NTP 'ntpd' Autokey栈缓冲区溢出漏洞

Bugraq ID: 35017 CVE ID：CVE-2009-1252 CNCVE ID：CNCVE-20091252 NTP Network Time Protocol是一款客户端用于与时间服务器同步日期和时间的协议。 NTPd在以OpenSSL支持的情况下编译时存在栈缓冲区溢出，远程攻击者可以利用漏洞以应用程序权限执行任意指令。 ntpd/ntpcrypto.c中cryptorecv函数使用sprintf存在缓冲区溢出，此漏洞需要配置使用autokey才会触发ntpd配置使用公钥加密进行NTP报文验证。远程未授权攻击者可以以ntpd守护程序权限执行任意代码。 Ubuntu...

Microsoft PowerPoint Data Out of Bounds Stack Buffer Overflow (MS09-017; CVE-2009-1128; CVE-2009-1131)

Microsoft PowerPoint is a popular graphics software for preparing slides and presentations. A stack buffer overflow vulnerability has been identified in Microsoft PowerPoint. The vulnerability is due to a memory corruption error in Microsoft PowerPoint when reading data that is too large from...

ntp -- stack-based buffer overflow

US-CERT reports: ntpd contains a stack buffer overflow which may allow a remote unauthenticated attacker to execute arbitrary code on a vulnerable system or create a denial of service...

FreeBSD : libxml2 stack buffer overflow in URI parsing (847ade05-6717-11d8-b321-000a95bc6fae)

Yuuichi Teranishi reported a crash in libxml2's URI handling when a long URL is supplied. The implementation in nanohttp.c and nanoftp.c uses a 4K stack buffer, and longer URLs will overwrite the stack. This could result in denial-of-service or arbitrary code execution in applications using libxm...

Ubuntu 8.04 LTS : firefox-3.0, xulrunner-1.9 regression (USN-645-3)

USN-645-1 fixed vulnerabilities in Firefox and xulrunner. The upstream patches introduced a regression in the saved password handling. While password data was not lost, if a user had saved any passwords with non-ASCII characters, Firefox could not access the password database. This update fixes t...

Elecard AVC HD Player .XPL Stack Buffer Overflow (SEH) PoC

No description provided by source. /ELECARD AVC HD PLAYER STACK BUFFER OVERFLOW SEH OVERWRITE Name: elecard.c CREDITS: the one and only fl0 fl0w 004533AE . F3:A5 REP MOVS DWORD PTR ES:EDI,DWORD PTR DS SEH chain of main thread Address SE handler 0012CB54 FFFFFFFF Open in debugger and you'll see SE...

iDefense Security Advisory 04.15.09: Microsoft WordPad Word97 Converter Stack Buffer Overflow Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDefense Security Advisory 04.14.09 http://labs.idefense.com/intelligence/vulnerabilities/ Apr 14, 2009 I. BACKGROUND WordPad is a word processing application included with Microsoft Windows. The Word97 converter is used to convert Word97 format...

Elecard AVC HD Player - .XPL Stack Buffer Overflow (SEH) (PoC)

Elecard AVC HD Player - .XPL Stack Buffer Overflow SEH PoC /ELECARD AVC HD PLAYER STACK BUFFER OVERFLOW SEH OVERWRITE Name: elecard.c CREDITS: the one and only fl0 fl0w 004533AE . F3:A5 REP MOVS DWORD PTR ES:EDI,DWORD PTR DS SEH chain of main thread Address SE handler 0012CB54 FFFFFFFF Open in...

Microsoft Whale Intelligent Application Gateway ActiveX Control Buffer Overflow

This module exploits a stack buffer overflow in Microsoft Whale Intelligent Application Gateway Whale Client. When sending an overly long string to CheckForUpdates method of WhlMgr.dll 3.1.502.64 an attacker may be able to execute arbitrary code. This module requires Metasploit:...

Microsoft Whale Intelligent Application Gateway Whale Client Components ActiveX control stack buffer overflows

Overview The Microsoft Whale Intelligent Application Gateway Whale Client Components ActiveX control contains multiple stack buffer overflows, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Whale Communications Intelligent...

Xilisoft Video Converter Wizard 3 - '.cue' Stack Buffer Overflow (PoC)

/ ---------------------------------------------------------------------------------------- Xilisoft Video Converter Wizard 3 .CUE File Stack Buffer Overflow POC name: xilisoft.cpp Credits : fl0 fl0w ---------------------------------------------------------------------------------------- ScreanSho...

Xilisoft Video Converter Wizard 3 .CUE File Stack Buffer Overflow PoC

Exploit for unknown platform in category dos / poc ===================================================================== Xilisoft Video Converter Wizard 3 .CUE File Stack Buffer Overflow PoC ===================================================================== /...

Xilisoft Video Converter Wizard Overflow

/ ---------------------------------------------------------------------------------------- Xilisoft Video Converter Wizard 3 .CUE File Stack Buffer Overflow POC name: xilisoft.cpp Credits : fl0 fl0w ---------------------------------------------------------------------------------------- ScreanSho...

Mandriva Update for krb5 MDKSA-2007:174 (krb5)

Check for the Version of krb5 OpenVAS Vulnerability Test Mandriva Update for krb5 MDKSA-2007:174 krb5 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

Mandriva Update for krb5 MDKSA-2007:137 (krb5)

Check for the Version of krb5 OpenVAS Vulnerability Test Mandriva Update for krb5 MDKSA-2007:137 krb5 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

Mandriva Update for krb5 MDKSA-2007:137 (krb5)

Check for the Version of krb5 OpenVAS Vulnerability Test Mandriva Update for krb5 MDKSA-2007:137 krb5 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

Mandriva Update for krb5 MDKSA-2007:174-1 (krb5)

Check for the Version of krb5 OpenVAS Vulnerability Test Mandriva Update for krb5 MDKSA-2007:174-1 krb5 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Mandriva Update for krb5 MDKSA-2007:174-1 (krb5)

Check for the Version of krb5 OpenVAS Vulnerability Test Mandriva Update for krb5 MDKSA-2007:174-1 krb5 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Mandriva Update for samba MDKSA-2007:244 (samba)

Check for the Version of samba OpenVAS Vulnerability Test Mandriva Update for samba MDKSA-2007:244 samba Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Mandriva Update for krb5 MDKSA-2007:174 (krb5)

Check for the Version of krb5 OpenVAS Vulnerability Test Mandriva Update for krb5 MDKSA-2007:174 krb5 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...