Published: 06/04/2010 Updated: 08/05/2010

CVSS v2 Base Score: 6 | Impact Score: 6.4 | Exploitability Score: 6.8

VMScore: 605

Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P

Stack-based buffer overflow in Open Direct Connect Hub (aka Open DC Hub or OpenDCHub) 0.8.1 allows remote authenticated users to execute arbitrary code via a long MyINFO message.

Vulnerable Product	Search on Vulmon	Subscribe to Product
roshan singh open direct connect hub 0.8.1

#!/usr/bin/python # # OpenDcHub 081 Remote Code Execution Exploit # Pierre Nogues - wwwindahaxcom # # Description: # OpenDcHub is a direct connect hub for Linux # # OpenDcHub doesn't handle specially crafted MyINFO message which lead to a stack overflow # # Affected versions : # OpenDcHub 081 # # Plateforms : # Unix # ...

CWE-119 http://marc.info/?l=oss-security&m=127051570728944&w=2 https://bugzilla.redhat.com/show_bug.cgi?id=579206 http://www.securityfocus.com/archive/1/510428 http://openwall.com/lists/oss-security/2010/04/03/1 http://www.indahax.com/exploits/opendchub-0-8-1-remote-code-execution-exploit#more-600 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=576308 http://www.vupen.com/english/advisories/2010/1023 http://lists.fedoraproject.org/pipermail/package-announce/2010-April/040360.html http://www.securityfocus.com/bid/39129 http://www.vupen.com/english/advisories/2010/1044 http://secunia.com/advisories/39664 http://lists.fedoraproject.org/pipermail/package-announce/2010-April/040380.html http://lists.fedoraproject.org/pipermail/package-announce/2010-April/040421.html https://nvd.nist.gov https://www.exploit-db.com/exploits/11986/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2010-1147

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect