Simple-scan Network Scanner Vulnerabilities Analysis (RCE/DoS/CVE-2020-12861 et al.)

## Critical Vulnerability Information ### Vulnerability IDs - GHSL-2020-075 - GHSL-2020-079 - GHSL-2020-080 - GHSL-2020-081 - GHSL-2020-082 - GHSL-2020-083 - GHSL-2020-084 ### Vulnerability Types - DoS (Denial of Service) - RCE (Remote Code Execution) ### Impact - Remote devices or computers connected to the same network may trigger memory corruption vulnerabilities. - In some cases, applications such as `simple-scan` crash immediately upon startup when searching for network scanners. - Certain vulnerabilities require the user to connect to a malicious device and then click the “Scan” button. ### Detailed Vulnerability Descriptions #### Issue 1 - **CVE**: CVE-2020-12867 - **Function**: `sanei_epson_net_read` - **Issue**: Null pointer dereference - **Impact**: May lead to remote denial of service #### Issue 2 - **CVE**: CVE-2020-12866 - **Function**: `epsonds_net_read` - **Issue**: Null pointer dereference - **Impact**: May lead to remote denial of service #### Issue 3 - **CVE**: CVE-2020-12861 - **Function**: `epsonds_net_read` - **Issue**: Heap buffer overflow - **Impact**: May lead to remote code execution #### Issue 4 - **CVE**: CVE-2020-12864 - **Function**: `epsonds_net_read` - **Issue**: Reading uninitialized data - **Impact**: Can be combined with other buffer overflow vulnerabilities to leak ASLR offsets #### Issue 5 - **CVE**: CVE-2020-12862 - **Function**: `decode_binary` - **Issue**: Out-of-bounds read - **Impact**: Low severity, but potentially useful for buffer overflow exploitation #### Issue 6 - **CVE**: CVE-2020-12863 - **Function**: `esci2_check_header` - **Issue**: Out-of-bounds read - **Impact**: Information disclosure #### Issue 7 - **CVE**: CVE-2020-12865 - **Function**: `esci2_img` - **Issue**: Heap buffer overflow - **Impact**: Requires user interaction, may lead to remote code execution ### CVE Mappings - GHSL-2020-075 -> CVE-2020-12867 - GHSL-2020-079 -> CVE-2020-12866 - GHSL-2020-080 -> CVE-2020-12861 - GHSL-2020-081 -> CVE-2020-12864 - GHSL-2020-082 -> CVE-2020-12862 - GHSL-2020-083 -> CVE-2020-12863 - GHSL-2020-084 -> CVE-2020-12865

Goal Reached Thanks to every supporter — we hit 100%!

Simple-scan Network Scanner Vulnerabilities Analysis (RCE/DoS/CVE-2020-12861 et al.)