9 lines
No EOL
516 B
Text
9 lines
No EOL
516 B
Text
source: http://www.securityfocus.com/bid/13835/info
|
|
|
|
HP OpenView Radia Notify Daemon (RADEXECD) is affected by multiple remote buffer overflow vulnerabilities.
|
|
|
|
An attacker can craft a malicious request that can overflow a buffer and result in process memory corruption. These issues may be exploited to gain unauthorized access in the context of the server.
|
|
|
|
The following proof of concept is available:
|
|
<callback port>\0<username>\0<password>\0
|
|
"LIST " . (0x90 x <offset>) . <ret_addr> . "." . <shellcode> |