|
 |
| SecurityReason | ||
| WLB | ||
| Services | ||
| RSS | ||
| Corporate | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
Home  SecurityAlert Database |
||||
SecurityAlert : 2249 CVE : CVE-2007-0955 SecurityRisk : Medium  (About) Remote Exploit : Yes Local Exploit : No Exploit Available : Yes Credit : mu-b Published : 17.02.2007
Advisory Content : The POC attached exploits an out of bounds memory read in the NTLM authentication routines of MailEnable Pro/Enterprise. The problem lies in the NTLM_UnPack_Type3 function of MENTLM.dll. This appears to have been silently "patched" somewhere between versions 2.351 and 2.36-7. (observe the quotes). (c34.dc0): Access violation - code c0000005 (first chance) First chance exceptions are reported before any exception handling. This exception may be expected and handled. eax=8146930b ebx=003a6cc8 ecx=00000040 edx=00000000 esi=8146920b edi=0146b238 eip=0109b4b3 esp=014691e4 ebp=014691ec iopl=0 nv up ei pl nz ac po nc cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00010212 MENTLM!NTLM_UnPack_Type3+0x3019: 0109b4b3 f3a5 rep movs dword ptr es:[edi],dword ptr [esi] es:0023:0146b238=00000000 ds:0023:8146920b=???????? --------------------------------------------------------------------------- (mu-b at digit-labs.org) -------------- next part -------------- A non-text attachment was scrubbed... Name: maildisable-v5.pl Type: text/x-perl Size: 1816 bytes Desc: not available Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20070214/847 cd30d/attachment.bin  Feedback : If you have additional information or notice any errors regarding this security advisory, please use contact form or email us at info()securityreason()com. |
||||
| Alert | ||
Allow attacker to denial of service apache 2.2.17 server |
||
| Apache |  |
|
| PHP | |
|
» libzip 0.9.3 |
||
| ADT | ||
Protect your family and valuables with Home Security Systems |
||
- 2011-05-13| Copyright © SecurityReason.com. All Rights Reserved. |