38 matches found
Design/Logic Flaw
A vulnerability was found in Radare2 in versions prior to 5.6.2, 5.6.0, 5.5.4 and 5.5.2. Mapping a huge section filled with zeros of an ELF64 binary for MIPS architecture can lead to uncontrolled resource consumption and DoS...
CVE-2021-4021
A vulnerability was found in Radare2 in versions prior to 5.6.2, 5.6.0, 5.5.4 and 5.5.2. Mapping a huge section filled with zeros of an ELF64 binary for MIPS architecture can lead to uncontrolled resource consumption and DoS...
UBUNTU-CVE-2021-4021
A vulnerability was found in Radare2 in versions prior to 5.6.2, 5.6.0, 5.5.4 and 5.5.2. Mapping a huge section filled with zeros of an ELF64 binary for MIPS architecture can lead to uncontrolled resource consumption and DoS...
CVE-2021-4021
Radare2 is affected. CVE-2021-4021 targets Radare2 versions prior to 5.6.2, 5.6.0, 5.5.4 and 5.5.2. The vulnerability arises from mapping a large section filled with zeros of an ELF64 binary for the MIPS architecture, which can cause uncontrolled resource consumption and denial of service. Connec...
CVE-2021-4021
A vulnerability was found in Radare2 in versions prior to 5.6.2, 5.6.0, 5.5.4 and 5.5.2. Mapping a huge section filled with zeros of an ELF64 binary for MIPS architecture can lead to uncontrolled resource consumption and DoS...
CVE-2021-4021
A vulnerability was found in Radare2 in versions prior to 5.6.2, 5.6.0, 5.5.4 and 5.5.2. Mapping a huge section filled with zeros of an ELF64 binary for MIPS architecture can lead to uncontrolled resource consumption and DoS...
CVE-2021-4021
A vulnerability was found in Radare2 in versions prior to 5.6.2, 5.6.0, 5.5.4 and 5.5.2. Mapping a huge section filled with zeros of an ELF64 binary for MIPS architecture can lead to uncontrolled resource consumption and DoS...
Heaptrace - Helps Visualize Heap Operations For Pwn And Debugging
heaptrace is a heap debugger for tracking glibc heap operations in ELF64 x8664 binaries. Its purpose is to help visualize heap operations when debugging binaries or doing heap pwn. replaces addresses with easy-to-understand symbols detects heap corruption and memory leakage issues can debug in gd...
PT-2021-6935 · Rizin · Rizin
Name of the Vulnerable Software and Affected Versions: rizin affected versions not specified Description: A vulnerability was found in rizin, related to the analysis of ELF64 binaries for the HPPA architecture. When a specially crafted binary is analyzed by rizin, it causes rizin to crash by...
PT-2022-8863 · Upx +1 · Upx +1
Name of the Vulnerable Software and Affected Versions: UPX affected versions not specified Description: An out-of-bounds read access issue was discovered in the PackLinuxElf64::canPack function of the p lx elf.cpp file. This could be triggered by an attacker using a crafted input file, potentiall...
Linux/ARM64 - Reverse (127.0.0.1:4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (128 bytes)
/ Title: Linux/ARM64 - Reverse 127.0.0.1:4444/TCP Shell /bin/sh + Null-Free Shellcode 128 bytes Date: 2019-06-30 Tested: Ubuntu 16.04 aarch64 Author: Ken Kitahara Compilation: gcc -o loader loader.c ubuntu@ubuntu:/works$ lsbrelease -a No LSB modules are available. Distributor ID: Ubuntu...
PT-2019-1676 · Red Hat +5 · Elfutils +6
Name of the Vulnerable Software and Affected Versions: elfutils version 0.175 Description: An issue in the elf64 xlatetom function in libelf/elf32 xlatetom.c can cause a segmentation fault due to dwfl segment report module not checking whether the dyn data read from a core file is truncated. A...
UBUNTU-CVE-2018-11243
PackLinuxElf64::unpack in plxelf.cpp in UPX 3.95 allows remote attackers to cause a denial of service double free, limit the ability of a malware scanner to operate on the entire original data, or possibly have unspecified other impact via a crafted file...
CVE-2017-14974
The getsyntheticsymtab functions in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, mishandle the failure of a certain canonicalization step, which allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a...
CVE-2017-14974
CVE-2017-14974 affects the Binary File Descriptor (BFD) library in GNU Binutils 2.29. The _get_synthetic_symtab functions mishandle the failure of a canonicalization step, which can trigger a NULL pointer dereference when processing crafted ELF files. This results in a denial of service (applicat...
Integer overflow
The getsyntheticsymtab functions in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, interpret a -1 value as a sorting count instead of an error flag, which allows remote attackers to cause a denial of service integer overflow and application crash or possib...
SuSE 11.3 Security Update : clamav (SAT Patch Number 9036)
The antivirus scanner ClamAV has been updated to version 0.98.1, which includes the following fixes : - Code quality fixes in libclamav, clamd, sigtool, clamav-milter, clamconf, and clamdtop. - Code quality fixes in libclamav, libclamunrar and freshclam. - bb 8385: a PDF ASCII85Decode zero-length...
[Volatility v2.3] The advanced memory forensics framework (Support of OSX)
The Volatility Framework is a completely open collection of tools, implemented in Python under the GNU General Public License, for the extraction of digital artifacts from volatile memory RAM samples. The extraction techniques are performed completely independent of the system being investigated...