execute arbitrary code.

The multiple vulnerabilities of the Advantech WebAccess remote monitoring software are caused by buffer overflow on the stack. Exploitation of these vulnerabilities could allow a malicious actor operating remotely to execute arbitrary code...

SUSE-SU-2016:0343-1 Security update for socat

This update for socat fixes the following issues: - CVE-2013-3571: Fix a file descriptor leak that could have been misused for a denial of service attack against socat running in server mode bsc821985 - CVE-2014-0019: PROXY-CONNECT address was vulnerable to a stack buffer overflow bsc860991 - Fix...

openSUSE: Security Advisory for mbedtls (openSUSE-SU-2015:2257-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Wireshark - dissect_nhdr_extopt Stack Buffer Overflow

Wireshark - dissectnhdrextopt Stack Buffer Overflow Source: https://code.google.com/p/google-security-research/issues/detail?id=696 The following crash due to a stack-based buffer overflow can be observed in an ASAN build of Wireshark current git master, by feeding a malformed file to tshark "$...

Wireshark - 'nettrace_3gpp_32_423_file_open' Stack Out-of-Bounds Read

Source: https://code.google.com/p/google-security-research/issues/detail?id=694 The following crash due to a stack-based out-of-bounds read can be observed in an ASAN build of Wireshark current git master, by feeding a malformed file to tshark "$ ./tshark -nVxr /path/to/file": --- cut ---...

Wireshark - dissect_nhdr_extopt Stack Buffer Overflow

Source: https://code.google.com/p/google-security-research/issues/detail?id=696 The following crash due to a stack-based buffer overflow can be observed in an ASAN build of Wireshark current git master, by feeding a malformed file to tshark "$ ./tshark -nVxr /path/to/file": --- cut ---...

Claws-Mail 'src/codeconv.c' Stack Buffer Overflow Vulnerability

Claws-Mail is a mail client product based on GTK+ development. Claws-Mail suffers from a stack buffer overflow vulnerability that could be exploited by remote attackers to submit a special request to crash the application or execute arbitrary code...

QEMU rocker.c 栈缓冲区溢出漏洞

No description provided by source...

Easy File Sharing Web Server HEAD HTTP request vulnerability

Added: 01/08/2016 Background Easy File Sharing Web Server is software that allows users to upload/download files to a server easily through a web browser, as well as providing a bulletin board system forum. Problem Easy File Sharing Web Server is vulnerable to a stack buffer overflow condition as...

(0Day) Proface GP-Pro EX Stack Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Proface GP-Pro EX. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within BeginPreRead...

Adobe AIR < 20.0.0.204 Multiple Vulnerabilities (APSB15-32)

Binary data 9043.prm...

X.Org libXfont BDF字体文件处理基于栈的缓冲区溢出漏洞

No description provided by source...

pdfium - CPDF_Function::Call Stack Buffer Overflow

pdfium - CPDFFunction::Call Stack Buffer Overflow Source: https://code.google.com/p/google-security-research/issues/detail?id=612 The following crash was encountered in pdfium the Chrome PDF renderer during PDF fuzzing: --- cut --- $ ./pdfiumtest...

FreeBSD : qemu -- stack buffer overflow while parsing SCSI commands (a267cd6c-b0c4-11e5-8d13-bc5ff45d0f28)

Prasad J Pandit, Red Hat Product Security Team, reports : Qemu emulator built with the SCSI device emulation support is vulnerable to a stack-based buffer overflow issue. It could occur while parsing SCSI command descriptor block with an invalid operation code. A privilegedCAPSYSRAWIO user inside...

pdfium - CPDF_Function::Call Stack Buffer Overflow

Source: https://code.google.com/p/google-security-research/issues/detail?id=612 The following crash was encountered in pdfium the Chrome PDF renderer during PDF fuzzing: --- cut --- $ ./pdfiumtest asanstack-oobb9a750137252559cc9c86b4bc0fb43218c7f69c5c8 Rendering PDF file...