Flexense Sync Breeze Enterprise Buffer Overflow Vulnerability

Flexense Sync Breeze Enterprise is a set of file synchronization tools from Flexense Canada. The tool has features such as file management and data synchronization. A buffer overflow vulnerability exists in Flexense Sync Breeze Enterprise version 10.0.28. A remote attacker could exploit this...

Sync Breeze 10.1.16 Buffer Overflow Vulnerability

Sync Breeze version 10.1.16 is vulnerable to a buffer overflow vulnerability, which can be exploited remotely or locally to achieve arbitrary code execution. The flaw is triggered by providing a long input into the "Destination directory" path of the application. Sync Breeze 10.1.16 Buffer Overfl...

Sync Breeze Enterprise 10.0.28 - Remote Buffer Overflow (PoC)

/ Sync Breeze Enterprise BOF - Ivan Ivanovic Ivanov Иван-дурак недействительный 31337 Team / define WINSOCKDEPRECATEDNOWARNINGS define DEFAULTBUFLEN 512 include include include include DWORD SendRequestchar request, int requestsize WSADATA wsa; SOCKET s; struct sockaddrin server; char...

Sync Breeze Enterprise 10.0.28 - Remote Buffer Overflow (PoC)

Sync Breeze Enterprise 10.0.28 - Remote Buffer Overflow PoC / Sync Breeze Enterprise BOF - Ivan Ivanovic Ivanov Иван-дурак недействительный 31337 Team / define WINSOCKDEPRECATEDNOWARNINGS define DEFAULTBUFLEN 512 include include include include DWORD SendRequestchar request, int requestsize WSADA...

GHSA-Q5PQ-PGRV-FH89 dns-sync command injection vulnerability

The dns-sync module before 0.1.1 for node.js allows context-dependent attackers to execute arbitrary commands via shell metacharacters in the first argument to the resolve API function...

dns-sync command injection vulnerability

The dns-sync module before 0.1.1 for node.js allows context-dependent attackers to execute arbitrary commands via shell metacharacters in the first argument to the resolve API function...

CVE-2017-7079

An issue was discovered in certain Apple products. iTunes before 12.7 is affected. The issue involves the "Data Sync" component. It allows attackers to access iOS backups written by iTunes via a crafted app...

CVE-2017-7079

An issue was discovered in certain Apple products. iTunes before 12.7 is affected. The issue involves the "Data Sync" component. It allows attackers to access iOS backups written by iTunes via a crafted app...

Code injection

An issue was discovered in certain Apple products. iTunes before 12.7 is affected. The issue involves the "Data Sync" component. It allows attackers to access iOS backups written by iTunes via a crafted app...

CVE-2017-7079

An issue was discovered in certain Apple products. iTunes before 12.7 is affected. The issue involves the "Data Sync" component. It allows attackers to access iOS backups written by iTunes via a crafted app...

CVE-2017-7079

CVE-2017-7079 affects iTunes before 12.7 (Mac OS X), via the Data Sync component. A crafted app may enable an attacker to access iOS backups created by iTunes. The vulnerability stems from an access control issue in the Data Sync workflow, allowing partial confidentiality impact without integrity...

Sync Breeze Enterprise 10.1.16 - POST Remote Buffer Overflow

Sync Breeze Enterprise 10.1.16 - POST Remote Buffer Overflow !/usr/bin/python import socket try: print "\nSending evil buffer..." shellcode = "\xba\x31\x13\x39\xe4\xdb\xd3\xd9\x74\x24\xf4\x5e\x33\xc9\xb1" "\x52\x31\x56\x12\x03\x56\x12\x83\xdf\xef\xdb\x11\xe3\xf8\x9e"...

Sync Breeze Enterprise 10.1.16 - 'POST' Remote Buffer Overflow

!/usr/bin/python import socket try: print "\nSending evil buffer..." shellcode = "\xba\x31\x13\x39\xe4\xdb\xd3\xd9\x74\x24\xf4\x5e\x33\xc9\xb1" "\x52\x31\x56\x12\x03\x56\x12\x83\xdf\xef\xdb\x11\xe3\xf8\x9e" "\xda\x1b\xf9\xfe\x53\xfe\xc8\x3e\x07\x8b\x7b\x8f\x43\xd9\x77"...

Sync Breeze Enterprise 10.1.16 - Remote Buffer Overflow (SEH) (Metasploit)

Sync Breeze Enterprise 10.1.16 - Remote Buffer Overflow SEH Metasploit This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'SyncBreeze v10.1.16 SEH GET Overflow', 'Description' = %...

Sync Breeze Enterprise 10.1.16 SEH Overflow

!/usr/bin/env python Exploit Title : Sync Breeze Enterprise v10.1.16 0day Date : 10/11/2017 Vendor HomePage : http://www.syncbreeze.com Exploit Author : Milton Valencia wetw0rk Software : http://www.syncbreeze.com/downloads.html Version : 10.1.16 Tested on : Windows 7 x86 Description : Sync Breez...

Sync Breeze Enterprise 10.1.16 SEH Overflow Exploit

Exploit for windows platform in category remote exploits !/usr/bin/env python Exploit Title : Sync Breeze Enterprise v10.1.16 0day Date : 10/11/2017 Vendor HomePage : http://www.syncbreeze.com Exploit Author : Milton Valencia wetw0rk Software : http://www.syncbreeze.com/downloads.html Version :...

CVE-2017-14980

Buffer overflow in Sync Breeze Enterprise 10.0.28 allows remote attackers to have unspecified impact via a long username parameter to /login...

CVE-2017-14980

Buffer overflow in Sync Breeze Enterprise 10.0.28 allows remote attackers to have unspecified impact via a long username parameter to /login...

Buffer overflow

Buffer overflow in Sync Breeze Enterprise 10.0.28 allows remote attackers to have unspecified impact via a long username parameter to /login...

CVE-2017-14980

CVE-2017-14980 — Sync Breeze Enterprise vulnerable to a stack-based buffer overflow in the web login interface (Sync Breeze Enterprise 10.0.28). A remote, unauthenticated attacker can cause memory corruption and achieve remote code execution via a long username parameter to /login. Public PoCs an...