There is a buffer overflow vulnerability in the Microsoft Windows Messenger service. This allows an attacker to execute arbitrary code with System privileges. The vulnerability is triggered by sending a malformed message to the vulnerable host. Manipulating the length of the packet allows portions of the heap memory to be overwritten with user defined data.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing Simple Web Server. The vulnerability is caused due to a boundary error within Simple Web Server when processing HTTP GET Request. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to the affected command. Authentication is not required to exploit this vulnerability.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing SIELCO SISTEMI Winlog when Run TCP/IP server is enabled in CONFIGURATION-OPTIONS-TCP/IP. The vulnerability is caused due to a boundary error within SIELCO SISTEMI Winlog when processing a malformed request. This can be exploited to cause a stack-based buffer overflow in Runtime.exe via a crafted 0x02 opcode packet. Authentication is not required to exploit this vulnerability.
This module exploits a buffer overflow vulnerability in the LDAP service (sidvault.exe) of the SIDVault LDAP application. The exploit triggers a stack-based buffer overflow by sending a specially crafted packet to port 389/TCP of the vulnerable system and installs an agent if successful.
Serv-U supports an FTP command, "MDTM", which is used to change a file's modification time. An internal memory buffer may be overrun while handling an malformed time zone as MDTM argument. This condition may be exploited by attackers to ultimately execute instructions with the privileges of the serv-u process, typically administrator or system. The Serv-U server will be left inaccessible after successful exploitation.
An internal memory buffer may be overrun while handling "site chmod" command with an overly long filename. This condition may be exploited by attackers to ultimately execute instructions with the privileges of the serv-u process, typically administrator or system. This bug requires the FTP user to have write privileges on at least one directory to be exploited. The Serv-U server will be left inaccessible after successful exploitation.
Subscribe to Remote