5 matches found
CVE-2006-0992
creationtimestamp| type| source ---|---|--- 2010-09-20 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/16757 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/novellmessengeracceptlang.rb 2025-02-06...
Novell Messenger Server 2.0 - 'Accept-Language' Remote Overflow (Metasploit)
This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core Framework dual GPLv2 and Artistic. The latest version of the...
Novell Messenger Server 2.0 Accept-Language Overflow
This module exploits a stack buffer overflow in Novell GroupWise Messenger Server v2.0. This flaw is triggered by any HTTP request with an Accept-Language header greater than 16 bytes. To overwrite the return address on the stack, we must first pass a memcpy operation that uses pointers we supply...
CVE-2006-0992
Stack-based buffer overflow in Novell GroupWise Messenger before 2.0 Public Beta 2 allows remote attackers to execute arbitrary code via a long Accept-Language value without a comma or semicolon. NOTE: due to a typo, the original ZDI advisory accidentally referenced CVE-2006-0092. This is the...
CVE-2006-0992
CVE-2006-0992 is a stack-based buffer overflow in Novell GroupWise Messenger Server v2.0 (Public Beta 2) triggered by an Accept-Language HTTP header longer than 16 bytes, allowing unauthenticated remote code execution with SYSTEM privileges. The vulnerability stems from an overflow when processin...