gnutls: Stack-buffer-overflow in cdk_pk_get_keyid

Project: https://gitlab.com/gnutls/gnutls.git Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=6746150208012288 Project: gnutls Fuzzer: libFuzzergnutlsopenpgpcertparserfuzzer Fuzz target binary: gnutlsopenpgpcertparserfuzzer Job Type: libfuzzerasangnutls Platform Id: linux...

NETGEAR WNR2000v5 (Un)authenticated hidden_lang_avi Stack Buffer Overflow

The NETGEAR WNR2000 router has a stack buffer overflow vulnerability in the hiddenlangavi parameter. In order to exploit it, it is necessary to guess the value of a certain timestamp which is in the configuration of the router. An authenticated attacker can simply fetch this from a page, but an...

Debian: Security Advisory (DSA-3746-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Libical Heap Buffer Overflow Vulnerability

Libical is an open source implementation of the icalendar protocol and protocol data units. A stack buffer overflow vulnerability exists in libical. An attacker could exploit this vulnerability to crash an affected program, resulting in a denial of service...

ConQuest DICOM Server 1.4.17d - Stack Buffer (PoC)

ConQuest DICOM Server 1.4.17d - Stack Buffer PoC !/usr/bin/env python -- coding: utf8 -- ConQuest DICOM Server 1.4.17d Remote Stack Buffer Overflow RCE Vendor: University of Manchester. Developed by Marcel van Herk, Lambert Zijp and Jan Meinders. The Netherlands Cancer Institute Product web page:...

ConQuest DICOM Server 1.4.17d Remote Stack Buffer Overflow

!/usr/bin/env python -- coding: utf8 -- ConQuest DICOM Server 1.4.17d Remote Stack Buffer Overflow RCE Vendor: University of Manchester. Developed by Marcel van Herk, Lambert Zijp and Jan Meinders. The Netherlands Cancer Institute Product web page: https://ingenium.home.xs4all.nl/dicom.html |...

ConQuest DICOM Server 1.4.17d - Stack Buffer Overflow Exploit

Exploit for windows platform in category dos / poc !/usr/bin/env python -- coding: utf8 -- ConQuest DICOM Server 1.4.17d Remote Stack Buffer Overflow RCE Vendor: University of Manchester. Developed by Marcel van Herk, Lambert Zijp and Jan Meinders. The Netherlands Cancer Institute Product web pag...

Horos 2.1.0 DICOM Medical Image Viewer Remote Memory Overflow Vulnerability

Summary Horos™ is an open-source, free medical image viewer. The goal of the Horos Project is to develop a fully functional, 64-bit medical image viewer for OS X. Horos is based upon OsiriX and other open source medical imaging libraries. Description The vulnerability is caused due to the usage o...

DCMTK 3.6.0 storescp - Stack Buffer Overflow Exploit

Exploit for linux platform in category dos / poc !/usr/bin/env python -- coding: utf8 -- DCMTK storescp DICOM storage C-STORE SCP Remote Stack Buffer Overflow Vendor: OFFIS e. V. Product web page: http://www.dcmtk.org Affected version: = 3.6.0 Not affected: DCMTK-3.6.120160216 -...

Horos 2.1.0 DICOM Medical Image Viewer - Denial of Service Exploit

Exploit for macOS platform in category dos / poc !/usr/bin/env python -- coding: utf8 -- Horos 2.1.0 DICOM Medical Image Viewer Remote Memory Overflow Vulnerability Vendor: Horos Project Product web page: https://www.horosproject.org Affected version: 2.1.0 Summary: Horos™ is an open-source, free...

Orthanc DICOM Server 1.1.0 - Memory Corruption

!/usr/bin/env python -- coding: utf8 -- Orthanc DICOM Server 1.1.0 Remote Memory Corruption Vulnerability Vendor: Sébastien Jodogne Product web page: http://www.orthanc-server.com Affected version: 1.1.0 Summary: Orthanc is a Belgian, open-source, lightweight RESTful DICOM server for healthcare a...

Autodesk Design Review BMP Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Autodesk Design Review. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Fatek Automation Communication Server Stack Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Fatek Automation Communication Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of query requests. An overly long string sent while...

Samsung Devices KNOX Extensions - OTP TrustZone Trustlet Stack Buffer Overflow

Samsung Devices KNOX Extensions - OTP TrustZone Trustlet Stack Buffer Overflow / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=938 As a part of the KNOX extensions available on Samsung devices, Samsung provides a TrustZone trustlet which allows the generation of OTP tokens. Th...

Samsung Devices KNOX Extensions - OTP TrustZone Trustlet Stack Buffer Overflow

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=938 As a part of the KNOX extensions available on Samsung devices, Samsung provides a TrustZone trustlet which allows the generation of OTP tokens. The tokens themselves are generated in a TrustZone application within the TEE UID...

[ASA-201612-9] jasper: multiple issues

Arch Linux Security Advisory ASA-201612-9 ========================================= Severity: Critical Date : 2016-12-07 CVE-ID : CVE-2015-5203 CVE-2015-8751 CVE-2016-2089 CVE-2016-8690 CVE-2016-8691 CVE-2016-8692 CVE-2016-8693 CVE-2016-8884 CVE-2016-8885 CVE-2016-8887 CVE-2016-9262 CVE-2016-9387...

Extreme ExtremeXOS glibc Vulnerability (VN-2016-003)

Extreme ExtremeXOS is prone to a vulnerability in glibc. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:extremenetworks:exos"; i...

Dlink DIR Routers - Unauthenticated HNAP Login Stack Buffer Overflow (Metasploit) Exploit

Exploit for hardware platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' Payload working status: MIPS: - all valid payloads working the ones that we are able to send...

Jasper 'jpc_tsfb.c' Stack Buffer Overflow Vulnerability

JasPer is an open source implementation of the JPEG-2000 codec . Jasper 'jpctsfb.c' suffers from a stack buffer overflow vulnerability due to a failure to adequately copy user-supplied data into a buffer. An attacker could use this vulnerability to execute arbitrary script code in the context of ...

Dlink DIR Routers Unauthenticated HNAP Login Stack Buffer Overflow

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' Payload working status: MIPS: - all valid payloads working the ones that we are able to send without null bytes ARM: - inline rev/bind shell works...