CVE-2009-4660

Published: 03/03/2010 Updated: 19/09/2017

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Stack-based buffer overflow in the AntServer Module (AntServer.exe) in BigAnt IM Server 2.50 allows remote malicious users to execute arbitrary code via a long GET request to TCP port 6660.

Vulnerable Product	Search on Vulmon	Subscribe to Product
bigantsoft bigant messenger 2.50

#!/usr/bin/python # BigAnt Server version 250 SEH Overwrite - 0day # Written and discovered by Blake # Tested on Windows XP SP3 # # $ /bigantpy 1921681131 6660 # # [*] BigAnt Server v250 SEH Overwrite 0day # [*] Written and discovered by Blake # [*] Tested on Windows XP SP3 # # [+] Connecting to 1921681131 on port 6660 # [+] Sending payl ...

#!/usr/bin/python # by hack4love # BigAnt Server version 250 SEH Overwrite Universal # discovered by Blake wwwmilw0rmcom/exploits/9673 # Tested on Windows XP SP2 # gratez to Blake # use >> bigantpy 192168112 6660 import socket, sys if len(sysargv)!= 3: print "\n[*] Usage: %s <ip> <port>\n" % sysargv[0] sysexit( ...

CVE-2009-4660 - BigAnt Server 2.52 'USV' Remote Buffer Overflow Vulnerability. Tested on Windows XP Professional SP3.

CVE-2009-4660

CWE-119 http://www.securityfocus.com/bid/36407 http://www.attrition.org/pipermail/vim/2009-September/002271.html http://secunia.com/advisories/36704 http://www.vupen.com/english/advisories/2009/2679 http://www.exploit-db.com/exploits/9690 http://www.exploit-db.com/exploits/9673 https://nvd.nist.gov https://github.com/war4uthor/CVE-2009-4660 https://www.exploit-db.com/exploits/9673/

CVE-2009-4660

Vulnerability Summary

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect