HP Data Protector Manager MMD Service Stack Buffer Overflow

Added: 12/10/2010 BID: 45128 Background HP Data Protector is a backup solution for enterprise and distributed environments. The Data Protector environment consists of a Cell Manager, backup agents, and backup device servers. The Cell Manager is the central point from which backup agents and devic...

HP Data Protector Manager MMD Service Stack Buffer Overflow

Added: 12/10/2010 BID: 45128 Background HP Data Protector is a backup solution for enterprise and distributed environments. The Data Protector environment consists of a Cell Manager, backup agents, and backup device servers. The Cell Manager is the central point from which backup agents and devic...

Winamp "in_midi"组件MIDI时间戳栈缓冲区溢出漏洞

BUGTRAQ ID: 45221 Winamp是一款流行的媒体播放器，支持多种文件格式。 Winamp在实现上存在漏洞，攻击者可利用此漏洞以用户权限在受影响的应用程序中执行任意代码，造成拒绝服务。 此漏洞源于未能对用户提供的数据执行足够的边界检查。Winamp的栈分配是可预测的。攻击者可选择写入到已保存的基本指针的值，因此当恢复了基础指针后，调用函数的栈报文将被移动到攻击者控制的返回地址。 Nullsoft Winamp 5.01 - 5.5.8 厂商补丁： Nullsoft -------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

Winamp < 5.601 MIDI Timestamp Stack Buffer Overflow

Binary data 5726.prm...

Xion Audio Player 1.0.126 Unicode Stack Buffer Overflow

This module exploits a stack buffer overflow in Xion Audio Player prior to version 1.0.126. The vulnerability is triggered when opening a malformed M3U file that contains an overly long string. This results in overwriting a structured exception handler record. This module requires Metasploit:...

POP Peeper 3.4 - UIDL Buffer Overflow (Metasploit)

$Id: poppeeperuidl.rb 11180 2010-11-30 20:19:18Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework...

DATAC RealWin SCADA Server 2.0 (Build 6.1.8.10) - SCPC_INITIALIZE Buffer Overflow (Metasploit)

$Id: realwinscpcinitialize.rb 11180 2010-11-30 20:19:18Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

DATAC RealWin SCADA Server SCPC_TXTEVENT Buffer Overflow

This module exploits a stack buffer overflow in DATAC Control International RealWin SCADA Server 2.0 Build 6.1.8.10. By sending a specially crafted packet, an attacker may be able to execute arbitrary code. This module requires Metasploit: https://metasploit.com/download Current source:...

FreeBSD : proftpd -- remote code execution vulnerability (533d20e7-f71f-11df-9ae1-000bcdf0a03b)

Tippingpoint reports : This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of ProFTPD. Authentication is not required to exploit this vulnerability. The flaw exists within the proftpd server component which listens by default on TCP port 21. When readi...

Hewlett-Packard (HP) Power Manager Administration - Remote Buffer Overflow (Metasploit)

$Id: hppowermanagerlogin.rb 11127 2010-11-24 19:35:38Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Novell NetIdentity Agent - XTIERRPCPIPE Named Pipe Buffer Overflow (Metasploit)

$Id: netidentityxtierrpcpipe.rb 11127 2010-11-24 19:35:38Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Microsoft Visual Studio - Msmask32.ocx ActiveX Buffer Overflow (MS08-070) (Metasploit)

$Id: ms08070visualstudiomsmask.rb 11127 2010-11-24 19:35:38Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Foxit PDF Reader v4.1.1 Title Stack Buffer Overflow

$Id: foxittitlebof.rb 11096 2010-11-22 17:43:42Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework...

Foxit PDF Reader v4.1.1 Title Stack Buffer Overflow

This module exploits a stack buffer overflow in Foxit PDF Reader prior to version 4.2.0.0928. The vulnerability is triggered when opening a malformed PDF file that contains an overly long string in the Title field. This results in overwriting a structured exception handler record. NOTE: This...

Foxit Reader Crafted PDF Title Handling Stack Buffer Overflow

Added: 11/22/2010 OSVDB: 68648 Background Foxit Reader is a free PDF reader for Microsoft Windows systems. Problem Foxit Reader for Windows is vulnerable to a stack buffer overflow which could allow execution of arbitrary code. A remote attacker can exploit this vulnerability by enticing a user t...

Foxit Reader Crafted PDF Title Handling Stack Buffer Overflow

Added: 11/22/2010 OSVDB: 68648 Background Foxit Reader is a free PDF reader for Microsoft Windows systems. Problem Foxit Reader for Windows is vulnerable to a stack buffer overflow which could allow execution of arbitrary code. A remote attacker can exploit this vulnerability by enticing a user t...

Native Instruments Traktor Pro 1.2.6 - Stack Buffer Overflow (PoC)

Native Instruments Traktor Pro 1.2.6 - Stack Buffer Overflow PoC !/usr/local/bin/perl Native Instruments Traktor Pro 1.2.6 Stack-based Buffer Overflow Vulnerability Vendor: Native Instruments GmbH Product web page: http://www.native-instruments.com Affected version: 1.2.6.8491 Standalone Summary:...

Fedora 13 : mod_fcgid-2.3.6-1.fc13 (2010-17434)

This update to the current upstream maintenance release includes a fix for a possible stack buffer overwrite CVE-2010-3872. It also changes the default value of FcgidMaxRequestLen from 1GB to 128K; administrators should change this to an appropriate value based on site requirements. Other changes...

Fedora 14 : mod_fcgid-2.3.6-1.fc14 (2010-17472)

This update to the current upstream maintenance release includes a fix for a possible stack buffer overwrite CVE-2010-3872. It also changes the default value of FcgidMaxRequestLen from 1GB to 128K; administrators should change this to an appropriate value based on site requirements. Other changes...

Fedora 12 : mod_fcgid-2.3.6-1.fc12 (2010-17474)

This update to the current upstream maintenance release includes a fix for a possible stack buffer overwrite CVE-2010-3872. It also changes the default value of FcgidMaxRequestLen from 1GB to 128K; administrators should change this to an appropriate value based on site requirements. Other changes...