Lucene search
+L

1332 matches found

metasploit
metasploit
added 2009/03/11 10:33 p.m.20 views

Belkin Bulldog Plus Web Service Buffer Overflow

This module exploits a stack buffer overflow in Belkin Bulldog Plus 4.0.2 build 1219. When sending a specially crafted http request, an attacker may be able to execute arbitrary code. This module requires Metasploit: https://metasploit.com/download Current source:...

7.9AI score
Exploits0
securityvulns
securityvulns
added 2009/02/10 12:0 a.m.78 views

Trend micro - IWSVA/IWSS - Authorization module password leak

There is possbile get username and password from "Proxy-Authorization" header, which is not correctly removed when authorization header sends WMP. Requirements: - IWSVA/IWSS basic authorization on - Client is using WMP 8-11 as video player - Standalone proxy if upstream proxy is used,...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2009/02/04 12:0 a.m.21 views

Free Download Manager 2.53.0 - Authorisation Stack Buffer Overflow (PoC)

Free Download Manager 2.53.0 - Authorisation Stack Buffer Overflow PoC !usr/bin/perl -w Stack-based buffer overflow in Remote Control Server in Free Download Manager FDM 2.5 Build 758 and 3.0 Build 844 allows remote attackers to execute arbitrary code via a long Authorization header in an HTTP...

10CVSS1.2AI score0.66526EPSS
Exploits13
seebug
seebug
added 2009/02/04 12:0 a.m.19 views

Free Download Manager 2.5/3.0 (Authorization) Stack BOF PoC

No description provided by source. !usr/bin/perl -w Stack-based buffer overflow in Remote Control Server in Free Download Manager FDM 2.5 Build 758 and 3.0 Build 844 allows remote attackers to execute arbitrary code via a long Authorization header in an HTTP request. Refer:...

10CVSS6.4AI score0.66526EPSS
Exploits13
nvd
nvd
added 2009/02/03 7:30 p.m.16 views

CVE-2009-0183

Stack-based buffer overflow in Remote Control Server in Free Download Manager FDM 2.5 Build 758 and 3.0 Build 844 allows remote attackers to execute arbitrary code via a long Authorization header in an HTTP request...

10CVSS7.9AI score0.66526EPSS
Exploits13References7
attackerkb
attackerkb
added 2009/02/03 7:30 p.m.3 views

CVE-2009-0183

Stack-based buffer overflow in Remote Control Server in Free Download Manager FDM 2.5 Build 758 and 3.0 Build 844 allows remote attackers to execute arbitrary code via a long Authorization header in an HTTP request...

10CVSS6.4AI score0.66526EPSS
Exploits13References10
metasploit
metasploit
added 2009/02/02 6:27 p.m.24 views

Free Download Manager Remote Control Server Buffer Overflow

This module exploits a stack buffer overflow in Free Download Manager Remote Control 2.5 Build 758. When sending a specially crafted Authorization header, an attacker may be able to execute arbitrary code. This module requires Metasploit: https://metasploit.com/download Current source:...

10CVSS8AI score0.66526EPSS
Exploits13
prion
prion
added 2008/02/21 7:44 p.m.15 views

Stack overflow

Multiple stack-based buffer overflows in Now SMS/MMS Gateway 2007.06.27 and earlier allow remote attackers to execute arbitrary code via a 1 long password in an Authorization header to the HTTP service or a 2 large packet to the SMPP service...

6.8CVSS8.5AI score0.32791EPSS
Exploits5References6Affected Software1
nvd
nvd
added 2008/02/21 7:44 p.m.25 views

CVE-2008-0871

Multiple stack-based buffer overflows in Now SMS/MMS Gateway 2007.06.27 and earlier allow remote attackers to execute arbitrary code via a 1 long password in an Authorization header to the HTTP service or a 2 large packet to the SMPP service...

6.8CVSS7.9AI score0.32791EPSS
Exploits5References6
nessus
nessus
added 2007/12/31 12:0 a.m.23 views

GLSA-200712-18 : Multi-Threaded DAAP Daemon: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200712-18 Multi-Threaded DAAP Daemon: Multiple vulnerabilities nnp discovered multiple vulnerabilities in the XML-RPC handler in the file webserver.c. The wsaddarg function contains a format string vulnerability, as it does not...

