what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

Skyworth GPON HomeGateways / Optical Network Stack Overflow
Posted Feb 11, 2019
Authored by Kaustubh G. Padwad

A stack overflow vulnerability has been identified in multiple Skyworth GPON HomeGateways and Optical Network terminals. Affected products include 1.DT741 Converged Intelligent Terminal (G/EPON+IPTV), 2.DT741 Converged Intelligent Terminal (G/EPON+IPTV), 3.DT721-cb GPON uplink home gateway (GPON+2FE+1POTS), 4.DT721-cb GPON Uplink Home Gateway (GPON+2FE+1POTS), 5.DT741-cb GPON uplink home gateway (GPON+4FE+1POTS+WIFI+USB), 6.DT741-cb GPON Uplink Home Gateway (GPON+4FE+1POTS+WIFI+USB), and 7.DT741-cbGPON uplink home gateway DT741-cb.

tags | exploit, overflow
advisories | CVE-2018-19524
SHA-256 | 4f48da3e8a78a9cf4093887c381e510d71c9c97ebafd060e27501d9e12a2e61d

Related Files

PowerNet Twin Client 8.9 Stack Overflow
Posted Jun 29, 2012
Authored by Luigi Auriemma | Site aluigi.org

PowerNet Twin Client versions 8.9 and below suffer from a stack overflow vulnerability.

tags | exploit, overflow
systems | linux
SHA-256 | 01ee7bdceda2abbcd11f2723950b87df2788e5314ddad8946094bb92071a21fd
Debian Security Advisory 2498-1
Posted Jun 25, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2498-1 - It was discovered that dhcpcd, a DHCP client, was vulnerable to a stack overflow. A malformed DHCP message could crash the client, causing a denial of service, and potentially remote code execution through properly designed malicious DHCP packets.

tags | advisory, remote, denial of service, overflow, code execution
systems | linux, debian
advisories | CVE-2012-2152
SHA-256 | 2a1985d21c5fc5cfea58dab1c087d2cbcd793d34c92dfbc5e4ad65f8a1d75a90
FlexNet License Server Manager 11.9.1 Stack Overflow
Posted May 13, 2012
Authored by Luigi Auriemma | Site aluigi.org

FlexNet License Server Manager versions 11.9.1 and below suffer from a stack overflow vulnerability in lmgrd. Proof of concept included.

tags | exploit, overflow, proof of concept
systems | linux
SHA-256 | e1685cec49a2c9fdbef7f2df8194086852d758d0cee891a610d91b40c7e329ac
AnvSoft Any Video Converter 4.3.6 Stack Overflow
Posted May 3, 2012
Authored by cikumel, y0k

AnvSoft Any Video Converter version 4.3.6 suffers from a stack overflow vulnerability.

tags | exploit, overflow
SHA-256 | 4b1def4e5f1eb575c9b905d500fe2ee0a5a1fb7cd904a1df6bcbd66332b1e7c2
Zero Day Initiative Advisory 12-003
Posted Jan 6, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-03 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within webappmon.exe CGI program. When processing crafted parameters, there exists an insufficient boundary check before supplying a format string with the values, causing a stack overflow. This can lead to memory corruption which can be leveraged to execute arbitrary code under the context of the target service.

tags | advisory, remote, overflow, arbitrary, cgi
advisories | CVE-2011-3166
SHA-256 | 7280ee72fc8a2afbe65725493fa36e91a74ef66d4970ce823327f1cd22626da6
Zero Day Initiative Advisory 12-002
Posted Jan 6, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-02 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within ov.dll. When processing a user supplied file name for the textFile option, there exists an insufficient boundary check before supplying the value to a format string within _OVBuildPath, causing a stack overflow. This can lead to memory corruption which can be leveraged to execute arbitrary code under the context of the target service.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2011-3167
SHA-256 | f1580177567598e05d0e1d3eea87033ef77ed54ddde4cf3181022c29695f5d11
FreeBSD Security Advisory - compress Boundary Checks
Posted Sep 28, 2011
Site security.freebsd.org

FreeBSD Security Advisory - The code used to decompress a file created by compress(1) does not do sufficient boundary checks on compressed code words, allowing reference beyond the decompression table, which may result in a stack overflow or an infinite loop when the decompressor encounters a corrupted file.

tags | advisory, overflow
systems | freebsd
advisories | CVE-2011-2895
SHA-256 | 56febab158d830afcb2df839a7a95ac3e1a7fab7a28a063e7e3fb77d6e868228
Adobe Acrobat / Reader Picture Processing Stack Overflow
Posted Sep 14, 2011
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a stack overflow error when processing a malformed picture within a PDF document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF file.

