Network World

Google discloses serious Linux stack-buffer overflow bug in widely used C library

A Google security engineer studying an SSH connection to a host unexpectedly discovered a deeper, darker secret in the GNU C Library (glibc). Google later proved that a bug in this library could be ...
Bleeping Computer

QNAP QTS zero-day in Share feature gets public RCE exploit

An extensive security audit of QNAP QTS, the operating system for the company's NAS products, has uncovered fifteen vulnerabilities of varying severity, with eleven remaining unfixed. Among them is ...
CSOonline

What is a buffer overflow? And how hackers exploit these vulnerabilities

A buffer overflow or overrun is a memory safety issue where a program does not properly check the boundaries of an allocated fixed-length memory buffer and writes more data than it can hold. This ...
Threat Post

Patched Code Execution Bug Affects Most Android Users

Researchers at IBM disclosed a serious buffer overflow vulnerability in Android 4.3 and earlier that could lead to code execution. The bug is patched in KitKat, but most users are on older versions. A ...
Threat Post

Rockwell Automation Patches Buffer Overflow in ICS App

There is a stack buffer overflow in a Rockwell Automation application that’s used to enable communications in industrial control applications used in manufacturing, energy, water,and other ...
ZDNet

Android SDK suffers from buffer overflow and lack of hardening

A classic buffer overflow exploit has been discovered in the Android software development kit (SDK) that impacts all versions of the Android Debug Bridge on Linux x86_64. The exploit scenario involved ...