Hewlett Packard Enterprise Data Protector EXEC_BAR Domain Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Data Protector. Authentication is not required to exploit this vulnerability. The specific flaw exists within OmniInet.exe which listens by default on TCP port 5555. When...

Through the ELF dynamic loading of the structure ROP chain Return-to-dl-resolve-the vulnerability warning-the black bar safety net

Play CTF game stick have know that PWN type of vulnerability topic will generally provide an executable program, and provide program run dynamically link the libc library. By the libc. so you can get the library function of the offset address, combined with the leak GOT the table in the libc...

(Pwn2Own) Adobe Flash JPEG-XR Parsing Stack Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

FreeBSD : pcre -- stack buffer overflow (7033b42d-ef09-11e5-b766-14dae9d210b8)

Philip Hazel reports : PCRE does not validate that handling the ACCEPT verb will occur within the bounds of the cworkspace stack buffer, leading to a stack buffer overflow. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...

Sysax Multi Server 6.50 - HTTP File Share Overflow Remote Code Execution (SEH)

Exploit Title: Sysax Multi Server 6.50 HTTP File Share SEH Overflow RCE Exploit Date: 03/21/2016 Exploit Author: Paul Purcell Contact: ptpxploit at gmail Vendor Homepage: http://www.sysax.com/ Vulnerable Version Download: http://download.cnet.com/Sysax-Multi-Server/3000-21604-76171493.html 6.50 a...

Solarwinds Dameware Remote Mini Controller dwmrcs Daemon Buffer Overflow Vulnerability

Solarwinds Dameware Remote Mini Controller is a suite of remote control software for laptops and servers that provides remote desktop access and screen sharing capabilities. A stack buffer overflow vulnerability in the dwrcs.exe file in the dwmrcs daemon of the Solarwinds Dameware Remote Mini...

The vulnerability of the IBM Tivoli Storage Manager FastBack data management software allows a hacker to trigger a service failure.

The vulnerability of the IBM Tivoli Storage Manager FastBack data management program arises due to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker, operating remotely, to cause a service failure...

Netwrix Auditor 7.1.322.0 - ActiveX 'sourceFile' Stack Buffer Overflow

Netwrix Auditor 7.1.322.0 ActiveX sourceFile Stack Buffer Overflow Vulnerability Vendor: Netwrix Corporation Product web page: http://www.netwrix.com Affected version: 7.1 Build 322 Summary: Netwrix Auditor is an IT audit software that maximizes visibility of IT infrastructure changes and data...

Netwrix Auditor 7.1.322.0 ActiveX (sourceFile) Stack Buffer Overflow

Netwrix Auditor 7.1.322.0 ActiveX sourceFile Stack Buffer Overflow Vulnerability Vendor: Netwrix Corporation Product web page: http://www.netwrix.com Affected version: 7.1 Build 322 Summary: Netwrix Auditor is an IT audit software that maximizes visibility of IT infrastructure changes and data...

Netwrix Auditor 7.1.322.0 ActiveX (sourceFile) Stack Buffer Overflow Vulnerability

Summary Netwrix Auditor is an IT audit software that maximizes visibility of IT infrastructure changes and data access. The product provides actionable audit data about who changed what, when and where and who has access to what. Description The application suffers from a stack-based buffer...

Putty pscp 0.66 - Stack Buffer Overwrite

Putty pscp 0.66 - Stack Buffer Overwrite Source: https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-2563 Author: Date: Feb 20th, 2016 Name: putty Vendor: sgtatham - http://www.chiark.greenend.org.uk/sgtatham/putty/ Version: 0.59 3 9 years ago = affected = 0.66 Platforms: win/nix Technolog...

Putty pscp 0.66 - Stack Buffer Overwrite

Source: https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-2563 Author: Date: Feb 20th, 2016 Name: putty Vendor: sgtatham - http://www.chiark.greenend.org.uk/sgtatham/putty/ Version: 0.59 3 9 years ago = affected = 0.66 Platforms: win/nix Technology: c Vuln Classes: stack buffer overwrite...

Putty pscp 0.66 - Stack Buffer Overwrite

Exploit for multiple platform in category dos / poc Source: https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-2563 Author: Date: Feb 20th, 2016 Name: putty Vendor: sgtatham - http://www.chiark.greenend.org.uk/sgtatham/putty/ Version: 0.59 3 9 years ago = affected = 0.66 Platforms: win/ni...

Internet Bug Bounty: putty pscp client-side post-auth stack buffer overwrite when processing remote file size

Not sure if this will qualify but it may impact a pretty broad audience given the fact that putty code is part of many other apps filezilla, ... and it is the defacto standalone ssh client for windows administrators besides openssh cygwin putty = 0.66; affects putty versions dating back 9 years...

The vulnerability of the Oracle Fusion Middleware software platform, which allows a perpetrator to trigger a service failure

The vulnerability of the Oracle Outside In Technology component of the Oracle Fusion Middleware software is caused by a buffer overflow in the stack. Exploiting this vulnerability allows an attacker to cause a service failure using a specially created Paradox DB file...

Debian DLA-441-1 : pcre3 security update

HP's Zero Day Initiative has identified a vulnerability affecting the pcre3 package. It was assigned ZDI id ZDI-CAN-3542. A CVE identifier has not been assigned yet. PCRE Regular Expression Compilation Stack Buffer Overflow Remote Code Execution Vulnerability. PCRE did not validate that handling...

PHP < 5.4.43, 5.5.x < 5.5.27, 5.6.x < 5.6.11 Multiple Vulnerabilities (Mar 2016) - Linux

PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

VMware ESXi updates address a critical glibc security vulnerability (VMSA-2016-0002)

VMware product updates address a critical glibc security vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

glibc - getaddrinfo Stack Based Buffer Overflow (1)

Exploit for linux platform in category dos / poc Sources: https://googleonlinesecurity.blogspot.sg/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html https://github.com/fjserna/CVE-2015-7547 Technical information: glibc reserves 2048 bytes in the stack through alloca for the DNS answer at...

glibc - &#039;getaddrinfo&#039; Stack Buffer Overflow (PoC)

Sources: https://googleonlinesecurity.blogspot.sg/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html https://github.com/fjserna/CVE-2015-7547 Technical information: glibc reserves 2048 bytes in the stack through alloca for the DNS answer at nssdnsgethostbyname4r for hosting responses to a DNS...