Dlink DIR Routers Unauthenticated HNAP Login Stack Buffer Overflow

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' Payload working status: MIPS: - all valid payloads working the ones that we are able to send without null bytes ARM: - inline rev/bind shell works...

Palo Alto Networks PanOS appweb3 - Stack Buffer Overflow Vulnerability

Exploit for linux platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=908 Palo Alto Networks have published a fix for this issue: http://securityadvisories.paloaltonetworks.com/Home/Detail/68 PanOS uses a modified version of the appweb3 embedded...

openSUSE Security Update : php5 (openSUSE-2016-1308)

This update for php5 fixes the following security issues : - CVE-2016-7568: A specially crafted image file could cause an application crash or potentially execute arbitrary code when the image is converted to webp bsc1001900 - CVE-2016-8670: Stack Buffer Overflow in GD dynamicGetbuf bsc1004924 -...

Palo Alto Networks PanOS - appweb3 Stack Buffer Overflow

Palo Alto Networks PanOS - appweb3 Stack Buffer Overflow Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=908 Palo Alto Networks have published a fix for this issue: http://securityadvisories.paloaltonetworks.com/Home/Detail/68 PanOS uses a modified version of the appweb3 embedde...

Palo Alto Networks PanOS - appweb3 Stack Buffer Overflow

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=908 Palo Alto Networks have published a fix for this issue: http://securityadvisories.paloaltonetworks.com/Home/Detail/68 PanOS uses a modified version of the appweb3 embedded webserver, it's used for a variety of tasks and is...

openSUSE Security Update : php5 (openSUSE-2016-1321)

This update for php5 fixes the following security issues : - CVE-2016-7568: A specially crafted image file could cause an application crash or potentially execute arbitrary code when the image is converted to webp bsc1001900 - CVE-2016-8670: Stack Buffer Overflow in GD dynamicGetbuf bsc1004924 -...

MGASA-2016-0390 Updated gnuchess packages fix security vulnerability

gnuchess before 6.2.4 is vulnerable to a stack buffer overflow related to user move input, where 160 characters of input can crash gnuchess CVE-2015-8972...

Updated gnuchess packages fix security vulnerability

gnuchess before 6.2.4 is vulnerable to a stack buffer overflow related to user move input, where 160 characters of input can crash gnuchess CVE-2015-8972...

Security update for php5 (important)

This update for php5 fixes the following security issues: - CVE-2016-7568: A specially crafted image file could cause an application crash or potentially execute arbitrary code when the image is converted to webp bsc1001900 - CVE-2016-8670: Stack Buffer Overflow in GD dynamicGetbuf bsc1004924 -...

openSUSE Security Update : gd (openSUSE-2016-1281)

This update for gd fixes the following security issues : - CVE-2016-7568: A specially crafted image file could cause an application crash or potentially execute arbitrary code when the image is converted to webp bsc1001900 - CVE-2016-8670: Stack Buffer Overflow in GD dynamicGetbuf bsc1004924 -...

Security update for gd (important)

This update for gd fixes the following security issues: - CVE-2016-7568: A specially crafted image file could cause an application crash or potentially execute arbitrary code when the image is converted to webp bsc1001900 - CVE-2016-8670: Stack Buffer Overflow in GD dynamicGetbuf bsc1004924 -...

ffmpeg: Stack-buffer-overflow in ff_htmlmarkup_to_ass

Project: https://git.ffmpeg.org/ffmpeg.git Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=6380176053108736 Target: ffmpeg Fuzzer: libFuzzerffmpegSUBTITLEAVCODECIDSUBRIPfuzzer Fuzzer binary: ffmpegSUBTITLEAVCODECIDSUBRIPfuzzer Job Type: libfuzzerasanffmpeg Platform Id: linu...

ffmpeg: Stack-buffer-overflow in ff_htmlmarkup_to_ass

Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=6380176053108736 Target: ffmpeg Fuzzer: libFuzzerffmpegSUBTITLEAVCODECIDSUBRIPfuzzer Fuzzer binary: ffmpegSUBTITLEAVCODECIDSUBRIPfuzzer Job Type: libfuzzerasanffmpeg Platform Id: linux Crash Type: Stack-buffer-overflow READ 1...

Stack overflow

For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer nvlddmkm.sys handler for DxgDdiEscape ID 0x10000e9 where a value is passed from an user to the driver is used without...

CVE-2016-8812

CVE-2016-8812 affects NVIDIA Windows GPU drivers for NVIDIA Quadro/NVS/GeForce with GeForce Experience (GFE) R340 prior to 2.11.4.125 and R375 prior to 3.1.0.52. The issue is a kernel-mode stack buffer overflow in nvstreamkms.sys triggered by specially crafted executable paths, requiring GeForce ...

Dlink DIR Routers Unauthenticated HNAP Login Stack Buffer Overflow

Several Dlink routers contain a pre-authentication stack buffer overflow vulnerability, which is exposed on the LAN interface on port 80. This vulnerability affects the HNAP SOAP protocol, which accepts arbitrarily long strings into certain XML parameters and then copies them into the stack. This...

pcre2: Stack-buffer-overflow in parse_regex

Project: svn://vcs.exim.org/pcre2/code/trunk Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=4804894724718592 Target: pcre2 Fuzzer: libFuzzerpcre2fuzzer Job Type: libfuzzerasanpcre2 Platform Id: linux Crash Type: Stack-buffer-overflow WRITE 4 Crash Address: 0x7fe78b19ded0...

CVE-2016-9176

Stack buffer overflow in the send.exe and receive.exe components of Micro Focus Rumba 9.4 and earlier could be used by local attackers or attackers able to inject arguments to these binaries to execute code...

NVIDIA Driver - Stack Buffer Overflow in Escape 0x10000e9 Exploit

Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=947 The escape handler for 0x10000e9 lacks bounds checks, and passes a user specified size as the size to memcpy, resulting in a stack buffer overflow: bool...

SUSE SLES11 Security Update : php53 (SUSE-SU-2016:2681-1)

This update for php53 fixes the following issues : - CVE-2016-8670: Stack Buffer Overflow in GD dynamicGetbuf bsc1004924 - CVE-2016-6911: Check for out-of-bound read in dynamicGetbuf bsc1005274 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE...