Nixpkgs security tracker

Login with GitHub

⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestions search

Untriaged

Filter by:

With package: pinfo

Found 1 matching suggestions

View:

Compact

Detailed

Permalink CVE-2016-20044

8.4 HIGH

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 3 weeks ago

PInfo 0.6.9-5.1 Local Buffer Overflow via -m Parameter

PInfo 0.6.9-5.1 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -m parameter. Attackers can craft a malicious input string with 564 bytes of padding followed by a return address to overwrite the instruction pointer and execute shellcode with user privileges.

References

ExploitDB-40023 exploit
Official Product Homepage product
VulnCheck Advisory: PInfo 0.6.9-5.1 Local Buffer Overflow via -m Parameter third-party-advisory

Affected products

PInfo

==0.6.9-5.1

Matching in nixpkgs

pkgs.pinfo

Viewer for info files

nixos-unstable 0.6.13
- nixpkgs-unstable 0.6.13
- nixos-unstable-small 0.6.13
nixos-25.11 0.6.13
- nixos-25.11-small 0.6.13
- nixpkgs-25.11-darwin 0.6.13

pkgs.ipinfo

Command Line Interface for the IPinfo API

nixos-unstable 3.3.1
- nixpkgs-unstable 3.3.1
- nixos-unstable-small 3.3.1
nixos-25.11 3.3.1
- nixos-25.11-small 3.3.1
- nixpkgs-25.11-darwin 3.3.1

Package maintainers

@fabaff Fabian Affolter <mail@fabian-affolter.ch>

1