662 matches found
CVE-2009-1375
The PurpleCircBuffer implementation in Pidgin formerly Gaim before 2.5.6 does not properly maintain a certain buffer, which allows remote attackers to cause a denial of service memory corruption and application crash via vectors involving the 1 XMPP or 2 Sametime protocol...
CVE-2009-1375
The PurpleCircBuffer implementation in Pidgin formerly Gaim before 2.5.6 does not properly maintain a certain buffer, which allows remote attackers to cause a denial of service memory corruption and application crash via vectors involving the 1 XMPP or 2 Sametime protocol...
pidgin PurpleCircBuffer corruption
The PurpleCircBuffer implementation in Pidgin formerly Gaim before 2.5.6 does not properly maintain a certain buffer, which allows remote attackers to cause a denial of service memory corruption and application crash via vectors involving the 1 XMPP or 2 Sametime protocol...
Pidgin < 2.5.6 Multiple Buffer Overflows
The remote host is running Pidgin earlier than 2.5.6. Such versions are reportedly affected by multiple buffer overflow vulnerabilities : - A buffer overflow is possible when initiating a file transfer to a malicious buddy over XMPP. CVE-2009-1373 - A buffer overflow issue in the 'decryptout'...
IBM Lotus Domino Sametime STMux.exe Stack Buffer Overflow
This module exploits a stack buffer overflow in Lotus Domino's Sametime Server. By sending an overly long POST request to the Multiplexer STMux.exe service we are able to overwrite SEH. Based on the exploit by Manuel Santamarina Suarez. This module requires Metasploit:...
IBM Lotus Sametime Community Services Multiplexer buffer overflow
Added: 05/30/2008 CVE: CVE-2008-2499 BID: 29328 OSVDB: 45610 Background IBM Lotus Sametime is enterprise instant messaging and web conferencing software. Problem A buffer overflow vulnerability in the Community Services Multiplexer allows remote attackers to execute arbitrary commands by requesti...
IBM Lotus Sametime Community Services Multiplexer buffer overflow
Added: 05/30/2008 CVE: CVE-2008-2499 BID: 29328 OSVDB: 45610 Background IBM Lotus Sametime is enterprise instant messaging and web conferencing software. Problem A buffer overflow vulnerability in the Community Services Multiplexer allows remote attackers to execute arbitrary commands by requesti...
IBM Lotus Sametime Community Services Multiplexer buffer overflow
Added: 05/30/2008 CVE: CVE-2008-2499 BID: 29328 OSVDB: 45610 Background IBM Lotus Sametime is enterprise instant messaging and web conferencing software. Problem A buffer overflow vulnerability in the Community Services Multiplexer allows remote attackers to execute arbitrary commands by requesti...
IBM Lotus Sametime Community Services Multiplexer buffer overflow
Added: 05/30/2008 CVE: CVE-2008-2499 BID: 29328 OSVDB: 45610 Background IBM Lotus Sametime is enterprise instant messaging and web conferencing software. Problem A buffer overflow vulnerability in the Community Services Multiplexer allows remote attackers to execute arbitrary commands by requesti...
Stack overflow
Stack-based buffer overflow in the Community Services Multiplexer aka MUX or StMux.exe in IBM Lotus Sametime 7.5.1 CF1 and earlier, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code via a crafted URL...
DSquare Exploit Pack: D2SEC_SAMETIME
Name| d2secsametime ---|--- CVE| CVE-2008-2499 Exploit Pack| D2ExploitPack Description| IBM Lotus Sametime Community Services Multiplexer Stack Overflow Vulnerability Notes|...
CVE-2008-2499
Stack-based buffer overflow in the Community Services Multiplexer aka MUX or StMux.exe in IBM Lotus Sametime 7.5.1 CF1 and earlier, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code via a crafted URL...
CVE-2008-2499
Stack-based buffer overflow in the Community Services Multiplexer aka MUX or StMux.exe in IBM Lotus Sametime 7.5.1 CF1 and earlier, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code via a crafted URL...
CVE-2008-2499
The CVE-2008-2499 issue is a stack-based buffer overflow in IBM Lotus Sametime’s Community Services Multiplexer (STMux.exe). The vulnerability arises from inadequate bounds-checking while parsing long URLs, allowing a remote attacker to cause arbitrary code execution. Affected products include IB...
KLA10203 ACE vulnerability in IBM Lotus Sametime
An unspecified vulnerability was found in IBM Lotus Sametime. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed URL. Original advisories - Related products IBM-Lotus-Sametime CVE list CVE-2008-2499 hi...
IBM Lotus Sametime buffer overflow
TCP/1533 oversized URL buffer overflow...
ZDI-08-028: IBM Lotus Sametime Community Services Multiplexer Stack Overflow Vulnerability
ZDI-08-028: IBM Lotus Sametime Community Services Multiplexer Stack Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-028 May 21, 2008 -- Affected Vendors: IBM -- Affected Products: IBM Lotus Sametime -- TippingPointTM IPS Customer Protection: TippingPoint IPS customers ha...
IBM Lotus Sametime StMux.exe服务栈溢出漏洞
BUGTRAQ ID: 29328 Lotus Sametime是IBM推出的统一商务协作平台,集成了即时消息与Web会议、语音通讯、移动设备等服务。 Lotus Sametime中默认监听于TCP 1533端口上的Community Services Multiplexer(StMux.exe)服务没有正确地处理超长的URL,通过HTTP与Sametime服务器创建了连接的远程攻击者可以向sscanf函数提交恶意HTTP请求触发栈溢出,导致执行任意代码。 IBM Lotus Sametime 8.0 IBM Lotus Sametime 7.5.1 IBM Lotus Sametime...
sametime-exploit.txt
!perl "IBM Lotus Sametime" StMUX Stack Overflow Exploit Author: Manuel Santamarina Suarez e-Mail: [email protected] use IO::Socket; use File::Basename; destination TCP port $port = 1533; SE handler Don't use upper-case ASCII characters or 0x00, 0x0a, 0x0b, 0x0d, 0x20 You MUST use a POP/POP/RET...
IBM Lotus Sametime 8.0 - Multiplexer Buffer Overflow
source: https://www.securityfocus.com/bid/29328/info IBM Lotus Sametime is prone to a remote buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. An attacker can exploit this issue to execute arbitra...