IncrediMail 2.0 Buffer Overflow

IncrediMail 2.0 activeX Authenticate bof poc by d3b4g Tested: incerdiMail 2.0 Vendor url:http://www.incredimail.com/english/splash.aspx Tested on windows XP SP3 1-03-2010 Debugging info -------------- Exception Code: ACCESSVIOLATION Disasm: 678914AE MOV EDX,ECX ImSpoolU.dll Seh Chain:...

Squid NTLM Authenticate Overflow

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Squid NTLM...

CVE-2008-3101

Multiple cross-site scripting XSS vulnerabilities in vtiger CRM 5.0.4 allow remote attackers to inject arbitrary web script or HTML via 1 the parenttab parameter in an index action to the Products module, as reachable through index.php; 2 the userpassword parameter in an Authenticate action to th...

CVE-2008-3101

Multiple cross-site scripting XSS vulnerabilities in vtiger CRM 5.0.4 allow remote attackers to inject arbitrary web script or HTML via 1 the parenttab parameter in an index action to the Products module, as reachable through index.php; 2 the userpassword parameter in an Authenticate action to th...

CVE-2007-5466

Multiple buffer overflows in eXtremail 2.1.1 and earlier allow remote attackers to 1 have an unknown impact by sending multiple long strings to the IMAP port 143/tcp; 2 execute arbitrary code via a long string in an IMAP AUTHENTICATE PLAIN action, involving the ifParseAuthPlain function; 3 execut...

Grandstream Budge Tone-200 IP Phone (Digest domain) DoS Exploit

No description provided by source. !/usr/bin/perl MADYNES Security Advisory http://madynes.loria.fr Title: Grandstream Budge Tone-200 denial of service vulnerability Release Date: 21/03/2007 Severity: High - Denial of Service Advisory ID:KIPH3 Hardware: Grandstream Budge Tone-200 IP Phone...

Grandstream Budge Tone-200 IP Phone (Digest domain) DoS Exploit

Exploit for hardware platform in category dos / poc =============================================================== Grandstream Budge Tone-200 IP Phone Digest domain DoS Exploit =============================================================== !/usr/bin/perl MADYNES Security Advisory...

MailEnable ProfessionalEnterprise 2.37 - Denial of Service

MailEnable ProfessionalEnterprise 2.37 - Denial of Service !/usr/bin/perl maildisable-v7.pl Mail Enable Professional/Enterprise v2.32-7 win32 by mu-b - Wed Feb 14 2007 - Tested on: Mail Enable Professional v2.37 win32 use Getopt::Std; getopts't:', %arg; use Socket; use MIME::Base64; my $target; i...

Squid NTLM Authenticate Overflow

This is an exploit for Squid's NTLM authenticate overflow libntlmssp.c. Due to improper bounds checking in ntlmcheckauth, it is possible to overflow the 'pass' variable on the stack with user controlled data of a user defined length. Props to iDEFENSE for the advisory. This module requires...

PSWD.JS - Insecure Password Hash

/ source: https://www.securityfocus.com/bid/19333/info Applications running pswd.js are prone to an insecure password-hash weakness. This issue is due to a design flaw that results in password hashes being created in an insecure manner. This issue allows attackers to use precomputed password hash...

CVE-2006-2893

index.php in GANTTy 1.0.3 allows remote attackers to obtain the full path of the web server via an invalid lang parameter in an authenticate action...

MDaemon IMAP AUTHENTICATE command buffer overflow

Added: 03/01/2006 BID: 14317 OSVDB: 18069 Background MDaemon is an e-mail server for Windows. Problem The IMAP service in MDaemon is affected by buffer overflow vulnerabilities in the AUTHENTICATE LOGIN and AUTHENTICATE CRAM-MD5 commands which can be exploited without logging into the server...

MDaemon IMAP AUTHENTICATE command buffer overflow

Added: 03/01/2006 BID: 14317 OSVDB: 18069 Background MDaemon is an e-mail server for Windows. Problem The IMAP service in MDaemon is affected by buffer overflow vulnerabilities in the AUTHENTICATE LOGIN and AUTHENTICATE CRAM-MD5 commands which can be exploited without logging into the server...

PHPGedView <= 3.3.7 remote code execution

--- PHPGedView = 3.3.7 Arbitrary local/remote code execution & php injection --- software: site: http://www.phpgedview.net/ description: "PhpGedView is a revolutionary genealogy program which allows you to view and edit your genealogy on your website." - vulnerabilties:...

MailWatch authenticate() Function SQL Injection

The remote host appears to be running MailWatch, a web-based frontend to MailScanner written in PHP. The version of MailWatch installed on the remote host fails to sanitize the username and password before using them in database queries in the 'authenticate' function of 'functions.php'. This issu...

CVE-2005-3470

SQL injection vulnerability in in the authenticate function in MailWatch for MailScanner 1.0.2 allows remote attackers to execute arbitrary SQL commands...

CVE-2004-2388

The vulnerability CVE-2004-2388 affects the AIX 4.3.3 rexecd component. It stems from not properly using a local copy of the pwd structure when calling getpwnam, allowing the authenticate function to overwrite the pwd data and potentially assign privileges to the wrong user. This creates a privil...

CVE-2005-1014

Buffer overflow in the IMAP service for MailEnable Enterprise 1.04 and earlier and Professional 1.54 allows remote attackers to execute arbitrary code via a long AUTHENTICATE command...

CVE-2002-1624

CVE-2002-1624 refers to a buffer overflow in the Lotus Domino web server prior to R5.0.10 when logging to DOMLOG.NSF. The vulnerability can be triggered by a long HTTP Authenticate header containing certain non-ASCII characters, allowing a remote attacker to cause a denial of service and potentia...

CVE-2002-1624

Buffer overflow in Lotus Domino web server before R5.0.10, when logging to DOMLOG.NSF, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long HTTP Authenticate header containing certain non-ASCII characters...