![]() By sending a specially crafted client certificate, an attacker can execute arbitrary code. This module exploits a stack buffer overflow in the yaSSL (1.9.8 and earlier) implementation bundled with MySQL. Dell OpenManage POST Request Heap Overflow (win32) In this scenario, a second ISAPI module was loaded into the same memory area as the previously unloaded module.ĬVE-2010-0425 BID-38494. ![]() Limited success was encountered using two separate ISAPI modules. ![]() In order to do so, one would need to find a situation where a particular ISAPI module loads at an image base address that can be re-allocated by a remote attacker. Although arbitrary code execution is theoretically possible, a real-world method of invoking this consequence has not been proven. Later, if another request comes for that ISAPI module, previously obtained pointers will be used resulting in an access violation or potentially arbitrary code execution. By making a request that terminates abnormally (either an aborted TCP connection or an unsatisfied chunked request), mod_isapi will unload the ISAPI extension. In order to reach the vulnerable code, the target server must have an ISAPI module installed and configured. ![]() This module triggers a use-after-free vulnerability in the Apache Software Foundation mod_isapi extension.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |