D-Link TFTP Server 1.0 allows remote attackers to cause a buffer overflow via a long GET request, which triggers the vulnerability.
When the option imapmagicplus is activated on a Cyrus IMAP server the PROXY and LOGIN commands suffer a standard stack overflow, because the username is not checked against a maximum length when it is copied into a temporary stack buffer. This bug is exploited by this module to install an agent. Cyrus 2.2.8 and prior are vulnerable.
CVS is prone to a remote heap overflow vulnerability during the handling of user-supplied input for entry lines with 'modified' and 'unchanged' flags.
By sending a malformed 'Directory' request it is possible to create a condition where free() is called on memory that is still in use. This can result in an exploitable condition when free() is called on the memory chunk a second time.
This module exploits a buffer overflow vulnerability in CoDeSys SCADA webserver. This vulnerability can be exploited remotely by sending a specially crafted packet to port 8080.
This module exploits a remote buffer overflow in the streamprocess.exe service included in the Citrix Provisioning Services application by sending a malformed packet to the 6905/UDP port.
This module exploits a remote buffer overflow in the streamprocess.exe service included in the Citrix Provisioning Services application by sending a malformed packet to the 6905/UDP port.
This module exploits a vulnerability in Citrix NetScaler server. Citrix NetScaler is prone to a memory-corruption vulnerability when handling certain SOAP requests.
An overly long packet content directly overwrites the SEH handler for the frame allowing for control over EIP. After successful exploitation an agent will be installed.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco Secure ACS UCP. The vulnerability is caused due to a boundary error within Cisco Secure ACS UCP when processing passwords with CSuserCGI.exe vulnerable module. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to this module.