Netwrix Auditor 7.1.322.0 - ActiveX 'sourceFile' Stack Buffer Overflow

Netwrix Auditor 7.1.322.0 ActiveX sourceFile Stack Buffer Overflow Vulnerability Vendor: Netwrix Corporation Product web page: http://www.netwrix.com Affected version: 7.1 Build 322 Summary: Netwrix Auditor is an IT audit software that maximizes visibility of IT infrastructure changes and data...

Netwrix Auditor 7.1.322.0 ActiveX (sourceFile) Stack Buffer Overflow

Netwrix Auditor 7.1.322.0 ActiveX sourceFile Stack Buffer Overflow Vulnerability Vendor: Netwrix Corporation Product web page: http://www.netwrix.com Affected version: 7.1 Build 322 Summary: Netwrix Auditor is an IT audit software that maximizes visibility of IT infrastructure changes and data...

Netwrix Auditor 7.1.322.0 ActiveX (sourceFile) Stack Buffer Overflow Vulnerability

Summary Netwrix Auditor is an IT audit software that maximizes visibility of IT infrastructure changes and data access. The product provides actionable audit data about who changed what, when and where and who has access to what. Description The application suffers from a stack-based buffer...

Putty pscp 0.66 - Stack Buffer Overwrite

Source: https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-2563 Author: Date: Feb 20th, 2016 Name: putty Vendor: sgtatham - http://www.chiark.greenend.org.uk/sgtatham/putty/ Version: 0.59 3 9 years ago = affected = 0.66 Platforms: win/nix Technology: c Vuln Classes: stack buffer overwrite...

Putty pscp 0.66 - Stack Buffer Overwrite

Exploit for multiple platform in category dos / poc Source: https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-2563 Author: Date: Feb 20th, 2016 Name: putty Vendor: sgtatham - http://www.chiark.greenend.org.uk/sgtatham/putty/ Version: 0.59 3 9 years ago = affected = 0.66 Platforms: win/ni...

Putty pscp 0.66 - Stack Buffer Overwrite

Putty pscp 0.66 - Stack Buffer Overwrite Source: https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-2563 Author: Date: Feb 20th, 2016 Name: putty Vendor: sgtatham - http://www.chiark.greenend.org.uk/sgtatham/putty/ Version: 0.59 3 9 years ago = affected = 0.66 Platforms: win/nix Technolog...

Internet Bug Bounty: putty pscp client-side post-auth stack buffer overwrite when processing remote file size

Not sure if this will qualify but it may impact a pretty broad audience given the fact that putty code is part of many other apps filezilla, ... and it is the defacto standalone ssh client for windows administrators besides openssh cygwin putty = 0.66; affects putty versions dating back 9 years...

Debian DLA-441-1 : pcre3 security update

HP's Zero Day Initiative has identified a vulnerability affecting the pcre3 package. It was assigned ZDI id ZDI-CAN-3542. A CVE identifier has not been assigned yet. PCRE Regular Expression Compilation Stack Buffer Overflow Remote Code Execution Vulnerability. PCRE did not validate that handling...

PHP < 5.4.43, 5.5.x < 5.5.27, 5.6.x < 5.6.11 Multiple Vulnerabilities (Mar 2016) - Linux

PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

VMware ESXi updates address a critical glibc security vulnerability (VMSA-2016-0002)

VMware product updates address a critical glibc security vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

glibc - getaddrinfo Stack Based Buffer Overflow (1)

Exploit for linux platform in category dos / poc Sources: https://googleonlinesecurity.blogspot.sg/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html https://github.com/fjserna/CVE-2015-7547 Technical information: glibc reserves 2048 bytes in the stack through alloca for the DNS answer at...

glibc - &#039;getaddrinfo&#039; Stack Buffer Overflow (PoC)

Sources: https://googleonlinesecurity.blogspot.sg/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html https://github.com/fjserna/CVE-2015-7547 Technical information: glibc reserves 2048 bytes in the stack through alloca for the DNS answer at nssdnsgethostbyname4r for hosting responses to a DNS...

Delta Industrial Automation DCISoft 1.12.09 - Local Stack Buffer Overflow

Delta Industrial Automation DCISoft 1.12.09 - Local Stack Buffer Overflow !/usr/bin/env python Delta Industrial Automation DCISoft 1.12.09 Stack Buffer Overflow Exploit Vendor: Delta Electronics, Inc. Product web page: http://www.delta.com.tw Software link:...

pcre -- stack buffer overflow

Philip Hazel reports: PCRE does not validate that handling the ACCEPT verb will occur within the bounds of the cworkspace stack buffer, leading to a stack buffer overflow...

Trane Comfortlink II DSS Service Request Handling Remote Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0026 Trane Comfortlink II DSS Service Request Handling Remote Code Execution Vulnerability February 8, 2016 CVE Number CVE-2015-2868 Description An exploitable remote code execution vulnerability exists in the Trane ComfortLink II DSS service. An attacker who...

SUSE-SU-2016:0343-1 Security update for socat

This update for socat fixes the following issues: - CVE-2013-3571: Fix a file descriptor leak that could have been misused for a denial of service attack against socat running in server mode bsc821985 - CVE-2014-0019: PROXY-CONNECT address was vulnerable to a stack buffer overflow bsc860991 - Fix...

openSUSE: Security Advisory for mbedtls (openSUSE-SU-2015:2257-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Wireshark - dissect_nhdr_extopt Stack Buffer Overflow

Wireshark - dissectnhdrextopt Stack Buffer Overflow Source: https://code.google.com/p/google-security-research/issues/detail?id=696 The following crash due to a stack-based buffer overflow can be observed in an ASAN build of Wireshark current git master, by feeding a malformed file to tshark "$...

Wireshark - dissect_nhdr_extopt Stack Based Buffer Overflow

Exploit for multiple platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=696 The following crash due to a stack-based buffer overflow can be observed in an ASAN build of Wireshark current git master, by feeding a malformed file to tshark "$...

Wireshark - dissect_nhdr_extopt Stack Buffer Overflow

Source: https://code.google.com/p/google-security-research/issues/detail?id=696 The following crash due to a stack-based buffer overflow can be observed in an ASAN build of Wireshark current git master, by feeding a malformed file to tshark "$ ./tshark -nVxr /path/to/file": --- cut ---...