Moxa VPort ActiveX SDK Plus Stack-Based Buffer Overflow Vulnerability

OVERVIEW HP’s Zero Day Initiative ZDI reports that independent researcher Ariele Caltabiano has identified a stack-based buffer overflow vulnerability in the Moxa VPort ActiveX SDK Plus application. Moxa has produced an update that mitigates this vulnerability. This vulnerability could be exploit...

BulletProof FTP Client BPS Buffer Overflow Exploit

Exploit for windows platform in category local exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'BulletProof FTP Client BPS Buffer Overflow', 'Description' = %q This module...

i-FTP Schedule Buffer Overflow Exploit

This Metasploit module exploits a stack-based buffer overflow vulnerability in i-Ftp version 2.20, caused by a long time value set for scheduled download. By persuading the victim to place a specially-crafted Schedule.xml file in the i-FTP folder, a remote attacker could execute arbitrary code on...

Amazon Linux AMI : rpm (ALAS-2014-458)

It was found that RPM could encounter an integer overflow, leading to a stack-based overflow, while parsing a crafted CPIO header in the payload section of an RPM file. This could allow an attacker to modify signed RPM files in such a way that they would execute code chosen by the attacker during...

Important: rpm

Issue Overview: It was found that RPM could encounter an integer overflow, leading to a stack-based overflow, while parsing a crafted CPIO header in the payload section of an RPM file. This could allow an attacker to modify signed RPM files in such a way that they would execute code chosen by the...

UBUNTU-CVE-2014-8504

Stack-based buffer overflow in the srecscan function in bfd/srec.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service crash and possibly have other unspecified impact via a crafted file...

libvncserver: server stacked-based buffer overflow flaws in file transfer handling

Two stack-based buffer overflow flaws were found in the way LibVNCServer handled file transfers. A remote attacker could use this flaw to crash the VNC server using a malicious VNC client...

PT-2014-2598 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions 2.6.x through 3.x Description: The issue is a stack-based buffer overflow in the acdb ioctl function in audio acdb.c in the acdb audio driver. This allows attackers to gain privileges via an application that leverages...

Yokogawa Patches Buffer Overflow Bugs in ICS Gear

Vulnerabilities in production control system software used in manufacturing, energy and other critical industries worldwide have been patched by the vendor, an advisory from the Industrial Control System Cyber Emergency Response Team said. Yokogawa Electric Corp., of Japan patched critical buffer...

HP NNM CGI webappmon.exe OvJavaLocale Buffer Overflow

No description provided by source. $Id: hpnnmwebappmonovjavalocale.rb 12087 2011-03-23 03:39:12Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing...

Chasys Draw IES - Buffer Overflow

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

H-Sphere Webshell 2.4 - Local Root Exploit

No description provided by source. source: http://www.securityfocus.com/bid/6527/info A vulnerability has been discovered in H-Sphere Webshell. During the pre-authentication phase Webshell fails to perform sufficient bounds checking on user-supplied HTTP parameters. As a result, a malicious...

marbles 1.0.1 - Local Home Environment Variable Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8710/info A problem in the handling of data in the Home environment variable has been reported in the marbles program. This may make it possible for a local attacker to gain elevated privileges. / c-marbles.c PoC exploit...

3Com TFTP Service <= 2.0.1 - Remote Buffer Overflow Exploit (meta)

No description provided by source. package Msf::Exploit::3comtftplongmode; use strict; use base Msf::Exploit; use Pex::Text; use IO::Socket; my $advanced = ; my $info = 'Name' = 'TFTP Server 3CTftpSvc Buffer Overflow Vulnerability', 'Version' = '$ 1.0 $', 'Authors' = 'Enseirb vincenty at...

Linux Kernel 2.6.x NETLINK_FIB_LOOKUP Local Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/23677/info The Linux kernel is prone to a denial-of-service vulnerability. This issue presents itself when a NETLINK message is misrouted. A local attacker may exploit this issue to trigger an infinite-recursion stack-bas...

Easy CD-DA Recorder - (PLS File) Buffer Overflow

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::FILEFORMAT def initializeinfo =...

ghttpd 1.4.x Log() Function Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5960/info A buffer overflow has been reported in ghttpd which will allow arbitrary code to be executed with the privileges of the webserver. The overflow occurs when the argument to a 'GET' request is of excessive length...

WinZIP <= 10.0.7245 (FileView ActiveX) Remote Buffer Overflow Exploit

No description provided by source. / WinZip = 10.0.7245 FileView ActiveX buffer overflow exploit ============================================================ A vulnerability has been identified within Winzip that allows remote attackers to execute arbitrary code. User interaction is required to...

3CDaemon 2.0 - Buffer Overflow Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/4638/info 3CDaemon is an FTP server developed by Dan Gill of 3Com. Reportedly, it is possible to initiate a buffer overflow on a host running 3CDaemon. Submitting an unusually large amount of data to the ftp server, could...

IrfanView 4.33 Format PlugIn TTF File Parsing Stack Based Overflow

No description provided by source. Application: IrfanView 4.33 Format PlugIn TTF File Parsing Stack Based Overflow Plateform: Windows Exploitation: Remote code execution Secunia Number: SA49319 PRL: 2012-11 Author: Francis Provencher Protek Research Lab's Website: http://www.protekresearchlab.com...