Candidate: CVE-2015-8979
PublicDate: 2017-02-15 15:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8979
 http://zeroscience.mk/en/vulnerabilities/ZSL-2016-5384.php
 http://www.openwall.com/lists/oss-security/2016/12/17/2
Description:
 Stack-based buffer overflow in the parsePresentationContext function in
 storescp in DICOM dcmtk-3.6.0 and earlier allows remote attackers to cause
 a denial of service (segmentation fault) via a long string sent to TCP port
 4242.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by: Kevin Basista
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H [7.5 HIGH]

Patches_dcmtk:
upstream_dcmtk: released (3.6.1~20160216-2)
precise_dcmtk: ignored (reached end-of-life)
precise/esm_dcmtk: DNE (precise was needed)
trusty_dcmtk: released (3.6.0-15+deb8u1build0.14.04.1)
trusty/esm_dcmtk: DNE (trusty was released [3.6.0-15+deb8u1build0.14.04.1])
vivid/stable-phone-overlay_dcmtk: DNE
vivid/ubuntu-core_dcmtk: DNE
xenial_dcmtk: ignored (end of standard support, was needed)
yakkety_dcmtk: not-affected (3.6.1~20160216-2)
zesty_dcmtk: not-affected
artful_dcmtk: not-affected
bionic_dcmtk: not-affected
cosmic_dcmtk: not-affected
disco_dcmtk: not-affected
eoan_dcmtk: not-affected
focal_dcmtk: not-affected
groovy_dcmtk: not-affected
hirsute_dcmtk: not-affected
impish_dcmtk: not-affected
jammy_dcmtk: not-affected
devel_dcmtk: not-affected