Monthly Archives: August 2016

Description: WiRouterKeyRec is a recovery tool for wpa passphrase. A crafted AGPF config causes a divide-by-zero in agpf_get_serial. The complete ASan output: WiRouterKeyRec –config crash.agpf -s Alice-48230959 WiRouter KeyRec 1.1.2 – (C) 2011 Salvatore Fresta http://www.salvatorefresta.net ASAN:DEADLYSIGNAL ================================================================= ==27225==ERROR: AddressSanitizer: … Continue reading →

Description: logrotate allows for the automatic rotation compression, removal and mailing of log files. Logrotate can be set to handle a log file daily, weekly, monthly or when the log file gets to a certain size. A crafted config causes … Continue reading →

Description: syslog-ng is an enhanced log daemon, supporting a wide range of input and output methods: syslog, unstructured text, message queues, databases (SQL and NoSQL alike) and more. A crafted config crashes the process because of a NULL pointer access. … Continue reading →

Description: desktop-file-utils is command line set of utilities to work with desktop menu entries A fuzz against desktop-file-utils binary revealed that there was an heap overflow. The complete ASan output: # desktop-file-validate crafted.desktop ================================================================= ==29796==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60300000e843 … Continue reading →