Nixpkgs security tracker

Untriaged

Permalink CVE-2016-20045

8.4 HIGH

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 3 weeks ago

HNB Organizer 1.9.18-10 Local Buffer Overflow via -rc Parameter

HNB Organizer 1.9.18-10 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -rc command-line parameter. Attackers can craft a malicious input string exceeding 108 bytes containing shellcode and a return address to overwrite the stack and achieve code execution.

References

ExploitDB-40025 exploit
Official Product Homepage product
VulnCheck Advisory: HNB Organizer 1.9.18-10 Local Buffer Overflow via -rc Parameter third-party-advisory

Affected products

HNB

==1.9.18-10

Matching in nixpkgs

pkgs.osmo-hnbgw

Osmocom Home NodeB Gateway, for attaching femtocells to the 3G CN (OsmoMSC, OsmoSGSN)

pkgs.tests.fetchgit.submodule-leave-git

None

nixos-25.11 z58l2vrm1hnb
- nixos-25.11-small z58l2vrm1hnb
- nixpkgs-25.11-darwin z58l2vrm1hnb

Suggestion detail

References

Affected products

Matching in nixpkgs

pkgs.osmo-hnbgw

pkgs.tests.fetchgit.submodule-leave-git