Hummingbird STR Service Buffer Overflow

Hummingbird STR service STRsvc.exe is installed on the remote host. It is included with EMC Documentum eRoom, OpenText Hummingbird, and OpenText Search Server. The installed version is affected by a buffer overflow vulnerability. By sending a very large packet to the Hummingbird STR service, it m...

多个厂商Hummingbird STR服务栈溢出漏洞

BUGTRAQ ID: 36868 EMC Documentum eRoom是基于WEB的协作服务器，OpenText Search Server是高效的纯文本搜索引擎，上述产品都使用了Hummingbird STR服务。 默认监听于TCP 10500端口上的Hummingbird STR服务（STRsvc.exe）中存在栈溢出漏洞。STRlib.dll模块将接收到的网络报文拷贝到了静态的栈缓冲区，如果发送了超长的报文就可以触发栈溢出，导致以SYSTEM权限执行任意指令。 EMC Documentum eRoom 7.4.1 Open Text Corporation Search...

Hummingbird STR service / EMC Documentum eRoom / OpenText Search Server buffer overflow

Buffer overflow on TCP/10500 traffic parsing...

ZDI-09-074: Multiple Vendor Hummingbird STR Service Stack Overflow Vulnerability

ZDI-09-074: Multiple Vendor Hummingbird STR Service Stack Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-074 October 28, 2009 -- Affected Vendors: EMC OpenText -- Affected Products: EMC Documentum eRoom OpenText Hummingbird OpenText Search Server -- TippingPointTM IPS...

Multiple Vendor Hummingbird STR Service Stack Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of EMC Documentum eRoom, OpenText Hummingbird and OpenText Search Server. Authentication is not required to exploit this vulnerability. The specific flaw exists in the Hummingbird STR...