what you don't know can hurt you

Register | Login

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 1 of 1

Files

Zero Day Initiative Advisory 10-247: Posted Nov 10, 2010; Authored by Tipping Point | Site zerodayinitiative.com; Zero Day Initiative Advisory 10-247 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Groupwise. Authentication is not required to exploit this vulnerability. The specific flaw exists in a function responsible for assembling an HTTP response. The following modules implement this functionality: gwpoa.exe, gwmta.exe, gwia.exe. When responding to an HTTP request sent to TCP port 7101 or 7100 or in the case of gwia.exe the user configured "Message Transfer Port", the process uses the client-specified "Host: " header to create an HTTP 301 redirection message. Within this code a local stack buffer is used to store the redirect location and can be overflown with a sufficiently long header value. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user.; tags | advisory, remote, web, overflow, arbitrary, local, tcp; SHA-256 | 6d81201963cc0bf9ce5b56242c8003b55725876fdbc630174972e531c3dd5875; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 232 files
Ubuntu 59 files
Debian 27 files
Valentin Lobstein 11 files
LiquidWorm 11 files
nu11secur1ty 9 files
Apple 6 files
Milad Karimi 5 files
Google Security Research 5 files
Yevhenii Butenko 4 files

Recent News

Google Patches Critical Chrome Vulnerability: Posted Apr 24, 2024; tags | headline, flaw, google, patch, chrome; Favorite | View

Hackers Are Using Developing Countries For Ransomware Practice: Posted Apr 24, 2024; tags | headline, hacker, malware, cybercrime, fraud, cryptography; Favorite | View

Authorities Investigate LabHost Users After Phishing Service Shutdown: Posted Apr 23, 2024; tags | headline, cybercrime, fraud, phish; Favorite | View

Windows Vulnerability Reported By The NSA Exploited To Install Russian Malware: Posted Apr 23, 2024; tags | headline, government, microsoft, usa, russia, flaw, cyberwar, spyware, nsa; Favorite | View

UnitedHealth Admits Breach Could Cover Substantial Proportion Of People In America: Posted Apr 23, 2024; tags | headline, hacker, privacy, data loss; Favorite | View

Microsoft DRM Hack Could Allow Movie Downloads From Streaming: Posted Apr 23, 2024; tags | headline, microsoft, flaw, pirate; Favorite | View

Over A Million Neighbourhood Watch Members Exposed: Posted Apr 23, 2024; tags | headline, privacy, britain, data loss; Favorite | View

MITRE Hacked By State Sponsored Group Via Ivanti Zero Days: Posted Apr 23, 2024; tags | headline, hacker, government; Favorite | View

Russia's Sandworm APT Linked To Attack On Texas Water Plant: Posted Apr 18, 2024; tags | headline, malware, usa, russia, cyberwar, scada; Favorite | View

EU Tells Meta It Can't Paywall Privacy: Posted Apr 18, 2024; tags | headline, government, privacy, facebook, social; Favorite | View

View More News →

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links: News by Month; News Tags; Files by Month; File Tags; File Directory

About Us: History & Purpose; Contact Information; Terms of Service; Privacy Statement; Copyright Information

Services: Security Services
Hosting By: Rokasec