Lucene search
K

7 matches found

NVD
NVD
added 2020/06/04 9:15 p.m.27 views

CVE-2020-13768

In MiniShare before 1.4.2, there is a stack-based buffer overflow via an HTTP PUT request, which allows an attacker to achieve arbitrary code execution, a similar issue to CVE-2018-19861, CVE-2018-19862, and CVE-2019-17601. NOTE: this product is discontinued...

9.8CVSS9.8AI score0.0209EPSS
Exploits1References1
Prion
Prion
added 2020/06/04 9:15 p.m.22 views

Stack overflow

In MiniShare before 1.4.2, there is a stack-based buffer overflow via an HTTP PUT request, which allows an attacker to achieve arbitrary code execution, a similar issue to CVE-2018-19861, CVE-2018-19862, and CVE-2019-17601. NOTE: this product is discontinued...

7.5CVSS9.7AI score0.12555EPSS
Exploits9References1Affected Software1
Prion
Prion
added 2019/10/15 9:15 p.m.19 views

Stack overflow

In MiniShare 1.4.1, there is a stack-based buffer overflow via an HTTP CONNECT request, which allows an attacker to achieve arbitrary code execution, a similar issue to CVE-2018-19862 and CVE-2018-19861. NOTE: this product is discontinued...

7.5CVSS9.7AI score0.12555EPSS
Exploits8References1Affected Software1
CVE
CVE
added 2019/01/03 7:0 p.m.80 views

CVE-2018-19861

Affected software. MiniShare 1.4.1 and earlier. Vulnerability. A stack-based or general buffer overflow in MiniShare’s HTTP handling leads to remote arbitrary code execution. For CVE-2018-19861 the overflow occurs via a long HTTP HEAD request; CVE-2019-17601 via an HTTP CONNECT request; CVE-2020-...

9.8CVSS9.7AI score0.12555EPSS
Exploits6References3Affected Software1
Exploit DB
Exploit DB
added 2018/12/18 12:0 a.m.60 views

MiniShare 1.4.1 - 'HEAD/POST' Remote Buffer Overflow

Not only the GET method is vulnerable to BOF CVE-2004-2271. HEAD and POST methods are also vulnerable. The difference is minimal, both are exploited in the same way. Only 1 byte difference: GET = 3, HEAD and POST = 4 length ------------------------------------------------------------------- EAX...

9.8CVSS9.5AI score0.71908EPSS
Exploits10
0day.today
0day.today
added 2018/12/08 12:0 a.m.91 views

MiniShare 1.4.1 HEAD / POST Buffer Overflow Exploit

Hi!!! playing in 2006.... I have adapted the exploit to python Not only the GET method is vulnerable to BOF CVE-2004-2271. HEAD and POST methods are also vulnerable. The difference is minimal, both are exploited in the same way. Only 1 byte difference: GET = 3, HEAD and POST = 4 length...

9.8CVSS0.3AI score0.71908EPSS
Exploits11
Packet Storm
Packet Storm
added 2018/12/07 12:0 a.m.321 views

MiniShare 1.4.1 HEAD / POST Buffer Overflow

Hi!!! playing in 2006.... I have adapted the exploit to python Not only the GET method is vulnerable to BOF CVE-2004-2271. HEAD and POST methods are also vulnerable. The difference is minimal, both are exploited in the same way. Only 1 byte difference: GET = 3, HEAD and POST = 4 length...

7.5CVSS0.6AI score0.71908EPSS
Exploits11
Rows per page
Query Builder