Lucene search
K

57 matches found

Cvelist
Cvelist
added 2006/09/20 11:0 p.m.23 views

CVE-2006-4438

Heap-based buffer overflow in SpIDer for Dr.Web Scanner for Linux 4.33, and possibly earlier versions, allows remote attackers to execute arbitrary code via an LHA archive with an extended header that contains a long directory name...

8.2AI score0.10239EPSS
Exploits0References4
CVE
CVE
added 2006/09/20 11:0 p.m.45 views

CVE-2006-4438

CVE-2006-4438 affects Dr.Web SpIDer for Linux (Dr.Web Scanner) v4.33 and possibly earlier. The vulnerability is a heap-based buffer overflow in an LHA archive’s extended header with a long directory name, allowing remote code execution as described in the NVD/NVD-related and Full-Disclosure discl...

6.4CVSS8.2AI score0.10239EPSS
Exploits0References4Affected Software1
securityvulns
securityvulns
added 2006/09/20 12:0 a.m.41 views

[Full-disclosure] Dr.Web 4.33 antivirus LHA long directory name heap overflow

Topic: Dr.Web 4.33 antivirus LHA long directory name heap overflow Announced: 2006-09-19 Product: Dr.Web antivirus Vendor: http://www.drweb.com/ Impact: Code execution Affected product: Dr.Web 4.33, probably earlier versions also Credits: Jean-Sebastien Guay-Leroux CVE ID: CVE-2006-4438 I...

6.4CVSS0.1AI score0.10239EPSS
Exploits0
securityvulns
securityvulns
added 2006/09/20 12:0 a.m.37 views

Dr.Web antivirus buffer overflow

Buffer overflow on oversized LHA archive directory name...

5.3AI score
Exploits0References1Affected Software1
0day.today
0day.today
added 2006/09/20 12:0 a.m.27 views

Dr.Web Antivirus 4.33 (LHA long directory name) Local Overflow Exploit

Exploit for linux platform in category local exploits ====================================================================== Dr.Web Antivirus 4.33 LHA long directory name Local Overflow Exploit ====================================================================== / stetoscope.c: Dr.Web 4.33...

6.8AI score
Exploits0
seebug.org
seebug.org
added 2006/09/20 12:0 a.m.31 views

Dr.Web Antivirus 4.33 (LHA long directory name) Local Overflow Exploit

No description provided by source. / stetoscope.c: Dr.Web 4.33 antivirus LHA directory name heap overflow for linux - Howto: Find a valid GOT entry to hijack with objdump -R /opt/drweb/drweb . I guess that you can use the address of free, but my exploit uses the address of realpath. There was a...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2006/09/20 12:0 a.m.19 views

Dr.Web AntiVirus 4.33 - LHA long Directory name Local Overflow

Dr.Web AntiVirus 4.33 - LHA long Directory name Local Overflow / stetoscope.c: Dr.Web 4.33 antivirus LHA directory name heap overflow for linux - Howto: Find a valid GOT entry to hijack with objdump -R /opt/drweb/drweb . I guess that you can use the address of free, but my exploit uses the addres...

Exploits0
Exploit DB
Exploit DB
added 2006/09/20 12:0 a.m.47 views

Dr.Web AntiVirus 4.33 - LHA long Directory name Local Overflow

/ stetoscope.c: Dr.Web 4.33 antivirus LHA directory name heap overflow for linux - Howto: Find a valid GOT entry to hijack with objdump -R /opt/drweb/drweb . I guess that you can use the address of free, but my exploit uses the address of realpath. There was a NULL byte in the GOT entry of free s...

7.4AI score
Exploits0
NVD
NVD
added 2005/10/30 2:34 p.m.17 views

CVE-2005-3373

Multiple interpretation error in Dr.Web 4.32b allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangero...

5.1CVSS6.5AI score0.01352EPSS
Exploits0References5
CVE
CVE
added 2005/10/29 7:0 p.m.50 views

CVE-2005-3373

The CVE-2005-3373 entry describes a vulnerability in Dr.Web 4.32b where an interpretation error in the virus scanner allows a crafted file (e.g., BAT, HTML, or EML) containing an MZ magic byte sequence (normally for EXE) to be treated as a safe type, yet still be executable as a dangerous file by...

5.1CVSS6.9AI score0.01352EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2005/10/29 7:0 p.m.21 views

CVE-2005-3373

Multiple interpretation error in Dr.Web 4.32b allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangero...

6.5AI score0.01352EPSS
Exploits0References5
NVD
NVD
added 2005/10/14 10:2 a.m.11 views

CVE-2005-3218

Multiple interpretation error in unspecified versions of Dr.Web Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even...

5.1CVSS6.5AI score0.01723EPSS
Exploits0References2
CVE
CVE
added 2005/10/14 4:0 a.m.49 views

CVE-2005-3218

The CVE affects Dr.Web Antivirus (unspecified versions) where a parsing interpretation error in RAR archives with malformed central/local headers can allow a remote attacker to bypass virus detection by delivering a malicious executable. The issue arises even though some archivers (e.g., Winrar, ...

5.1CVSS7AI score0.01723EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2004/08/03 12:0 a.m.22 views

Dr.Web scanMail Function Unspecified Overflow

The remote host is running Dr.Web - an antivirus program. There is a buffer overflow in the remote version of Dr.Web which might allow an attacker to execute arbitrary commands on the remote host. Very little details are known regarding this issue at this time. C Tenable Network Security, Inc...

6.5AI score
Exploits0
securityvulns
securityvulns
added 2004/07/03 12:0 a.m.30 views

Dr.Web for OpenBSD failure

Small stack size causes daemon fail to start if LocalScan = no configured whth message stack overflow in function int scanMailint, timet , int, int, const char...

0.8AI score
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2003/05/12 12:0 a.m.25 views

Dr.Web File Name Handling Overflow

The remote host is running Dr.Web - an antivirus program. There is a flaw in the remote version of Dr.Web which may make it crash when scanning files whose name is excessively long. An attacker may use this flaw to execute arbitrary code on this host. To exploit it, an attacker would need to send...

6.3AI score
Exploits0
Exploit DB
Exploit DB
added 2003/03/05 12:0 a.m.33 views

Dr.Web 4.x - Virus Scanner Folder Name Buffer Overflow (PoC)

source: https://www.securityfocus.com/bid/7022/info A buffer overflow vulnerability has been reported for Dr. Web virus scanner. The vulnerability is due to insufficient bounds checking when processing folder names. An attacker is able to exploit this vulnerability by creating a malicious folder...

7.4AI score
Exploits0
Rows per page
Query Builder