- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 19895
- Проверка EDB
-
- Пройдено
- Автор
- JOEY__
- Тип уязвимости
- REMOTE
- Платформа
- WINDOWS
- CVE
- cve-2000-0423
- Дата публикации
- 2000-03-01
NetWin DNews 5.3 Server - Remote Buffer Overflow
Код:
source: https://www.securityfocus.com/bid/1172/info
DNews News Server is a CGI application that gives access to auser's NNTP server over the web. There are many unchecked buffers in the program, some of which can be exploited directly from any browser. Supplying an overlylong value for the "group", "cmd" and "utag" variables, and possibly others, will overwrite their respective buffers. In this manner, arbitrary code can be executed on the remote target.
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/19895.zip- Источник
- www.exploit-db.com