tags | advisory, overflow
SHA-256 | 3db1febf32ab77cc17ebcd7c9b80069c45e57860fe630d2d2dd0f8123ffdd44b
DAQFactory 5.85 Build 1853 Stack Overflow
Posted Sep 14, 2011
Authored by Luigi Auriemma | Site aluigi.org

DAQFactory versions 5.95 build 1853 and below suffer from a stack overflow vulnerability. Proof of concept included.

tags | exploit, overflow, proof of concept
systems | linux
SHA-256 | 2aa39c968d5c45275fa5dbe8c0c9813e0c35a6707e64062ce8ccdf0f1411b7f3
ICONICS WebHMI Active-X Stack Overflow
Posted May 4, 2011
Authored by sgb, bls | Site security-assessment.com

ICONICS Genesis32 is a suite of OPC, SNMP, BACnet and Web-enabled HMI and SCADA applications. A stack overflow was found in an ActiveX control required by the WebHMI interface. This condition can be used to gain command execution. The affected control is 'GenVersion.dll' and has the ClassID of {CEFF5F48-BD2E-4D10-BAE5-AF729975E223}. This control is marked safe for scripting.

tags | exploit, web, overflow, activex
SHA-256 | e2cc945e05990c73d34e1f078184b4608dc08dbcc60fbcdef0908d92ab249b3f
Microsoft Windows OpenType CFF Driver Stack Overflow
Posted Apr 15, 2011
Authored by Sebastien Renaud, VUPEN | Site vupen.com

The VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by a stack overflow error in the OpenType Compact Font Format (CFF) driver "ATMFD.dll" when processing certain operands within an OpenType font, which could be exploited by remote attackers to execute arbitrary code on a vulnerable Windows 7, Windows Server 2008, Windows Server 2008 R2, and Windows Vista systems via a malicious font, or by local attackers to gain elevated privileges on Windows XP and Windows Server 2003 systems via a malicious application.

tags | advisory, remote, overflow, arbitrary, local
systems | windows
advisories | CVE-2011-0034
SHA-256 | 4f3f32b3d21c7c657379213dbce2194f42ee815379440a6a45b032df836b15a9
Microsoft HTML Help 6.1 Stack Overflow
Posted Apr 12, 2011
Authored by Luigi Auriemma | Site aluigi.org

Microsoft HTML Help versions 6.1 and below suffer from a stack overflow vulnerability in itss.dll. Proof of concept code is included.

tags | exploit, overflow, proof of concept
systems | linux
SHA-256 | 63d7b93fe2cec5016dfe9a4e1e8b07fef4a558529c5ee4aa1f0072cac167cf59
Sielco Sistemi Winlog 2.07.00 Stack Overflow
Posted Jan 14, 2011
Authored by Luigi Auriemma

Sielco Sistemi Winlog versions 2.07.00 and below suffer from a stack overflow vulnerability.

tags | advisory, overflow
SHA-256 | d94010aa6fc723c13bd86c84eb622d7260847f34750e323b8ea30ff2b09cc02e
Gentoo Linux Security Advisory 201101-01
Posted Jan 6, 2011
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201101-1 - gif2png contains a stack overflow vulnerability when parsing command line arguments. gif2png contains a command line parsing vulnerability that may result in a stack overflow due to an unexpectedly long input filename. Versions less than 2.5.1-r1 are affected.

tags | advisory, overflow
systems | linux, gentoo
advisories | CVE-2009-5018
SHA-256 | dcda8a8e122d53320b8fc700937fe1ca16e01215b17654c07bafb7692f106e7d
SAP XRFC 6.40 / 7.00 Stack Overflow
Posted Nov 17, 2010
Authored by Alexey Sintsov

SAP XRFC version 6.40 and 7.00 suffers from a stack overflow vulnerability.

tags | advisory, overflow
SHA-256 | 9b8e7b9a5adb907ede97829d87b64a1087018e9595e7e83781a56c9d2180bf3a
BACnet OPC Client Buffer Overflow
Posted Nov 12, 2010
Authored by Jeremy Brown, MC | Site metasploit.com

This Metasploit module exploits a stack overflow in SCADA Engine BACnet OPC Client v1.0.24. When the BACnet OPC Client parses a specially crafted csv file, arbitrary code may be executed.

tags | exploit, overflow, arbitrary
SHA-256 | 2c6eff3365a8cd3ef62a57d222795cb41fc95f13bba51789e6bb9bd0f996aeda
MOXA Device Manager Tool 2.1 Buffer Overflow
Posted Nov 8, 2010
Authored by Ruben Santamarta, MC | Site metasploit.com

