The OpenBSD IPv6 Stack is vulnerable to a buffer overflow that allows an attacker to run arbitrary code as kernel. This bug can be exploited remotely. The attack must be issued from the same local net of the target host. If the attack is used more than once, it may crash the target host.
This module exploits a buffer overflow vulnerability in the database service (ibserver.exe) of the Borland InterBase 2007 application. The exploit triggers an integer overflow and can cause a stack-based buffer overflow by sending a specially crafted packet to port 3050/TCP of the vulnerable system and installs an agent if successful.
This module exploits a buffer overflow vulnerability in the database service (ibserver.exe) of the Borland InterBase application. The exploit triggers a stack-based buffer overflow by sending a specially crafted "create" request to port 3050/TCP of the vulnerable system and installs an agent if successful.
This vulnerability allows remote attackers to execute arbitrary code on installations of Bopup Communications Server, which can be exploited by malicious people to compromise a vulnerable system. Bopup Communications Server is prone to a buffer-overflow vulnerability when handling a large amount of data, this can trigger an overflow in a finite-sized internal memory buffer.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing Blue Coat. The vulnerability is caused due to a boundary error in bcaaa-130.exe when processing an overly long command. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to the affected command.
A routine within the Protocol Analysis Module component that monitors ICQ server responses (used in all current ISS host, server, and network device solutions), contains a series of stack based buffer overflow vulnerabilities.
This module exploits a nameserver vulnerability that occurs when processing a maliciously crafted T_NXT resource record received in a DNS reply message. After successful exploitation, an agent will be deployed. This agent will inherit the user identity and capabilities of the abused service, usually those of the user used to run the bind daemon. However, the uid (as opposite to the euid) of the agent will be that of the super user in most cases (usually '0'). Note that the deployed might be running in a chroot jail. This situation doesn't prevent the agent to be used, and after setting the user id to that of the super user, the chroot breaker module (see "chroot breaker" module documentation) can be used to escape the chroot jail.
Subscribe to Impact