18 matches found
EUVD-2007-2146
Malware in sbrugna...
EUVD-2007-2949
Malware in sbrugna...
McAfee E-Business Server预认证远程拒绝服务及代码执行漏洞
BUGTRAQ ID: 27197 McAfee e-Business Server用于为存储和共享文档的企业和个人提供透明加密。 McAfee E-Business Server在处理畸形格式的请求数据时存在漏洞,远程攻击者可能利用此漏洞控制服务器。 如果向McAfee E-Business Server的管理接口(TCP 1718)发送类似于以下的畸形预认证报文的话: "\x01\x3f\x2f\x05\x25\x2a" + "A" 69953 就会导致服务器崩溃,也可能允许执行任意指令。 0 McAfee E-Business Server = 8.5.2 for Windows...
CVE-2008-0127
The administration interface in McAfee E-Business Server 8.5.2 and earlier allows remote attackers to cause a denial of service crash and execute arbitrary code via a long initial authentication packet...
McAfee E-Business Server Remote pre-auth Code Execution / DoS PoC
No description provided by source. !/usr/bin/perl McAfeeR E-Business ServerTM 8.5.2 Remote preauth crash PoC - tested on Windows and Linux Leon Juranic [email protected], Infigo IS http://www.infigo.hr/en/ use IO::Socket; $saddr = "192.168.1.3"; $sport = 1718;...
McAfee E-Business Server Authentication Packet Remote Overflow
McAfee E-Business Server, an enterprise tool for digitally encrypting and signing electronic files, is installed on the remote host. The version of this software installed on the remote host fails to properly handle over-sized authentication packets sent to its administration interface, generally...
mcafee2.pl.txt
!/usr/bin/perl McAfeeR E-Business ServerTM 8.5.2 Remote preauth crash PoC - tested on Windows and Linux Leon Juranic , Infigo IS use IO::Socket; $saddr = "192.168.1.3"; $sport = 1718; $exp1 = "\x01\x3f\x2f\x05\x25\x2a" . "A" x 69953;; print " Sending exploit string...\n"; my $serversock =...
KLA10260 ACE vulnerability in McAfeeE-Buisness Server
An unspecified vulnerability was found in McAfee E-Business. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via a specially designed auth packet. Original advisories - Exploitation Public exploits exist for this...
McAfee E-Business Server Remote pre-auth Code Execution / DoS PoC
Exploit for multiple platform in category dos / poc ================================================================= McAfee E-Business Server Remote pre-auth Code Execution / DoS PoC ================================================================= !/usr/bin/perl McAfeeR E-Business ServerTM 8.5....
McAfee E-Business Server 8.5.2 - Remote Code Execution / Denial of Service (PoC)
!/usr/bin/perl McAfeeR E-Business ServerTM 8.5.2 Remote preauth crash PoC - tested on Windows and Linux Leon Juranic , Infigo IS use IO::Socket; $saddr = "192.168.1.3"; $sport = 1718; $exp1 = "\x01\x3f\x2f\x05\x25\x2a" . "A" x 69953;; print " Sending exploit string...\n"; my $serversock =...
McAfee E-Business Server验证报文处理整数溢出漏洞
McAfee e-Business Server是一款用于为存储和共享文档的企业和个人提供透明加密。 McAfee e-Business Server解析验证报文存在整数溢出问题,远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 提供包含超长长度值的验证报文,可导致触发整数溢出,精心构建提交数据可能以应用程序进程权限执行任意指令。 0 McAfee E-Business Server 8.5.2 McAfee E-Business Server 8.1.1 厂商解决方案 升级到最新程序: a...
McAfee E-Business Server认证报文处理整数溢出漏洞
BUGTRAQ ID: 26269 CVECAN ID: CVE-2007-2957 McAfee e-Business Server用于为存储和共享文档的企业和个人提供透明加密。 McAfee E-Business Server的管理工具服务在解析认证报文时存在整数溢出漏洞,远程攻击者可能利用此漏洞控制服务器。 如果远程攻击者向服务器发送的认证报文包含有超长长度值的话,就可以触发这个溢出,最终导致堆溢出,允许在服务器上执行任意指令。 0 McAfee E-Business Server 8.1.1 for Linux 厂商补丁: McAfee ------...
CVE-2007-2957
Integer overflow in McAfee E-Business Server before 8.5.3 for Solaris, and before 8.1.2 for Linux, HP-UX, and AIX, allows remote attackers to execute arbitrary code via a large length value in an authentication packet, which results in a heap-based buffer overflow...
McAfee E-Business Server Administration Client Length Remote DoS
McAfee E-Business Server, an enterprise tool for digitally encrypting and signing electronic files, is installed on the remote host. The Administration Agent component of the version of McAfee E-Business Server installed on the remote host reportedly fails to validate the length from a packet...
CVE-2007-2151
The administration server in McAfee e-Business Server before 8.1.1 and 8.5.x before 8.5.2 allows remote attackers to cause a denial of service service crash via a large length value in a malformed authentication packet, which triggers a heap over-read...
CVE-2007-2151
CVE-2007-2151 affects McAfee e-Business Server administration server prior to 8.1.1 and 8.5.x prior to 8.5.2. A malformed authentication packet with an excessively large length value can trigger a heap over-read, allowing remote attackers to cause a denial of service (service crash). No remediati...
CVE-2007-2151
The administration server in McAfee e-Business Server before 8.1.1 and 8.5.x before 8.5.2 allows remote attackers to cause a denial of service service crash via a large length value in a malformed authentication packet, which triggers a heap over-read...
McAfee e-Business Server无效数据长度拒绝服务漏洞
McAfee e-Business Server用于为存储和共享文档的企业和个人提供透明加密。 McAfee e-Business Server在处理畸形的认证请求时存在漏洞,远程攻击者可能利用此漏洞导致服务器崩溃。 如果攻击者在认证到McAfee e-Business Server期间发送了畸形认证报文的话就会导致服务器崩溃。收到报文后服务器会读取其长度,然后试图从缓冲区读取该长度的字节。如果攻击者能够指定很大的长度值但发送了很小的报文,就会导致服务器读取到所映射堆内存之外,触发无法处理的异常,管理服务器会崩溃。 0 McAfee E-Business Server 8.5.1.101...