The Palace 3.x (Client) Stack Overflow Vulnerability

The Palace 3.x Client Stack Overflow Vulnerability Credit: Author : Peter Winter-Smith Software: Packages : The Palace 3.5 Client Version : 3.5 and below Vendor : 'Copyright © 1996-2000 Communities.com' Vendor Url : http://www.thepalace.com/ Vulnerability: Bug Type : Stack-based Buffer Overflow...

CVE-2004-2131

Stack-based buffer overflow in ontape for IBM Informix Dynamic Server IDS 9.40.xC3 and earlier allows local users, with DSA privileges, to execute arbitrary code via a long ONCONFIG environment variable...

Webcam Watchdog Stack Overflow Vulnerability

Webcam Watchdog Stack Overflow Vulnerability Credit: Author : Peter Winter-Smith Software: Packages : Webcam Watchdog Version : 3.63 and below Vendor : Webcam Corp. Vendor Url : http://www.webcamsoft.com/en/watchdog.html Vulnerability: Bug Type : Stack-based Buffer Overflow Severity : Highly...

Jordan's Windows Telnet Server Password Handling Remote Overflow

According to its banner, the version of Jordan's Windows Telnet Server running on the remote host has a stack-based buffer overflow vulnerability in the login procedure. A remote attacker could exploit this to crash the service, or execute arbitrary code. C Tenable Network Security, Inc...

CVE-2003-1445

Stack-based buffer overflow in Far Manager 1.70beta1 and earlier allows local users to cause a denial of service crash and possibly execute arbitrary code via a long pathname...

CVE-2003-1322

Multiple stack-based buffer overflows in Atrium MERCUR IMAPD in MERCUR Mailserver before 4.2.15.0 allow remote attackers to execute arbitrary code via a long 1 EXAMINE, 2 DELETE, 3 SUBSCRIBE, 4 RENAME, 5 UNSUBSCRIBE, 6 LIST, 7 LSUB, 8 STATUS, 9 LOGIN, 10 CREATE, or 11 SELECT command...

CVE-2003-1200

Stack-based buffer overflow in FORM2RAW.exe in Alt-N MDaemon 6.5.2 through 6.8.5 allows remote attackers to execute arbitrary code via a long From parameter to Form2Raw.cgi...

CVE-2003-0812

Stack-based buffer overflow in a logging function for Windows Workstation Service WKSSVC.DLL allows remote attackers to execute arbitrary code via RPC calls that cause long entries to be written to a debug log file "NetSetup.LOG", as demonstrated using the NetAddAlternateComputerName API...

CVE-2003-0955

OpenBSD kernel 3.3 and 3.4 allows local users to cause a denial of service kernel panic and possibly execute arbitrary code in 3.4 via a program with an invalid header that is not properly handled by 1 ibcs2exec.c in the iBCS2 emulation compatibcs2 or 2 execelf.c, which leads to a stack-based...

CVE-2003-0542

Multiple stack-based buffer overflows in 1 modalias and 2 modrewrite for Apache before 1.3.29 allow attackers to create configuration files to cause a denial of service crash or execute arbitrary code via a regular expression with more than 9 captures...

CVE-2003-0842

Stack-based buffer overflow in modgzipprintf for modgzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode, allows remote attackers to execute arbitrary code via a long filename in a GET request with an "Accept-Encoding: gzip" header...

CVE-2003-0836

CVE-2003-0836 concerns IBM DB2 Universal Database: a stack-based buffer overflow in the LOAD command. Affected versions are DB2 UDB v7.2 before Fixpak 10/10a and v8.1 before Fixpak 2. An attacker with Connect privileges can execute arbitrary code. IBM fixed the issue via Fixpak 10/10a for v7.2 an...

CVE-2003-0837

IBM DB2 Universal Database 7.2 for Windows is vulnerable to a stack-based buffer overflow in the INVOKE command (DARI). The issue allows an attacker with Connect privileges to execute arbitrary code on the affected system. The vulnerability affects Windows-specific code in v7.2 and was addressed ...

CVE-2003-0833

Stack-based buffer overflow in webfs before 1.20 allows attackers to execute arbitrary code by creating directories that result in a long pathname...

CVE-2003-0634

Stack-based buffer overflow in the PL/SQL EXTPROC functionality for Oracle9i Database Release 2 and 1, and Oracle 8i, allows authenticated database users, and arbitrary database users in some cases, to execute arbitrary code via a long library name...

CVE-2003-0609

Stack-based buffer overflow in the runtime linker, ld.so.1, on Solaris 2.6 through 9 allows local users to gain root privileges via a long LDPRELOAD environment variable...

CVE-2003-0634

Stack-based buffer overflow in the PL/SQL EXTPROC functionality for Oracle9i Database Release 2 and 1, and Oracle 8i, allows authenticated database users, and arbitrary database users in some cases, to execute arbitrary code via a long library name...

CVE-2003-0026

Multiple stack-based buffer overflows in the error handling routines of the minires library, as used in the NSUPDATE capability for ISC DHCPD 3.0 through 3.0.1RC10, allow remote attackers to execute arbitrary code via a DHCP message containing a long hostname...

Ntop -w remote exploit

Problem: ntop has a stack-based BOF when it's requested too long filename. 2. Tested Version ntop-1.2a1 I only tested this version. 3. Example 1. first run ntop -w 8080 2. run this script $ printf "GET /perl -e 'print "A"x240'rnrn" |nc localhost 8080 3. the ntop goes seg. fault. $ ntop -w 8080...