SonicWall SSL-VPN NetExtender ActiveX Control Buffer Overflow

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'SonicWall...

CVE-2007-5603

Stack-based buffer overflow in the SonicWall SSL-VPN NetExtender NELaunchCtrl ActiveX control before 2.1.0.51, and 2.5.x before 2.5.0.56, allows remote attackers to execute arbitrary code via a long string in the second argument to the AddRouteEntry method...

Stack overflow

Stack-based buffer overflow in the SonicWall SSL-VPN NetExtender NELaunchCtrl ActiveX control before 2.1.0.51, and 2.5.x before 2.5.0.56, allows remote attackers to execute arbitrary code via a long string in the second argument to the AddRouteEntry method...

CVE-2007-5814

Multiple buffer overflows in the SonicWall SSL-VPN NetExtender NELaunchCtrl ActiveX control before 2.1.0.51, and 2.5.x before 2.5.0.56, allow remote attackers to execute arbitrary code via a long 1 serverAddress, 2 sessionId, 3 clientIPLower, 4 clientIPHigher, 5 userName, 6 domainName, or 7...

Buffer overflow

Multiple buffer overflows in the SonicWall SSL-VPN NetExtender NELaunchCtrl ActiveX control before 2.1.0.51, and 2.5.x before 2.5.0.56, allow remote attackers to execute arbitrary code via a long 1 serverAddress, 2 sessionId, 3 clientIPLower, 4 clientIPHigher, 5 userName, 6 domainName, or 7...

CVE-2007-5603

Stack-based buffer overflow in the SonicWall SSL-VPN NetExtender NELaunchCtrl ActiveX control before 2.1.0.51, and 2.5.x before 2.5.0.56, allows remote attackers to execute arbitrary code via a long string in the second argument to the AddRouteEntry method...

CVE-2007-5814

Affected product : SonicWall SSL-VPN NetExtender NELaunchCtrl ActiveX control. Vulnerability : multiple buffer overflows enabling remote code execution via long Unicode properties in AddRouteEntry (serverAddress, sessionId, clientIPLower, clientIPHigher, userName, domainName, dnsSuffix). The AddR...

CVE-2007-5814

Multiple buffer overflows in the SonicWall SSL-VPN NetExtender NELaunchCtrl ActiveX control before 2.1.0.51, and 2.5.x before 2.5.0.56, allow remote attackers to execute arbitrary code via a long 1 serverAddress, 2 sessionId, 3 clientIPLower, 4 clientIPHigher, 5 userName, 6 domainName, or 7...

CVE-2007-5603

CVE-2007-5603 is a stack-based buffer overflow in the SonicWall SSL-VPN NetExtender NELaunchCtrl ActiveX control (before 2.1.0.51 and 2.5.x before 2.5.0.56). A remote attacker can cause arbitrary code execution by supplying a long string in the second argument to the AddRouteEntry method. The vul...

SonicWALL SSL-VPN NetExtender NELaunchCtrl ActiveX Control Multiple Overflows

The remote host contains the 'NELaunchCtrl' ActiveX control included with the SonicWALL NetExtender VPN client software. The version of this control installed on the remote host fails to validate arguments to several methods, such as 'AddRouteEntry', 'serverAddress', 'sessionId', 'clientIPLower',...

SonicWall NetExtender NELaunchCtrl ActiveX control stack buffer overflow

Overview The SonicWall NetExtender NELaunchCtrl ActiveX control contains a stack buffer overflow, which could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description SonicWall NetExtender is an SSL VPN client that is implemented by using an ActiveX...

SonicWall SSL-VPN NetExtender ActiveX Control Buffer Overflow

This module exploits a stack buffer overflow in SonicWall SSL-VPN NetExtender. By sending an overly long string to the "AddRouteEntry" method located in the NELaunchX.dll 1.0.0.26 Control, an attacker may be able to execute arbitrary code. This module requires Metasploit:...