305 matches found
Symantec AntiVirus - Unpacking RAR Multiple Remote Memory Corruptions
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=810 A major component of the Symantec Antivirus scan engine is the "Decomposer", responsible for unpacking various archive formats such as ZIP, RAR, and so on. The decomposer runs as NT AUTHORITY\SYSTEM on Windows, and root on Linu...
TarDiff User Privilege Gain Vulnerability
TarDiff is a package comparison tool developed by software developer Josef Spillner. A privilege-acquisition vulnerability exists in TarDiff that stems from the use of predictable temporary directories for tarballs unpacking files. An attacker could exploit the vulnerability to overwrite files wi...
Debian DSA-3562-1 : tardiff - security update
Several vulnerabilities were discovered in tardiff, a tarball comparison tool. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2015-0857 Rainer Mueller and Florian Weimer discovered that tardiff is prone to shell command injections via shell...
The vulnerability of the Kaspersky Anti-Virus antivirus protection allows a hacker to trigger a service failure or execute arbitrary code.
The vulnerability of Kaspersky Anti-Virus lies in a memory corruption that occurs during the unpacking of executable files. Exploiting this vulnerability allows an attacker to cause service failures or execute arbitrary code using the executable file packed by the “Yoda’s Protector” tool, during...
Kaspersky AntiVirus - PE Unpacking Integer Overflow
Kaspersky AntiVirus - PE Unpacking Integer Overflow Source: https://code.google.com/p/google-security-research/issues/detail?id=526 Fuzzing of packed executables found the attached crash. 0:022 g 83c.bbc: Access violation - code c0000005 first chance First chance exceptions are reported before an...
Kaspersky AntiVirus - PE Unpacking Integer Overflow
Source: https://code.google.com/p/google-security-research/issues/detail?id=526 Fuzzing of packed executables found the attached crash. 0:022 g 83c.bbc: Access violation - code c0000005 first chance First chance exceptions are reported before any exception handling. This exception may be expected...
Reverse router firmware of sensitive information leaked Part2-vulnerability warning-the black bar safety net
Previous articledescribes in detail the various unpacking the router firmware tools. Unpacking after you get the firmware file. The next step is to analyze the files looking for vulnerabilities. This time the goal of the analysis is a Trendnet Router, the analysis of the vulnerability is a remote...
Belkin F9K1111 firmware vulnerability analysis-vulnerability warning-the black bar safety net
Recently, we noticed that the HP DVLabs has been in the Belkin(Belkin) N300 Dual-Band WiFi range Extender(F9K1111 in at least 1 0 a vulnerability. In response, the Belkin just released the version number is 1. 0 4. 1 0 firmware. Because this is the F9K1111 the first update release, but there is n...
clamav: multiple issues
CVE-2015-2170 denial of service A flaw has been found in the UPX decoder with crafted files. During unpacking there are two range checks which are implemented "manually". Those checks lack the detection of overflows which are considered by the CLIISCONTAINED macro. - CVE-2015-2221 denial of...
docker: Escalation of privileges during decompression of LZMA archives
A flaw was found in the way the Docker service unpacked images or builds after a "docker pull". An attacker could use this flaw to provide a malicious image or build that, when unpacked, would escalate their privileges on the system...
RPEF - Abstracts and expedites the process of backdooring stock firmware images for consumer/SOHO routers
Router Post-Exploitation Framework Currently, the framework includes a number of firmware image modules: 'Verified' - This module is confirmed to work and is stable. 'Unverified' - This module is believed to work or should work with little additional effort, but awaits being tested on a physical...
openSUSE Security Update : pigz (openSUSE-SU-2013:0540-1)
pigz incorrectly used world writeable permissions during unpacking CVE-2013-0296. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2013-258. The text description of this plugin is C SU...
USN-2242-1 dpkg vulnerabilities
It was discovered that dpkg incorrectly handled certain patches when unpacking source packages. If a user or an automated system were tricked into unpacking a specially crafted source package, a remote attacker could modify files outside the target unpack directory, leading to a denial of service...
Ubuntu: Security Advisory (USN-2183-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu Update for dpkg USN-2183-1
Check for the Version of dpkg OpenVAS Vulnerability Test $Id: gbubuntuUSN21831.nasl 7957 2017-12-01 06:40:08Z santu $ Ubuntu Update for dpkg USN-2183-1 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you...
DEBIAN-CVE-2014-0471
Directory traversal vulnerability in the unpacking functionality in dpkg before 1.15.9, 1.16.x before 1.16.13, and 1.17.x before 1.17.8 allows remote attackers to write arbitrary files via a crafted source package, related to "C-style filename quoting."...
Directory traversal
Directory traversal vulnerability in the unpacking functionality in dpkg before 1.15.9, 1.16.x before 1.16.13, and 1.17.x before 1.17.8 allows remote attackers to write arbitrary files via a crafted source package, related to "C-style filename quoting."...
CVE-2014-0471
Directory traversal vulnerability in the unpacking functionality in dpkg before 1.15.9, 1.16.x before 1.16.13, and 1.17.x before 1.17.8 allows remote attackers to write arbitrary files via a crafted source package, related to "C-style filename quoting."...
USN-2183-1 dpkg vulnerability
Jakub Wilk discovered that dpkg incorrectly certain paths and symlinks when unpacking source packages. If a user or an automated system were tricked into unpacking a specially crafted source package, a remote attacker could modify files outside the target unpack directory, leading to a denial of...
CVE-2014-0471
Directory traversal vulnerability in the unpacking functionality in dpkg before 1.15.9, 1.16.x before 1.16.13, and 1.17.x before 1.17.8 allows remote attackers to write arbitrary files via a crafted source package, related to "C-style filename quoting."...