EUVD-2007-2146

Malware in sbrugna...

EUVD-2007-2949

Malware in sbrugna...

McAfee E-Business Server预认证远程拒绝服务及代码执行漏洞

BUGTRAQ ID: 27197 McAfee e-Business Server用于为存储和共享文档的企业和个人提供透明加密。 McAfee E-Business Server在处理畸形格式的请求数据时存在漏洞，远程攻击者可能利用此漏洞控制服务器。 如果向McAfee E-Business Server的管理接口（TCP 1718）发送类似于以下的畸形预认证报文的话： "\x01\x3f\x2f\x05\x25\x2a" + "A" 69953 就会导致服务器崩溃，也可能允许执行任意指令。 0 McAfee E-Business Server = 8.5.2 for Windows...

CVE-2008-0127

The administration interface in McAfee E-Business Server 8.5.2 and earlier allows remote attackers to cause a denial of service crash and execute arbitrary code via a long initial authentication packet...

Authentication flaw

The administration interface in McAfee E-Business Server 8.5.2 and earlier allows remote attackers to cause a denial of service crash and execute arbitrary code via a long initial authentication packet...

McAfee E-Business Server Remote pre-auth Code Execution / DoS PoC

No description provided by source. !/usr/bin/perl McAfeeR E-Business ServerTM 8.5.2 Remote preauth crash PoC - tested on Windows and Linux Leon Juranic [email protected], Infigo IS http://www.infigo.hr/en/ use IO::Socket; $saddr = "192.168.1.3"; $sport = 1718;...

CVE-2008-0127

The administration interface in McAfee E-Business Server 8.5.2 and earlier allows remote attackers to cause a denial of service crash and execute arbitrary code via a long initial authentication packet...

CVE-2008-0127

CVE-2008-0127 affects McAfee E-Business Server (administration interface) versions 8.5.2 and earlier. The vulnerability arises from improper handling of oversized authentication packets, allowing an unauthenticated remote attacker to crash the service (DoS) and potentially execute arbitrary code....

McAfee E-Business Server Authentication Packet Remote Overflow

McAfee E-Business Server, an enterprise tool for digitally encrypting and signing electronic files, is installed on the remote host. The version of this software installed on the remote host fails to properly handle over-sized authentication packets sent to its administration interface, generally...

McAfee E-Business Server buffer overflow

TCP/1718 administration interface buffer overflow...

mcafee2.pl.txt

!/usr/bin/perl McAfeeR E-Business ServerTM 8.5.2 Remote preauth crash PoC - tested on Windows and Linux Leon Juranic , Infigo IS use IO::Socket; $saddr = "192.168.1.3"; $sport = 1718; $exp1 = "\x01\x3f\x2f\x05\x25\x2a" . "A" x 69953;; print " Sending exploit string...\n"; my $serversock =...

KLA10260 ACE vulnerability in McAfeeE-Buisness Server

An unspecified vulnerability was found in McAfee E-Business. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via a specially designed auth packet. Original advisories - Exploitation Public exploits exist for this...

[INFIGO 2008-01-06]: McAfee E-Business Server Remote Preauth Code Execution / DoS

INFIGO IS Security Advisory ADV-2008-01-06 http://www.infigo.hr/en/ Title: McAfee E-Business Server Remote Preauth Code Execution / DoS Advisory ID: INFIGO-2008-01-06 Date: 2008-01-09 Advisory URL: http://www.infigo.hr/en/infocus/advisories/INFIGO-2008-01-06 Impact: Remote code execution Risk...

McAfee E-Business Server Remote pre-auth Code Execution / DoS PoC

Exploit for multiple platform in category dos / poc ================================================================= McAfee E-Business Server Remote pre-auth Code Execution / DoS PoC ================================================================= !/usr/bin/perl McAfeeR E-Business ServerTM 8.5....

McAfee E-Business Server 8.5.2 - Remote Code Execution Denial of Service (PoC)

McAfee E-Business Server 8.5.2 - Remote Code Execution Denial of Service PoC !/usr/bin/perl McAfeeR E-Business ServerTM 8.5.2 Remote preauth crash PoC - tested on Windows and Linux Leon Juranic , Infigo IS use IO::Socket; $saddr = "192.168.1.3"; $sport = 1718; $exp1 = "\x01\x3f\x2f\x05\x25\x2a"...

McAfee E-Business Server 8.5.2 - Remote Code Execution / Denial of Service (PoC)

!/usr/bin/perl McAfeeR E-Business ServerTM 8.5.2 Remote preauth crash PoC - tested on Windows and Linux Leon Juranic , Infigo IS use IO::Socket; $saddr = "192.168.1.3"; $sport = 1718; $exp1 = "\x01\x3f\x2f\x05\x25\x2a" . "A" x 69953;; print " Sending exploit string...\n"; my $serversock =...

McAfee E-Business Server验证报文处理整数溢出漏洞

McAfee e-Business Server是一款用于为存储和共享文档的企业和个人提供透明加密。 McAfee e-Business Server解析验证报文存在整数溢出问题，远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 提供包含超长长度值的验证报文，可导致触发整数溢出，精心构建提交数据可能以应用程序进程权限执行任意指令。 0 McAfee E-Business Server 8.5.2 McAfee E-Business Server 8.1.1 厂商解决方案 升级到最新程序： a...

McAfee E-Business Server认证报文处理整数溢出漏洞

BUGTRAQ ID: 26269 CVECAN ID: CVE-2007-2957 McAfee e-Business Server用于为存储和共享文档的企业和个人提供透明加密。 McAfee E-Business Server的管理工具服务在解析认证报文时存在整数溢出漏洞，远程攻击者可能利用此漏洞控制服务器。 如果远程攻击者向服务器发送的认证报文包含有超长长度值的话，就可以触发这个溢出，最终导致堆溢出，允许在服务器上执行任意指令。 0 McAfee E-Business Server 8.1.1 for Linux 厂商补丁： McAfee ------...

Integer overflow

Integer overflow in McAfee E-Business Server before 8.5.3 for Solaris, and before 8.1.2 for Linux, HP-UX, and AIX, allows remote attackers to execute arbitrary code via a large length value in an authentication packet, which results in a heap-based buffer overflow...

CVE-2007-2957

Integer overflow in McAfee E-Business Server before 8.5.3 for Solaris, and before 8.1.2 for Linux, HP-UX, and AIX, allows remote attackers to execute arbitrary code via a large length value in an authentication packet, which results in a heap-based buffer overflow...