Hostapd versions prior to 2.6 were not seeding PRNGs. This vulnerability has been fixed silently around 2016, but never attributed a CVE number, leading to many distributions and IoT devices still shipping this version of the software. In addition, it has been discovered that the Extensible Authentication Protocol (EAP) mode, which offers a protection against flooding attacks, also uses predictable PRNGs.
2d166b553a0342f96415f97cd97caa0cedc98fd50d33edcf18d27bde29fcd3c7Pmcma aims at automating exploitation of invalid memory writes (being them the consequences of an overflow in a writable section, of a missing format string, integer overflow, variable misuse, or any other type of memory corruption).
7544c62a0e04880da65bbb1977d91d5cb2dcf6333c762b966c6abb657c436896When given a wrong number of arguments, a number of perl functions will attempt to read memory from an unmapped location, resulting in a deterministic crash.
b72775fe46f3e69183620de7109ecf5ba3fd1540d7eb6d3c5323b82bb1325925Opera up to and including version 10.60 is vulnerable to an arbitrary memory write of 0x00000000, 4 byte aligned, when processing an html page featuring a SELECT tag with a very large SIZE parameter.
630fbf78a70da7125a10c3f5ee2b547435896349a5687c315425d7f9e3ea9851The Linux version of xpdf is linked against t1lib, which is vulnerable to multiple vulnerabilities including off by ones, integer overflows and heap corruptions. At least one of those is exploitable and allows arbitrary code to be executed on the target machine when opening a specially crafted pdf file.
cde36b4c326f4058f72f66b8fe4a29b09dd60fc123357793a2b5fddd8074c956An off by one in the library libgs.so.8 shipped with Ghostscript in versions 8.70 and below generates an integer overflow, which in turn produces a heap corruption, resulting in a (remote) Denial of Service (crash) in several applications using this library when processing a specially crafted font. This vulnerability cannot be exploited to execute arbitrary code under GNU/Linux x86, to the best of our knowledge. Other targets, in particular Windows have not been tested and may or may not allow execution of arbitrary code.
755fd7b7a65fa02c1e386560dc92962392c8ed6130056fd4ed24925a54f7de7cAdobe Acrobat Reader suffers from a memory corruption vulnerability. Versions 9.0.0 and 8.1.3 are affected.
3fd5159ce227deda8ad64450f949dbfdf2df7c0a4cc546070dccc3e295484604It is possible to protect an ELF binary against f-prot by corrupting its ELF header, while letting the binary completely functional. F-prot will crash when analyzing the file, letting the possible malware undetected. f-prot version 4.6.8 for GNU/Linux is affected.
a1424ff8ad9ff444b319433fdf1a2163ec6ad872d6772bed154f4806cb4e88dfSophos Antivirus deterministically crashes (segmentation fault) when analyzing corrupted packed files for multiple packers: armadillo, asprotect, asprotectSKE. The same behavior has also been observed when analyzing corrupted CAB files. Sophos SAVScan 4.33.0 for Linux and possibly others are affected.
9228d18fc3b87e9dfa481b98001a67b62060706c5652631568b031109f3efa05AVG antivirus can be deterministically forced to crash (segmentation fault) when analyzing corrupted UPX files. AVG for Linux version 7.5.51 (current) and possibly other versions are affected.
5e961e37dbebcceed6eeb4bb17a3094e91573d02baa5556259658da15b68d26fMultiple buffer overflows were discovered in the GNU/Linux version of Avast when analyzing corrupted ISO and RPM files. Avast for Workstations version 1.0.8 Trial versions and possibly others are affected.
45808bf369b9de88af97274c0bdbdb9c6a37f8c49f6d650f396a93a786278eccMultiple integer overflows were discovered in the GNU/Linux version of Bitdefender when analyzing corrupted PE binaries packed with neolite and asprotect packers. Bitdefender for GNU/Linux versions 7.60825 and below are affected.
e166e24e386d19eeb0be908dfb8aff0db2050d27a19747733c8f6db105b3d5f1Clamav uses an external unpacker, which can be deterministically crashed, when processing corrupted LZH files. Versions 0.93.3 and below are affected.
af9e2f87235c167df539925d2d3e6d8133912250f66b6b29626b3fb8d4cbdf95The password checking routine of SafeBoot Device Encryption fails to sanitize the BIOS keyboard buffer after reading passwords, resulting in plain text password leakage to unprivileged local users. Affected is McAfee Safeboot Device Encryption version 4, Build 4750 and below.
78a8f15592e7899a1c913eeb459f8791629f0e1831fb0927ed20feae27499353The password checking routine of Grub fails to sanitize the BIOS keyboard buffer before AND after reading passwords.
e6830a2e51a4006859ef717174a6c7a9f4a2c589b17b9d1341a3caf2fa43c057The password checking routine of LILO fails to sanitize the BIOS keyboard buffer before AND after reading passwords.
fbf8278fc9ae31f0953c68b1be7ac5820b419f59c642eb07492b1dd6aec52a2dThe password checking routine of DriveCrypt fails to sanitize the BIOS keyboard buffer before AND after reading passwords.
da41629f4200be17b9393f1177cbdb0f388ddd0e70fc1a3520198adf6cf1f5c5The password checking routine of DiskCryptor fails to sanitize the BIOS keyboard buffer before AND after reading passwords.
b652f695c7247a3de587d408a41942c9ef2f1086cbee2fb843197dfa95167721The password checking routine of the IBM Lenovo BIOS firmware fails to sanitize the BIOS keyboard buffer after reading user input, resulting in plain text password leakage to local users.
a488508939d0aa7156c8686aa75fbaba363e073efc4b44072a2a13c40dde1e04The password checking routine of Intel BIOS firmware fails to sanitize the BIOS keyboard buffer after reading user input, resulting in plain text password leakage to local users.
a3dae1efa2a513a1e4d34e8620de7b40c67b3bd5327e513a672c4257d6bfcb28The password checking routine of TrueCrypt fails to sanitize the BIOS keyboard buffer before AND after reading passwords.
950b0f2921b089dffd4a9765fff017372c18e363577ea4a7de73517951bc9089The password checking routine of Hewlett-Packard 68DTT version F.0D (11/22/2005) fails to sanitize the BIOS keyboard buffer after reading user input, resulting in plain text password leakage to local users.
54ba0a5b5b30a41a1774fa59d76509831be07f95f58bd583771d59d208430935The password checking routine of Microsoft Bitlocker fails to sanitize the BIOS keyboard buffer after reading passwords, resulting in plain text password leakage to unprivileged local users.
0e397b0c05032591101d0eee295e0ee467592b78bde1992f3a0c4f810844bc2c
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed