ZDI-11-169: IBM Tivoli Endpoint lcfd.exe opts Argument Remote Code Execution Vulnerability

ZDI-11-169: IBM Tivoli Endpoint lcfd.exe opts Argument Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-169 May 31, 2011 -- CVE ID: CVE-2011-1220 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: IBM -- Affected Products: IBM Tivoli Endpoint --...

GoldenFTP 4.70 PASS Stack Buffer Overflow

Exploit for windows platform in category remote exploits $Id: goldenftppassbof.rb 12812 2011-06-02 01:10:22Z bannedit $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information...

IBM Tivoli Endpoint lcfd.exe opts Argument Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Endpoint. Authentication is required to exploit this vulnerability, however it is trivially achieved. The specific flaw exists within the lcfd.exe process which listens by default on TCP...

Siemens Tecnomatix FactoryLink SCADA CSService List Path Buffer Overflow

Siemens Tecnomatix FactoryLink is a Supervisory Control and Data Acquisition SCADA system used for monitoring and controlling industrial processes. A buffer overflow vulnerability have been reported in Siemens Tecnomatix FactoryLink SCADA system. The vulnerability is due to a boundary error in...

Siemens Tecnomatix FactoryLink SCADA CSService GetFileInfo Buffer Overflow

Siemens Tecnomatix FactoryLink is a Supervisory Control and Data Acquisition SCADA system used for monitoring and controlling industrial processes. A buffer overflow vulnerability have been reported in Siemens Tecnomatix FactoryLink SCADA system. The vulnerability is due to a boundary error in...

Magix Musik Maker 16 - .mmm Local Stack Buffer Overflow (Without EggHunter) (Metasploit)

Magix Musik Maker 16 - .mmm Local Stack Buffer Overflow Without EggHunter Metasploit --- My version of exploit... Looks like bug the same as in: http://www.exploit-db.com/exploits/17313/ My exploit does not use egg-hunter, so it must be faster, but i have limited size for payload - 750 bytes 8...

Magix Musik Maker 16 - '.mmm' Local Stack Buffer Overflow (Without EggHunter) (Metasploit)

--- My version of exploit... Looks like bug the same as in: http://www.exploit-db.com/exploits/17313/ My exploit does not use egg-hunter, so it must be faster, but i have limited size for payload - 750 bytes 8 Speed Vs Size... --- Title: Magix Musik Maker 16 EDB-ID: CVE-ID: OSVDB-ID: 72455 Author...

iDefense Security Advisory 05.24.11: IBM Lotus Notes RTF Attachment Viewer Stack Buffer Overflow

iDefense Security Advisory 05.24.11 http://labs.idefense.com/intelligence/vulnerabilities/ May 24, 2011 I. BACKGROUND IBM Corp.'s Lotus Notes software is an integrated desktop client option for accessing e-mail, calendars and applications on an IBM Corp. Lotus Domino server. More information can ...

VLC Media Player Libmodplug CSoundFile::ReadS3M() Function S3M File Handling Overflow

Added: 05/26/2011 CVE: CVE-2011-1574 OSVDB: 72143 Background VideoLAN VLC media player is a media player supporting various audio and video formats for multiple platforms. Problem VLC media player is vulnerable to a stack buffer overflow because the ReadS3M function in libmodplug fails to properl...

iDefense Security Advisory 05.24.11: IBM Lotus Notes Applix Attachment Viewer Stack Buffer Overflow

iDefense Security Advisory 05.24.11 http://labs.idefense.com/intelligence/vulnerabilities/ May 24, 2011 I. BACKGROUND IBM Corp.'s Lotus Notes software is an integrated desktop client option for accessing e-mail, calendars and applications on an IBM Corp. Lotus Domino server. More information can ...

PHP Socket connect() Stack Buffer Overflow

Hi there, This is a quick writeup about some fun with apache based on CVE-2011-1938 that was disclosed yesterday. While the first POC was literally just a trivial POC - the second one was written for self-educational purposes we leared quite a lot which is the most important thing and we hope it...

Magix Musik Maker 16 .mmm Stack Buffer Overflow

$Id: magixmusikmaker16mmm.rb 12688 2011-05-22 23:41:15Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Magix Musik Maker 16 .mmm Stack Buffer Overflow

This module exploits a stack buffer overflow in Magix Musik Maker 16. When opening a specially crafted arrangement file .mmm in the application, an unsafe strcpy will allow you to overwrite a SEH handler. This exploit bypasses DEP & ASLR, and works on XP, Vista & Windows 7. Egghunter is used, and...

7-Technologies IGSS IGSSdataServer.exe Stack Buffer Overflow

This module exploits a vulnerability in the igssdataserver.exe component of 7-Technologies IGSS up to version 9.00.00 b11063. While processing a ListAll command, the application fails to do proper bounds checking before copying data into a small buffer on the stack. This causes a buffer overflow...

7T Interactive Graphical SCADA System File Operations Buffer Overflows (CVE-2011-1567; CVE-2011-4050)

7-Technologies' IGSS is a Supervisory Control and Data Acquisition SCADA system used for monitoring and controlling industrial processes. Multiple buffer overflow vulnerabilities have been reported in 7T Interactive Graphical SCADA System IGSS. The vulnerability is due to boundary errors in the...

ZDI-11-163: HP 3COM/H3C Intelligent Management Center tftpserver mode Remote Code Execution Vulnerability

ZDI-11-163: HP 3COM/H3C Intelligent Management Center tftpserver mode Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-163 May 10, 2011 -- CVE ID: CVE-2011-1851 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Hewlett-Packard -- Affected Products:...

HP 3COM/H3C Intelligent Management Center tftpserver mode Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP 3com/H3C Intelligent Management Center. Authentication is not required to exploit this vulnerability. The flaw exists within the tftpserver.exe component which listens by default on UDP port 69...

BlueVoda Website Builder 11 - .bvp Local Stack Buffer Overflow

BlueVoda Website Builder 11 - .bvp Local Stack Buffer Overflow source: https://www.securityfocus.com/bid/47753/info BlueVoda Website Builder is prone to a stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an...

openSUSE Security Update : libmodplug (openSUSE-SU-2011:0350-1)

Libmodplug is vulnerable to a stack based buffer overflow when handling malicious S3M media files. CVE-2011-1574 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Updat...

WRF files (CVE-2010-3269)

The Cisco WebEx Player is an application that is used to play back WebEx meeting recordings that have been recorded on the computer of an on-line meeting attendee. Cisco WebEx uses the proprietary WRF file format .wrf extension to store WebEx meeting recordings on the computer of an on-line meeti...