MailEnable IMAPD Professional 2.35 - Remote Buffer Overflow

!/usr/bin/perl maildisable-v6.pl Mail Enable Professional =v2.35 win32 remote exploit by mu-b - Tue Dec 5 2006 - Tested on: Mail Enable Professional v2.35 win32 Note: timing is quite critical with this!!, so change $senddelay if it doesn't work.... use Getopt::Std; getopts't:n:', %arg; use Socket...

MailEnable IMAPD Enterprise 2.32 < 2.34 - Remote Buffer Overflow

!/usr/bin/perl maildisable-v3.pl Mail Enable Professional/Enterprise v2.32-4 win32 remote exploit by mu-b - Thu Nov 23 2006 - Tested on: Mail Enable Professional v2.32 win32 - with HOTFIX Mail Enable Professional v2.33 win32 Mail Enable Professional v2.34 win32 what does this remind you off? Note...

openssl signature forgery

OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS 1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying...

FreeBSD : openssl -- Incorrect PKCS#1 v1.5 padding validation in crypto(3) (077c2dca-8f9a-11db-ab33-000e0c2e438a)

Problem Description When verifying a PKCS1 v1.5 signature, OpenSSL ignores any bytes which follow the cryptographic hash being signed. In a valid signature there will be no such bytes. Impact OpenSSL will incorrectly report some invalid signatures as valid. When an RSA public exponent of 3 is use...

PHP Nop Generator

Generates harmless padding for PHP scripts This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework This class implements a "nop" generator for PHP payloads class MetasploitModule 'PHP Nop Generator', 'Alias' = 'phpgeneric',...

CVE-2006-5484

SSH Tectia Client/Server/Connector 5.1.0 and earlier, Manager 2.2.0 and earlier, and other products, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS 1 v1.5 signature that is signed by that RSA key and prevents...

CVE-2006-5484

SSH Tectia Client/Server/Connector 5.1.0 and earlier, Manager 2.2.0 and earlier, and other products, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS 1 v1.5 signature that is signed by that RSA key and prevents...

MS Windows 2000 sp1/sp2 isapi .printer Extension Overflow Exploit

No description provided by source. / iishack 2000 - eEye Digital Security - 2001 This affects all unpatched windows 2000 machines with the .printer isapi filter loaded. This is purely proof of concept. Quick rundown of the exploit: Eip overruns at position 260 i have 19 bytes of code to jump back...

Utility for generating HTTP/1.x requests for shellcodes

No description provided by source. / genhttpreq.c, utility for generating HTTP/1.x requests for shellcodes SIZES: HTTP/1.0 header request size - 18 bytes+ HTTP/1.1 header request size - 26 bytes+ NOTE: The length of the selected HTTP header is stored at EDX register. Thus the generated MOV...

CVE-2006-5201

Multiple packages on Sun Solaris, including 1 NSS; 2 Java JDK and JRE 5.0 Update 8 and earlier, SDK and JRE 1.4.x up to 1.4.212, and SDK and JRE 1.3.x up to 1.3.119; 3 JSSE 1.0.303 and earlier; 4 IPSec/IKE; 5 Secure Global Desktop; and 6 StarOffice, when using an RSA key with exponent 3, removes...

CVE-2006-5201

CVE-2006-5201 affects Sun Solaris components (notably NSS, NSS-based libraries, Java JDK/JRE, JSSE, IPSec/IKE, and related Sun products). The root cause is when using an RSA key with exponent 3 that removes PKCS #1 padding prior to hash generation, enabling remote attackers to forge a PKCS #1 v1....

USN-348-1: GnuTLS vulnerability

The GnuTLS library did not sufficiently check the padding of PKCS 1 v1.5 signatures if the exponent of the public key is 3 which is widely used for CAs. This could be exploited to forge signatures without the need of the secret key...

Multiple RSA implementations fail to properly handle signatures

Overview Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. Description RSA signatures are used to authenticate the source of a message. To prevent RSA signatures from being forged, messages are padded with data t...

openssl signature forgery

OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS 1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying...

FreeBSD-SA-06:19.openssl

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:19.openssl Security Advisory The FreeBSD Project Topic: Incorrect PKCS1 v1.5 padding validation in crypto3 Category: contrib Module: openssl Announced:...

openssl -- Incorrect PKCS#1 v1.5 padding validation in crypto(3)

Problem Description When verifying a PKCS1 v1.5 signature, OpenSSL ignores any bytes which follow the cryptographic hash being signed. In a valid signature there will be no such bytes. Impact OpenSSL will incorrectly report some invalid signatures as valid. When an RSA public exponent of 3 is use...

USN-339-1: OpenSSL vulnerability

Philip Mackenzie, Marius Schilder, Jason Waddle and Ben Laurie of Google Security discovered that the OpenSSL library did not sufficiently check the padding of PKCS 1 v1.5 signatures if the exponent of the public key is 3 which is widely used for CAs. This could be exploited to forge signatures...

CVE-2006-4339

OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS 1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying...

DEBIAN-CVE-2006-4339

OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS 1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying...

CVE-2006-4339

OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS 1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying...