exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 3 of 3 RSS Feed

CVE-2017-16879

Status Candidate

Overview

Stack-based buffer overflow in the _nc_write_entry function in tinfo/write_entry.c in ncurses 6.0 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted terminfo file, as demonstrated by tic.

Related Files

Ubuntu Security Notice USN-5477-1
Posted Jun 19, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5477-1 - Hosein Askari discovered that ncurses was incorrectly performing memory management operations when dealing with long filenames while writing structures into the file system. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. Chung-Yi Lin discovered that ncurses was incorrectly handling access to invalid memory areas when parsing terminfo or termcap entries where the use-name had invalid syntax. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-16879, CVE-2018-19211, CVE-2019-17594, CVE-2019-17595, CVE-2021-39537, CVE-2022-29458
SHA-256 | c875ea9f5728bc60c9bfeafd7fc67e19e834562f07e2806fd5a78bbedbb3d9b6
Gentoo Linux Security Advisory 201804-13
Posted Apr 18, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201804-13 - Multiple vulnerabilities have been found in ncurses, the worst of which allows remote attackers to execute arbitrary code. Versions less than 6.1:0 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2017-10684, CVE-2017-10685, CVE-2017-11112, CVE-2017-11113, CVE-2017-13728, CVE-2017-13729, CVE-2017-13730, CVE-2017-13731, CVE-2017-13732, CVE-2017-13733, CVE-2017-13734, CVE-2017-16879
SHA-256 | 4c4788903a772dcefe050e72bf574cee08b69dcaf09683baa8c456155cb5c595
GNU ncurses 6.0 tic Denial Of Service
Posted Nov 18, 2017
Authored by Hosein Askari

tic in the GNU ncurses library version 6.0 suffers from a buffer overflow condition that can cause a denial of service.

tags | exploit, denial of service, overflow
advisories | CVE-2017-16879
SHA-256 | 6739311f66a5050089a0e5b6f3cbd70ac4d655cb2d7168b82cbef694bb3cfbc3
Page 1 of 1
Back1Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close