ZDI-07-015: Novell Groupwise WebAccess Base64 Decoding Stack Overflow Vulnerability

ZDI-07-015: Novell Groupwise WebAccess Base64 Decoding Stack Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-07-015.html April 18, 2007 -- CVE ID: CVE-2007-2171 -- Affected Vendor: Novell -- Affected Products: Groupwise WebAccess -- TippingPointTM IPS Customer Protection:...

Novell Groupwise WebAccess Base64 Decoding Stack Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Groupwise WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists in the GWINTER.exe process bound by default on TCP ports 7205 and 7211. During the...

PHP Subscriber远程密码泄露漏洞

PHP Subscriber是一款基于PHP的WEB应用程序。 PHP Subscriber不正确过滤用户提交的输入，远程攻击者可以利用漏洞获得密码敏感信息。 攻击者可以请求http://www.site.com/path/pwd.txt连接获得密码文件信息，然后使用BASE64解码密码信息。 PHP Subscriber 目前没有详细漏洞细节提供...

Fedora Core 6 : mutt-1.4.2.2-3.fc6 (2006-1063)

Tue Oct 24 2006 Miroslav Lichvar 5:1.4.2.2-3 - fix insecure temp file creation on NFS 211085, CVE-2006-5297 - Thu Aug 3 2006 Miroslav Lichvar 5:1.4.2.2-2 - fix a SASL authentication bug 199591 - Mon Jul 17 2006 Miroslav Lichvar 5:1.4.2.2-1 - update to 1.4.2.2 - fix directories in manual.txt...

PT-2005-1545 · Curl +1 · Curl +1

Name of the Vulnerable Software and Affected Versions: cURL versions 7.12.1 and possibly other versions Description: The issue arises from multiple stack-based buffer overflows in libcURL and cURL, allowing remote malicious web servers to execute arbitrary code. This occurs when base64 encoded...

Samba SWAT buffer overflow

Buffer overflow in Base64 decoding functions...

Potential Buffer Overrun in SWAT

Description The internal routine used by the Samba Web Administration Tool SWAT v3.0.2 and later to decode the base64 data during HTTP basic authentication is subject to a buffer overrun caused by an invalid base64 character. It is recommended that all Samba v3.0.2 or later installations running...

Multiple Potential Buffer Overruns in Samba

Evgeny Demidov discovered that the Samba server has a buffer overflow in the Samba Web Administration Tool SWAT on decoding Base64 data during HTTP Basic Authentication. Versions 3.0.2 through 3.0.4 are affected. Another buffer overflow bug has been found in the code used to support the "mangling...

Переполнение буфера в thttpd (buffer overflow)

Переполнение буфера при base64-декодировании заголовка HTTP-авторизации...

PT-2012-6326 · Libotr +1 · Libotr +1

Name of the Vulnerable Software and Affected Versions: libotr versions prior to 3.2.1 Description: The issue is related to the allocation of a zero-length buffer when decoding a base64 string, which can lead to a denial of service application crash via a message with a specific value. This can be...