7.5CVSS6.2AI score0.05592EPSS
Exploits0References3
ubuntucve
ubuntucve
added 2007/11/05 7:46 p.m.24 views

CVE-2007-5824

webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to cause a denial of service NULL dereference and daemon crash via a stats method action to /xml-rpc with 1 an empty Authorization header line, which triggers a crash in the wsdecodepassword function; or 2 a...

7.1CVSS5.9AI score0.05592EPSS
Exploits0References1
nvd
nvd
added 2007/11/05 7:46 p.m.16 views

CVE-2007-5824

webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to cause a denial of service NULL dereference and daemon crash via a stats method action to /xml-rpc with 1 an empty Authorization header line, which triggers a crash in the wsdecodepassword function; or 2 a...

7.1CVSS6.4AI score0.05592EPSS
Exploits0References13
prion
prion
added 2007/11/05 7:46 p.m.17 views

Authorization

webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to cause a denial of service NULL dereference and daemon crash via a stats method action to /xml-rpc with 1 an empty Authorization header line, which triggers a crash in the wsdecodepassword function; or 2 a...

7.1CVSS6.7AI score0.05592EPSS
Exploits0References13Affected Software1
cvelist
cvelist
added 2007/11/05 7:0 p.m.36 views

CVE-2007-5824

webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to cause a denial of service NULL dereference and daemon crash via a stats method action to /xml-rpc with 1 an empty Authorization header line, which triggers a crash in the wsdecodepassword function; or 2 a...

6.3AI score0.05592EPSS
Exploits0References13
nessus
nessus
added 2007/11/03 12:0 a.m.66 views

Firefly Media Server webserver.c ws_addarg Function /xml-rpc Authorization Header Remote Format String

The remote host is running Firefly Media Server, also known as mt-daapd, a media streaming server. The version of Firefly Media Server installed on the remote host apparently fails to sanitize user-supplied input before using it as the format string in a call to 'vsnprintf'' in 'src/webserver.c'...

7.5CVSS6.2AI score0.03723EPSS
Exploits0References3
cvelist
cvelist
added 2007/06/21 6:0 p.m.25 views

CVE-2007-3319

The Avaya 4602SW IP Phone Model 4602D02A with 2.2.2 and earlier SIP firmware does not use the cnonce parameter in the Authorization header of SIP requests during MD5 digest authentication, which allows remote attackers to conduct man-in-the-middle attacks and hijack or intercept communications...

6.7AI score0.01632EPSS
Exploits0References6
metasploit
metasploit
added 2007/01/07 11:33 p.m.16 views

MailEnable Authorization Header Buffer Overflow

This module exploits a remote buffer overflow in the MailEnable web service. The vulnerability is triggered when a large value is placed into the Authorization header of the web request. MailEnable Enterprise Edition versions prior to 1.0.5 and MailEnable Professional versions prior to 1.55 are...

0.9AI score
Exploits0
cvelist
cvelist
added 2005/05/10 4:0 a.m.22 views

CVE-2004-2027

Buffer overflow in Icecast 2.0.0 and earlier allows remote attackers to cause a denial of service crash via a long Basic Authorization header that triggers an out-of-bounds read...

6.6AI score0.02085EPSS
Exploits0References7
nvd
nvd
added 2005/05/02 4:0 a.m.21 views

CVE-2005-1348

Buffer overflow in HTTPMail in MailEnable Enterprise 1.04 and earlier and Professional 1.54 and earlier allows remote attackers to execute arbitrary code via a long HTTP Authorization header...

7.5CVSS7.7AI score0.72622EPSS
Exploits6References4
nessus
nessus
added 2005/04/25 12:0 a.m.15 views

MailEnable HTTPMail Service Authorization Header Remote Overflow

The version of MailEnable running on the remote host has a buffer overflow vulnerability when processing the Authorization field in the HTTP header. A remote attacker could exploit this to execute arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc...

5.6AI score
Exploits0References1
Rows per page
Query Builder