Rocket Software Unidata udadmin_server Stack Buffer Overflow in Password

This modlue exploits an authentication bypass vulnerability in the Linux version of udadminserver, which is an RPC service that comes with the Rocket Software UniData server, which runs as root. This vulnerability affects UniData versions 8.2.4 build 3003 and earlier for Linux, but this module...

Rocket Software Unidata 8.2.4 Build 3003 Buffer Overflow

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule The amount of padding required to overwrite the return addr 'offset' = 0x2b8, This returns to "mov rdi, rsp / call system", which means the...

CVE-2023-28504

Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a stack-based buffer overflow that can lead to remote code execution as the root user...

CVE-2023-28508

Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a heap-based overflow vulnerability, where certain input can corrupt the heap and crash the forked process...

CVE-2023-28503

Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from an authentication bypass vulnerability, where a special username with a deterministic password can be leveraged to bypass authentication checks and execute ...

CVE-2023-28509

Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 use weak encryption for packet-level security and passwords transferred on the wire...

CVE-2023-28505 Buffer overflow in UniRPC library function

Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a buffer overflow in an API function, where a string is copied into a caller-provided buffer without checking the length. This requires a valid login to...

CVE-2023-28504 Stack buffer overflow in UniRPC library function

Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a stack-based buffer overflow that can lead to remote code execution as the root user...

PT-2023-21765 · Rocket · Universe +1

Name of the Vulnerable Software and Affected Versions: Rocket Software UniData versions prior to 8.2.4 build 3003 Rocket Software UniVerse versions prior to 11.3.5 build 1001 Rocket Software UniVerse versions prior to 12.2.1 build 2002 Description: The issue is a stack-based buffer overflow that...

Rocket Software UniData <= 7.2.7.3806 Denial of Service Vulnerabilities

No description provided by source...

Rocket Software UniData < 7.3 unidata72 Remote Command Execution (credentialed check)

The version of UniData installed on the remote Windows host is potentially affected by a code execution vulnerability. The UniData RPC service fails to enforce authentication on the unidata72 interface. An unauthenticated, remote attacker can exploit this vulnerability to execute arbitrary code o...

Rocket Software UniData Detection

The remote Windows host is running UniData, a relational database application. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid51461; scriptversion"1.13"; scriptsetattributeattribute:"pluginmodificationdate", value:"2023/02/06"; scriptnameenglish:"Rocket Software...

Rocket Software UniData 7.2.7.3806 - Denial of Service

Rocket Software UniData 7.2.7.3806 - Denial of Service Source: http://aluigi.org/adv/unirpcd1-adv.txt Luigi Auriemma Application: Rocket Software UniData http://www.rocketsoftware.com/u2/products/unidata/ Versions: = 7.2.7.3806 Platforms: Windows Bugs: various Denial of Service vulnerabilities in...

Rocket Software UniData 7.2.7.3806 - Denial of Service

Source: http://aluigi.org/adv/unirpcd1-adv.txt Luigi Auriemma Application: Rocket Software UniData http://www.rocketsoftware.com/u2/products/unidata/ Versions: = 7.2.7.3806 Platforms: Windows Bugs: various Denial of Service vulnerabilities in unirpcd.exe Exploitation: remote, versus server Date: ...