EUVD-2008-0388

Malware in sbrugna...

SocksCap主机名解析远程栈溢出漏洞

BUGTRAQ ID: 27357 SocksCap是NEC公司开发的一个免费软件，允许某些没有提供代理设置的客户端软件连接Internet。 SocksCap在解析远程资源的主机名时存在栈溢出漏洞，远程攻击者可能利用此漏洞控制用户系统。 如果主机名大于692字节的话，就可能触发这个溢出，导致执行任意指令。成功攻击要求打开了Resolve all names remotely选项。 NEC SocksCap = 2.40-051231 NEC --- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://socks.nec.com/...

CVE-2008-0378

Stack-based buffer overflow in SocksCap 2.40-051231 and earlier, when "Resolve all names remotely" is enabled, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long hostname...

Stack overflow

Stack-based buffer overflow in SocksCap 2.40-051231 and earlier, when "Resolve all names remotely" is enabled, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long hostname...

CVE-2008-0378

CVE-2008-0378 affects SocksCap 2.40-051231 and earlier. Reported as a stack-based buffer overflow when “Resolve all names remotely” is enabled, allowing remote attackers to crash the application and potentially execute arbitrary code via a long hostname. The vulnerability is documented across mul...

CVE-2008-0378

Stack-based buffer overflow in SocksCap 2.40-051231 and earlier, when "Resolve all names remotely" is enabled, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long hostname...

SocksCAP buffer overflow

Buffer overflow on oversized host name...

SocksCap Stack Overflow (<= 2.40-051231)

ITDEFENCE.ru Security Advisory SocksCap Stack Overflow Verisons = 2.40-051231. No length check in hostname during resolving of remote resourse. If the hostsname's name is more then 692 bytes, failure of a stack is possible. Works if name resolution Resolve all names remotely option is turned on...