6715 matches found
Debian DSA-1137-1 : tiff - several vulnerabilities
Tavis Ormandy of the Google Security Team discovered several problems in the TIFF library. The Common Vulnerabilities and Exposures project identifies the following issues : - CVE-2006-3459 Several stack-buffer overflows have been discovered. - CVE-2006-3460 A heap overflow vulnerability in the...
IA WebMail 3.x Buffer Overflow
This exploits a stack buffer overflow in the IA WebMail server. This exploit has not been tested against a live system at this time. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'IA WebMail 3...
MaxDB WebDBM Database Parameter Overflow
This module exploits a stack buffer overflow in the MaxDB WebDBM service. By sending a specially-crafted HTTP request that contains an overly long database name. A remote attacker could overflow a buffer and execute arbitrary code on the system with privileges of the wahttp process. This module h...
GLSA-200609-13 : gzip: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200609-13 gzip: Multiple vulnerabilities Tavis Ormandy of the Google Security Team has reported multiple vulnerabilities in gzip. A stack buffer modification vulnerability was discovered in the LZH decompression code, where a...
US-CERT Vulnerability Note VU#416092
Vulnerability Note VU416092 Microsoft Internet Explorer VML stack buffer overflow Overview Microsoft Internet Explorer IE fails to properly handle Vector Markup Language tags. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. I...
McAfee Subscription Manager Stack Buffer Overflow
This module exploits a flaw in the McAfee Subscription Manager ActiveX control. Due to an unsafe use of vsprintf, it is possible to trigger a stack buffer overflow by passing a large string to one of the COM-exposed routines, such as IsAppExpired. This vulnerability was discovered by Karl Lynn of...
Microsoft IIS ISAPI w3who.dll Query String Overflow
This module exploits a stack buffer overflow in the w3who.dll ISAPI application. This vulnerability was discovered Nicolas Gregoire and this code has been successfully tested against Windows 2000 and Windows XP SP2. When exploiting Windows XP, the payload must call RevertToSelf before it will be...
MS01-033 Microsoft IIS 5.0 IDQ Path Overflow
This module exploits a stack buffer overflow in the IDQ ISAPI handler for Microsoft Index Server. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MS01-033 Microsoft IIS 5.0 IDQ Path Overflow',...
Kerio Firewall 2.1.4 Authentication Packet Overflow
This module exploits a stack buffer overflow in Kerio Personal Firewall administration authentication process. This module has only been tested against Kerio Personal Firewall 2 2.1.4. This module requires Metasploit: https://metasploit.com/download Current source:...
FutureSoft TFTP Server 2000 Transfer-Mode Overflow
This module exploits a stack buffer overflow in the FutureSoft TFTP Server 2000 product. By sending an overly long transfer-mode string, we were able to overwrite both the SEH and the saved EIP. A subsequent write-exception that will occur allows the transferring of execution to our shellcode via...
eIQNetworks ESA License Manager LICMGR_ADDLICENSE Overflow
This module exploits a stack buffer overflow in eIQnetworks Enterprise Security Analyzer. During the processing of long arguments to the LICMGRADDLICENSE command, a stack-based buffer overflow occurs. This module has only been tested against ESA v2.1.13. This module requires Metasploit:...
eIQNetworks ESA Topology DELETEDEVICE Overflow
This module exploits a stack buffer overflow in eIQnetworks Enterprise Security Analyzer. During the processing of long arguments to the DELETEDEVICE command in the Topology server, a stack-based buffer overflow occurs. This module has only been tested against ESA v2.1.13. This module requires...
Ipswitch IMail SMTP Server code execution
Stack buffer overflow on oversized hostname string within characters '@' and ':'...
MS04-011 Microsoft LSASS Service DsRolerUpgradeDownlevelServer Overflow
This module exploits a stack buffer overflow in the LSASS service, this vulnerability was originally found by eEye. When re-exploiting a Windows XP system, you will need need to run this module twice. DCERPC request fragmentation can be performed by setting 'FragSize' parameter. This module...
libTIFF: Multiple vulnerabilities
Background libTIFF provides support for reading and manipulating TIFF images. Description Tavis Ormandy of the Google Security Team discovered several heap and stack buffer overflows and other flaws in libTIFF. The affected parts include the TIFFFetchShortPair, TIFFScanLineSize and...
[SECURITY] [DSA 1137-1] New tiff packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 1137-1 [email protected] http://www.debian.org/security/ Martin Schulze August 2nd, 2006 http://www.debian.org/security/faq -...
DSA-1137-1 tiff - several vulnerabilities
Bulletin has no description...
CVE-2006-3600
Multiple stack-based buffer overflows in the LookupTRM::lookup function in libtunepimp TunePimp 0.4.2 allow remote user-assisted attackers to cause a denial of service application crash and possibly execute code via a long 1 Album release date MBEReleaseGetDate, 2 data, or 3 error strings...
Microsoft Excel 2003 - Hlink Stack Buffer Overflow (SEH)
Microsoft Excel 2003 - Hlink Stack Buffer Overflow SEH !perl "Microsoft Office Excel 2003" Hlink Stack/SEH Overflow Exploit Author: Manuel Santamarina Suarez The vulnerability was discovered by 'kcope'. First click on the link and then on the "Yes" button to cause the stack overflow. fixed...
MS06-025 Microsoft RRAS Service RASMAN Registry Overflow
This module exploits a registry-based stack buffer overflow in the Windows Routing and Remote Access Service. Since the service is hosted inside svchost.exe, a failed exploit attempt can cause other system services to fail as well. A valid username and password is required to exploit this flaw on...