Sante PACS Server
Moderate fix1 remedy
cpe:2.3:a:santesoft:sante_pacs_server:*:*:*:*:*:*:*
Moderate fix1 remedy
- 4.1.0
Sante PACS Server Stack-Based Buffer Overflow Vulnerability in OpenSSL Decryption Function
Vulnerability
Patched
A stack-based buffer overflow vulnerability has been identified in Sante PACS Server version 4.1.0. During the login process, the application uses the OpenSSL function EVP_DecryptUpdate to decrypt the username and password. A fixed 128-byte stack buffer is provided as the output buffer for the decryption process. If an unauthenticated remote attacker sends a long encrypted username or password, it can overflow the stack buffer, potentially leading to arbitrary code execution.
Impact
Exploitation of this vulnerability causes a stack-based buffer overflow, which can lead to arbitrary code execution.
Reproduction
The vulnerability can be reproduced by sending a login request with an encrypted username or password that exceeds the buffer size. This can be done using a Python script that generates the appropriate ciphertext and sends it to the application's login endpoint.
Remediation
Users are advised to upgrade to Sante PACS Server version 4.2.0 or later.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Vulnerability Rating
Custom Algorithm
spread
0.8impact
10.0exploitability
9.1remediation
7.7relevance
0.0threat
6.5urgency
2.9incentive
10.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.