Published: 02/09/2005 Updated: 11/07/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Multiple stack-based buffer overflows in University of Minnesota gopher client 3.0.9 allow remote malicious servers to execute arbitrary code via (1) a long "+VIEWS:" reply, which is not properly handled in the VIfromLine function, and (2) certain arguments when launching third party programs such as a web browser from a web link, which is not properly handled in the FIOgetargv function.

Vulnerable Product	Search on Vulmon	Subscribe to Product
university of minnesota gopher 3.0.9

/*[ gopher[v309+]: remote (client) buffer overflow exploit ] * * by: vade79/v9 v9@fakehalous (fakehalo/realhalo) * * compile: * gcc xgopher-clientc -o xgopher-client * * syntax: * /xgopher-client <port> [bindshell port] * * The Internet Gopher Client is based on the UMN * Gopher/Gopherd 231 code Gopher is an Internet technol ...

NVD-CWE-Other http://www.kb.cert.org/vuls/id/619812 http://www.securityfocus.com/bid/14693 http://secunia.com/advisories/16614/http://www.debian.org/security/2005/dsa-832 http://secunia.com/advisories/17016 http://marc.info/?l=bugtraq&m=112559902931614&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/22053 https://nvd.nist.gov https://www.exploit-db.com/exploits/1187/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2005-2772

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect