A boundary error exists in the HTTP Protocol Stack (httpstk) component of iMonitor within the "BuildRedirectURL()" function when processing "Host" HTTP headers. This can be exploited to cause a stack-based buffer overflow via a specially crafted request with an overly long "Host" header.
This vulnerability allows remote attackers to execute arbitrary code on installations of Net Transport Server, which can be exploited by malicious people to compromise a vulnerable system. Net Transport is prone to a stack-based buffer-overflow vulnerability that occurs because it fails to perform adequate boundary checks on user-supplied data.
An internal memory buffer may be overrun while handling long "USER" command. This condition may be exploited by attackers to ultimately execute instructions with the privileges of the NetTerm NetFTPD.exe process. FreeFTPD will be left inaccessible after successful exploitation.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing Netmechanica NetDecision HTTP Server. A buffer overflow in NetDecision's HTTP service is exploited when a long URL is managed by the HTTP Server's active window. For successfull exploitation, the victim need to have the HttpSvr's window open. Authentication is not required to exploit this vulnerability.
Network Dynamic Data Exchange (NetDDE) services for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to remotely execute arbitrary code or locally gain privileges via a malicious message or application that involves an "unchecked buffer", possibly a buffer overflow.
Subscribe to Windows