Multiple stack-based buffer overflows in the Command Line Interface process in the Server Agent in EMC AlphaStor 3.1 for Windows allow remote attackers to execute arbitrary code via crafted TCP packets to port 41025.
This module exploits a specific flaw in the Hewlett-Packard Graphics Language
filter. Inadequate bounds checking on the pen width and pen color
opcodes result in an arbitrary memory overwrite allowing for the
execution of arbitrary code as the "hgltops" process uid.
-Linux Support added
filter. Inadequate bounds checking on the pen width and pen color
opcodes result in an arbitrary memory overwrite allowing for the
execution of arbitrary code as the "hgltops" process uid.
-Linux Support added
OpenBSD's PF is prone to a remote denial-of-service vulnerability.
Exploiting this issue allows remote attackers to cause a kernel panic on affected computers, denying further service to legitimate users.
Exploiting this issue allows remote attackers to cause a kernel panic on affected computers, denying further service to legitimate users.
D-Link TFTP Server 1.0 allows remote attackers to cause a buffer overflow via a long GET request, which triggers the vulnerability.
This module exploits a vulnerability in Apple CUPS, when handling the IPP_TAG_UNSUPPORTED which could be exploited by attackers to cause a remote pre-authentication denial of service.
A boundary error can be exploited to cause a stack-based buffer overflow by sending a specially crafted GET HTTP request with an overly long path to the web server.
This module exploits a vulnerability in XBMC by sending a specially crafted, overly long HTTP GET request to the application's web server which causes a stack-based buffer overflow, allowing arbitrary code execution.
The UPS management software contains a built-in web server which allows for remote management of the UPS. The management interface is protected by a username and password and the authentication is performed via Basic authentication. There is a small stack-based overflow in the base64 decoding routine which handles the Basic authentication data.
This module exploits an integer underflow on "SSDP Discovery Service" Windows service through HTTP response.
WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations.
Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.
WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations.
Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.
A remote user of vulnerable installations of Easy Chat Server can send a specially crafted password parameter to chat.ghp to trigger a buffer overflow and execute arbitrary code on the target system.