ALPINE-CVE-2016-6318

Stack-based buffer overflow in the FascistGecosUser function in lib/fascist.c in cracklib allows local users to cause a denial of service application crash or gain privileges via a long GECOS field, involving longbuffer...

The vulnerability of the RUMBA terminal emulator allows a hacker to execute arbitrary code.

The vulnerability of the PlayMacro function in ObjectXMacro.ObjectXMacro WdMacCtl.ocx, a terminal emulator RUMBA, is caused by buffer overflow in the stack. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code using a long MacroName argument...

SUSE-SU-2016:2211-1 Security update for cracklib

This update for cracklib fixes a security issue and a bug: Security issue fixed: - Add patch to fix a stack buffer overflow in GECOS parser bsc992966 CVE-2016-6318 The following non security issue was fixed: - Call textdomain in cracklib-check main function so that program output is translated...

Stack Buffer Overflow Vulnerability in Legba Incorporated YateBTS

Legba Incorporated YateBTS is software for analog protocol stacks for GSM networks. A stack buffer overflow vulnerability exists in Legba Incorporated YateBTS. An attacker could exploit the vulnerability by sending an oversized UDP packet resulting in a memory buffer overflow, which in turn could...

PCRE Regular Expression Compilation Stack Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of PCRE. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the compilation of regular...

Internet Bug Bounty: stack buffer overflows in the curses module

I found two stack buffer overflows in the curses module. These vulnerabilities have been reported to the PSRT and were fixed here: https://hg.python.org/cpython/rev/d5f6bc45b376 https://hg.python.org/cpython/rev/85b35300f200 Below are copies of the mails I sent to the PSRT. They describe the...

Multiple D-Link Routers Stack Buffer Overflow Vulnerability

The D-Link DIR-895L is a wireless router from AUO. A stack buffer overflow vulnerability exists in multiple D-Link Routers, which allows remote attackers to submit a special request to execute arbitrary code or conduct a denial of service attack...

Teamspeak 3 Use-After-Free / Information Disclosure / DoS

Teamspeak 3 RCE advisory by: ff214370685e536b9ee021c7ff6b7680bfbe6008bc29f87511b6b90256043536 August 10, 2016 While auditing the Teamspeak 3 server I've discovered several 0-day vulnerabilities which I'll describe in detail in this advisory. They exist in the newest version of the server, version...

openSUSE: Security Advisory for libarchive (openSUSE-SU-2016:2036-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Easy File Sharing Web Server GET HTTP request vulnerability

Added: 08/11/2016 Background Easy File Sharing Web Server is software that allows users to upload/download files to a server easily through a web browser, as well as providing a bulletin board system forum. Problem Easy File Sharing Web Server is vulnerable to a stack buffer overflow condition as...

Easy File Sharing Web Server GET HTTP request vulnerability

Added: 08/11/2016 Background Easy File Sharing Web Server is software that allows users to upload/download files to a server easily through a web browser, as well as providing a bulletin board system forum. Problem Easy File Sharing Web Server is vulnerable to a stack buffer overflow condition as...

Ubuntu 14.04 LTS / 16.04 LTS : Firefox vulnerabilities (USN-3044-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3044-1 advisory. Gustavo Grieco discovered an out-of-bounds read during XML parsing in some circumstances. If a user were tricked in to opening a specially...

VUPlayer 2.49 .pls Stack Buffer Overflow

!/usr/bin/python import os,sys Tested Windows 7 Home x86 & Windows 10 Home x86x64 badchars \x00\x0a\x1a\x20\x40 msfvenom -a x86 --platform windows -p windows/exec CMD=calc.exe -b "\x00\x0a\x1a\x20\x40" -f python buf = "" buf += "\xbf\x3b\x99\xdd\xa3\xdb\xc4\xd9\x74\x24\xf4\x58\x29" buf +=...

VUPlayer 2.49 - '.pls' Stack Buffer Overflow (DEP Bypass)

Exploit for windows platform in category local exploits !/usr/bin/python import os,sys Tested Windows 7 Home x86 & Windows 10 Home x86x64 badchars \x00\x0a\x1a\x20\x40 msfvenom -a x86 --platform windows -p windows/exec CMD=calc.exe -b "\x00\x0a\x1a\x20\x40" -f python buf = "" buf +=...

CVE-2016-6289

Integer overflow in the virtualfileex function in TSRM/tsrmvirtualcwd.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service stack-based buffer overflow or possibly have unspecified other impact via a crafted extract operation on a Z...

Debian DLA-552-1 : binutils security update

Some minor security issues have been identified and fixed in binutils in Debian LTS. These are : CVE-2016-2226 Exploitable buffer overflow. CVE-2016-4487 Invalid write due to a use-after-free to array btypevec. CVE-2016-4488 Invalid write due to a use-after-free to array ktypevec. CVE-2016-4489...

HP LoadRunner Controller Scenario File Stack Buffer Overflow (CVE-2015-5426)

A stack-based buffer overflow vulnerability exists in HP LoadRunner Controller. The vulnerability is due to insufficient boundary checks while parsing scenario files. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted ".lrs" files with the...

The vulnerability of the Linter Bastion database management system allows a malicious individual to execute arbitrary code with system privileges, as well as bypass the “closed environment” protection mechanism.

The dbcwnt.exe module contains a vulnerable function address 0x4017d4, which reads the value of the NETMBX environment variable into a buffer in the stack, without controlling the size of the copied data. This vulnerability allows a local attacker to execute arbitrary code. Additionally, this...

Symantec Antivirus Decomposer Engine dec2lha Library Remote Stack Buffer Overflow (CVE-2016-2210)

A stack buffer overflow vulnerability exist in the Symantec Antivirus Decomposer Engine dec2lha Library. This vulnerability is due to incorrect decompression of the LZH and LHA archives...

Apache xerces-c stack buffer overflow vulnerability

Apache Xerces is an XML syntax parser from the Apache Software Foundation in the U.S. Apache Xerces-C is its language version. A stack buffer overflow vulnerability exists in xerces-c because the program fails to properly parse deeply nested DTDs, which can be exploited by a remote attacker to...