This Metasploit module exploits a stack overflow in MOXA MDM Tool 2.1. When sending a specially crafted MDMGw (MDM2_Gateway) response, an attacker may be able to execute arbitrary code.

tags | exploit, overflow, arbitrary
SHA-256 | d1dd4e7fce98d32b48eac6791f3f78990a4253f063ff4c36a0b84dd00ca14a1c
Network Associates PGP KeyServer 7 LDAP Buffer Overflow
Posted Nov 5, 2010
Authored by patrick | Site metasploit.com

This Metasploit module exploits a stack overflow in the LDAP service that is part of the NAI PGP Enterprise product suite. This Metasploit module was tested against PGP KeyServer v7.0. Due to space restrictions, egghunter is used to find our payload - therefore you may wish to adjust WfsDelay.

tags | exploit, overflow
advisories | CVE-2001-1320
SHA-256 | da96c2a19be199b131c7fc8a865bf1900872f9605e31b1421acca3503f58840f
VUPEN Security Advisory
Posted Oct 15, 2010
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Word. The vulnerability is caused by a stack overflow error when processing certain structures in a Word document, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a specially crafted Word file.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2010-3214
SHA-256 | 86a5de394fcc7dbf2167be9bfc3e9b95adb317e813f7f86955e1f4af5ba68e53
Mandriva Linux Security Advisory 2010-200
Posted Oct 14, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-200 - It was discovered that the ASN.1 BER dissector in wireshark was susceptible to a stack overflow. For 2010.0 and 2010.1 wireshark was upgraded to v1.2.12 which is not vulnerable to this issue and was patched for CS4 and MES5 to resolve the vulnerability.

tags | advisory, overflow
systems | linux, mandriva
SHA-256 | 4743d8ce327a00dbb59dfa168c34ad178a11ffea943b19fba186d0149c125323
Month Of Abysssec Undisclosed Bugs - Java CMM
Posted Sep 21, 2010
Authored by Abysssec, Shahin | Site abysssec.com

Month Of Abysssec Undisclosed Bugs - Java CMM suffers from a readMabCurveData stack overflow vulnerability.

tags | advisory, java, overflow
advisories | CVE-2010-0838
SHA-256 | d8dba4b81c76432ec40bb4757b7db76eab2731d7df0a122059fa3774f6aff4c8
Month Of Abysssec Undisclosed Bugs - Java CMM
Posted Sep 21, 2010
Authored by Abysssec, Shahin | Site abysssec.com

Month Of Abysssec Undisclosed Bugs - Java CMM suffers from a readMabCurveData stack overflow vulnerability.

tags | exploit, java, overflow
advisories | CVE-2010-0838
SHA-256 | 792397f512b57562530b89ceb906c42625ab5d3ab1d8e28ebbf844257792b0b5
Zero Day Initiative Advisory 10-150
Posted Aug 13, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-150 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Word. User interaction is required to exploit this vulnerability in that the target must open a malicious document. The specific flaw exists in the parsing of sprmCMajority records in a Word document. Due to the lack of parameter checking when processing sprmCMajority sprm groups it is possible to arbitrarily control the amount of data being written to a stack based buffer resulting in a stack overflow vulnerability which can overwrite critical exception structures. Successful exploitation can lead to remote code execution under the credentials of the currently logged in user.

tags | advisory, remote, overflow, arbitrary, code execution
advisories | CVE-2010-1900
SHA-256 | 8412c084cfda719ab9aa776080c4fa253edda24723f79f8dceb68433a547c9cc
Debian Linux Security Advisory 2090-1
Posted Aug 7, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2090-1 - A stack overflow vulnerability was found in socat that allows an attacker to execute arbitrary code with the privileges of the socat process.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2010-2799
SHA-256 | e75325919ff9e435844f12c7228be2dea1f036e4f765bccdf8c07b69f2bfc1c0
Amlibweb NetOpacs webquery.dll Stack Overflow
Posted Aug 5, 2010
Authored by patrick | Site metasploit.com

This Metasploit module exploits a stack overflow in Amlib's Amlibweb Library Management System (NetOpacs). The webquery.dll API is available through IIS requests. By specifying an overly long string to the 'app' parameter, SeH can be reliably overwritten allowing for arbitrary remote code execution. In addition, it is possible to overwrite EIP by specifying an arbitrary parameter name with an '=' terminator.

tags | exploit, remote, overflow, arbitrary, code execution
SHA-256 | fe4b9c6660b9a78cd1ca60a3af4c9505711a0207a3d593097dec278c1746ef04
Page 1 of 4
Back1234Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    40 Files
  • 13
    Sep 13th
    18 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close