This Metasploit module exploits a stack-based buffer overflow in versions 1.2 through 1.3.0 of ProFTPD server. The vulnerability is within the "sreplace" function within the "src/support.c" file. The off-by-one heap overflow bug in the ProFTPD sreplace function has been discovered about 2 (two) years ago by Evgeny Legerov.
41d4996163aa5db3c1f65003fa4feea5044edfa1112cac105c463346d43f029bHelix Server version 11.1.2 suffers from a remote heap overflow vulnerability that allows a remote attacker to gain root privileges. Proof of concept exploit included.
20b0284d9e9d99fca43d85291edbe9351bd0685595b37229833f630cb7c7d7abKerio MailServer version 6.2.2 preauth remote denial of service exploit.
06693eabdbec0e07d5c362d68827a5701df047b339ad16062f4a59c06535f14bTwo vulnerabilities in F-Prot Antivirus version 4.6.6 for Unix platforms could allow a remote attacker to cause a denial of service or execute arbitrary code. Exploit included.
226cbefa040587fac72452eb5aa3327444b503a468263378f2fc442655fea874A remote buffer overflow vulnerability has been found in mod_tls module of ProFTPD server. The vulnerability could allow a remote un-authenticated attacker to gain root privileges. All versions including 1.3.0a are affected.
180db6a4b1b074c7ba9c0cbafa633c372cb43221e144a3f006a87b5cc1661238A remotely exploitable stack overflow vulnerability has been found in ProFTPD server. The vulnerability allows a remote authenticated attacker to gain root privileges. Versions below 1.3.0a are affected. Exploit included.
44821edac050385c866aa37abb8d208e6502ac703ffe9cb2ac41fc9b5ad38c8bThis VulnDisco Packet for Metasploit 2.7 has the following zero day exploits: vd_ldapinfo.pm - [0day] Query info from LDAP server, vd_xlink.pm - [0day] Omni-NFS Enterprise remote exploit, vd_openldap.pm - [0day] OpenLDAP denial of service exploit.
bf1ddad6f404b81910e06f6d100945a2cbfe7b3a7306053e77c44e423bfaf932FreeBSD Security Advisory FreeBSD-SA-06:10.nfs - A part of the NFS server code charged with handling incoming RPC messages via TCP had an error which, when the server received a message with a zero-length payload, would cause a NULL pointer dereference which results in a kernel panic. The kernel will only process the RPC messages if a userland nfsd daemon is running.
8712b0c54e6195379a38f208914e6b31aecb2b2ca2355a6a67d8db63219f7a5eProtoVer LDAP testsuite v1.5 uncovered a critical Denial of Service vulnerability in the LDAP component of CommuniGate Pro Server 5.0.7
72f0dc93924f0caf6e6caff4898b2315178b8cc674f4b9b2f52392827b82bd6dCommuniGate version 5.0.6 LDAP vulnerability exploit.
658773f0490e5d4c3a8255d41a1f2903010a94e71c4893ca3e135b3b5b976345S-Quadra Advisory #2004-03-15 - ModSecurity 1.7.4 for the Apache 2.x webserver series is vulnerable to a remote off-by-one overflow that allows for arbitrary code execution. Version 1.7.5 has been released to address this issue.
46914b1d1e2b2200f173555807ff77394e863e8d79257fe7862682dac2771be0S-Quadra Advisory #2003-11-26 - FreeRADIUS version 0.9.3 and below suffers from a stack overflow in the rlm_smb module. Successful exploitation of the vulnerability leads to code execution abilities as root.
986f4ddf02645e0675d8de23c83f5150b4fe80517b2215a3c1ec52ab1b89b1b1S-Quadra Advisory #2003-11-24 - Monit version 4.1 is susceptible to a denial of service via a negative Content-length field and is also vulnerable to a stack overflow when accepting long HTTP requests.
640b7a1304c873c6888f2e239b9dd442a50d1a7bfc300a638ff7e843e49e4c1dFreeRADIUS versions 0.9.2 and below have a tunnel-password attribute handling vulnerability. When a malformed attribute trigger gets passed, the server invokes memcpy() with a negative third argument, causing a crash.
1dadd2e3ca40a13e9ce1eb8ddd2ae503f4b94a7f5a399a92dc7c8e84b1a03849
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed