Debian: Security Advisory (DLA-2518-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-2518-1 : cairo security update

LibreOffice slideshow aborts with stack smashing in cairos compositeboxes. For Debian 9 stretch, this problem has been fixed in version 1.14.8-1+deb9u1. We recommend that you upgrade your cairo packages. For the detailed security status of cairo please refer to its security tracker page at:...

CVE-2014-5439

Multiple Stack-based Buffer Overflow vulnerabilities exists in Sniffit prior to 0.3.7 via a crafted configuration file that will bypass Non-eXecutable bit NX, stack smashing protector SSP, and address space layout randomization ASLR protection mechanisms, which could let a malicious user execute...

CVE-2014-5439

Multiple Stack-based Buffer Overflow vulnerabilities exists in Sniffit prior to 0.3.7 via a crafted configuration file that will bypass Non-eXecutable bit NX, stack smashing protector SSP, and address space layout randomization ASLR protection mechanisms, which could let a malicious user execute...

Internet Bug Bounty: tcpdump: CVE-2018-14879 - buffer overflow in tcpdump.c:get_next_file()

The release of tcpdump 4.9.3 brought many bug fixes, including one I submitted, CVE-2018-14879. The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:getnextfile. ==2288==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7ffe363769bf at pc...

Design/Logic Flaw

An issue was discovered in the MQTT server in Contiki-NG before 4.2. The function parsepublishvhdr that parses MQTT PUBLISH messages with a variable length header uses memcpy to input data into a fixed size buffer. The allocated buffer can fit only MQTTMAXTOPICLENGTH default 64 bytes, and a lengt...

CVE-2018-19417

An issue was discovered in the MQTT server in Contiki-NG before 4.2. The function parsepublishvhdr that parses MQTT PUBLISH messages with a variable length header uses memcpy to input data into a fixed size buffer. The allocated buffer can fit only MQTTMAXTOPICLENGTH default 64 bytes, and a lengt...

libiec61850 1.3 - Stack Based Buffer Overflow

Exploit Title: libiec61850 1.3 - Stack Based Buffer Overflow Date: 2018-11-06 Exploit Author: Dhiraj Mishra Vendor Homepage: http://libiec61850.com/libiec61850/ Software Link: https://github.com/mz-automation/libiec61850 Version: 1.3 Tested on: Linux 4.15.0-38-generic CVE: CVE-2018-18957...

CentOS Update for gcab CESA-2018:0350 centos7

Check the version of gcab SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882844";...

CentOS 7 : gcab (CESA-2018:0350)

An update for gcab is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

gcab, libgcab1 security update

CentOS Errata and Security Advisory CESA-2018:0350 An update for gcab is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Buffer overflow

Binaries compiled against targets that use the libssp library in GCC for stack smashing protection SSP might allow local users to perform buffer overflow attacks by leveraging lack of the Object Size Checking feature...

CVE-2016-4973

Binaries compiled against targets that use the libssp library in GCC for stack smashing protection SSP might allow local users to perform buffer overflow attacks by leveraging lack of the Object Size Checking feature...

CVE-2016-4973

Binaries compiled against targets that use the libssp library in GCC for stack smashing protection SSP might allow local users to perform buffer overflow attacks by leveraging lack of the Object Size Checking feature...

CVE-2016-4973

Binaries compiled against targets that use the libssp library in GCC for stack smashing protection SSP might allow local users to perform buffer overflow attacks by leveraging lack of the Object Size Checking feature...

CVE-2016-4973

Binaries compiled against targets that use the libssp library in GCC for stack smashing protection SSP might allow local users to perform buffer overflow attacks by leveraging lack of the Object Size Checking feature...

CVE-2016-4973

CVE-2016-4973 concerns binaries built against targets using GCC’s libssp for stack smashing protection. The root cause is the lack of Object Size Checking in libssp, which may allow local users to trigger buffer overflows. Documented impacts include partial confidentiality, integrity, and availab...

OracleVM 3.2 : curl (OVMSA-2016-0056)

The remote OracleVM system is missing necessary patches to address critical security updates : - fix heap-based buffer overflow in curleasyunescape CVE-2013-2174 - fix cookie tailmatching to prevent cross-domain leakage CVE-2013-1944 - introduce the --delegation option of curl 746849 - fix stack...

php: buffer overflow and stack smashing error in phar_fix_filepath

A flaw was found in the way the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash or, possibly, execute arbitrary code when opened...

Cisco MiniUPnP Stack Smashing Protection Attack

The Internet of Things security challenge is twofold: finding bugs, and more urgent—fixing them. Cisco’s Talos security intelligence and research group found and privately disclosed a serious and trivially exploitable client-side bug in MiniUPnP that was patched in September of last year. The...