CVE-2007-1353

CVE-2007-1353 affects the Linux kernel’s Bluetooth stack (L2CAP and HCI) and can allow a context-dependent attacker to read kernel memory via the copy_from_user call accessing an uninitialized stack buffer in the setsockopt pathway. The vulnerability is present in kernel versions prior to 2.4.34....

Microgaming Download Helper ActiveX control stack buffer overflow

Overview The Microgaming Download Helper ActiveX control contains a stack buffer overflow, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microgaming provides software for online gaming, including online casinos. The Microgaming...

Novell Groupwise WebAccess buffer overflow

Stack buffer overflow stack overrun during TCP/7205 TCP/7211 HTTP basic authentication on base64 decoding...

Novell Groupwise WebAccess Base64 Decoding Stack Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Groupwise WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists in the GWINTER.exe process bound by default on TCP ports 7205 and 7211. During the...

VCDGear畸形CUE文件处理栈缓冲区溢出漏洞

VCDGear是制作MPEG4的工具，用于将VCD影片DAT文件转换为MPEG文件。 VCDGear在处理畸形格式的CUE文档时存在缓冲区溢出漏洞，远程攻击者可能利用此漏洞通过诱使用户打开恶意文件控制用户用户机器。 如果用户使用VCDGear加载了恶意的CUE文件的话，就可能触发栈缓冲区溢出，导致在用户系统上执行任意指令。 VCDGear v3.56 build 050213 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://www.vcdgear.com/...

Aircrack-ng (airodump-ng) remote buffer overflow vulnerability

Product Name: Aircrack-ng 0.7 Vendor: http://www.aircrack-ng.org Date: 13 April, 2007 Author: Jonathan So jonny @ nop-art dot net Advisory URL: http://www.nop-art.net/advisories/airodump-ng.txt I. DESCRIPTION A buffer overflow vulnerability has been found in airodump-ng, part of the aircrack-ng...

Microsoft Windows UPnP Remote Stack Buffer Overflow Vulnerability

Description Microsoft Windows is prone to a remote stack-based buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. This occurs when handling certain HTTP requests. To exploit this issue, an attack...

More information on ZERT patch for ANI 0day

Hi, more information about the patch released April 1st can be found here: http://zert.isotf.org/ Including: 1. Technical information. 2. Why this patch was released when eeye already released a third party patch. The newly discovered zero-day vulnerability in the parsing of animated cursors is...

Corel WordPerfect Office PRS堆栈缓冲区溢出漏洞

Corel WordPerfect是一款功能强大的办公软件套件。 Corel WordPerfect X3存在堆栈缓冲区溢出，远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 Wordperfect X3不正确检查存储在Wordperfect文档中的打印机选择文件名，提交恶意文档，诱使用户访问可导致以应用程序进程权限执行任意指令。 Corel WordPerfect Office X3 13.0 .565 目前没有解决方案提供： http://www.corel.com/ / wp13exp.c - Wordperfect X3 remote exploit Proof of...

ZZIPlib / zzcat buffer overflow

Stack buffer overflow stack overrun on oversized filename...

Mercury Mail 4.0.1 (LOGIN) Remote IMAP Stack Buffer Overflow Expl

Exploit for unknown platform in category remote exploits ==================================================================== Mercury Mail 4.0.1 LOGIN Remote IMAP Stack Buffer Overflow Exploit ==================================================================== !/usr/bin/perl...

Asterisk 1.4 SIP T.38 SDP - Parsing Remote Stack Buffer Overflow (PoC) (1)

source: https://www.securityfocus.com/bid/23648/info Asterisk is prone to multiple remote stack-based buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied data before copying it to insufficiently sized buffers. Successful exploits may allow an...

MOPB-pecl.txt

?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP Project // // C Copyright 2007 Stefan...

Novell NetMail WebAdmin Username Stack Buffer Overflow (CVE-2007-1350)

Novell NetMail is an electronic mail server product that supports various email access and exchange protocols, including IMAP Internet Message Access Protocol and NMAP Network Messaging Application Protocol.WebAdmin is a browser based administrative tool used to manage NetMail...

[Full-disclosure] Mercury/32 4.01b

Attached is a remote exploit disarmed PoC for Mercury/32 4.01b IMAPD. The vulnerability is located in the call:- 034646AE call sub346ECD9 which is passes as third argument the number of bytes remaining in a stack buffer in order to construct the complete command from the continuation data. Howeve...

WebMod 0.48 (Content-Length) Remote Buffer Overflow Exploit PoC

No description provided by source. / WebMod Stack Buffer Overflow by cybermind Kevin Masterson [email protected] WebMod v0.48 exploit PoC code / include include include define WIN32LEANANDMEAN include include pragma comment lib, "ws232.lib" / local variables in connectHandle: char input; 4 char...

WebMod 0.48 (Content-Length) Remote Buffer Overflow Exploit PoC

Exploit for unknown platform in category remote exploits =============================================================== WebMod 0.48 Content-Length Remote Buffer Overflow Exploit PoC =============================================================== / WebMod Stack Buffer Overflow by cybermind Kevin...

VeriSign Managed PKI Configuration Checker ActiveX control stack buffer overflow

Overview The VeriSign Configuration Checker ActiveX control contains a stack buffer overflow, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The VeriSign Configuration Checker ActiveX control is provided by web-based digital...

Trend Micro ServerProtect fails ENG_SetRealTimeScanConfigInfo() stack buffer overflow

Overview Trend Micro ServerProtect contains a stack-based buffer overflow. Description Trend Micro ServerProtect fails to properly handle data passed to the ENGSetRealTimeScanConfigInforoutine possibly allowing a stack-based buffer overflow to occur. This overflow can be triggered by sending a...

Sybase EAServer 5.2 Remote Stack Buffer Overflow

This module exploits a stack buffer overflow in the Sybase EAServer Web Console. The offset to the SEH frame appears to change depending on what version of Java is in use by the remote server, making this exploit somewhat unreliable. This module requires Metasploit: https://metasploit.com/downloa...