Published: 13/06/2014 Updated: 08/12/2016

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Stack-based buffer overflow in Kolibri 2.0 allows remote malicious users to execute arbitrary code via a long URI in a HEAD request.

Vulnerable Product	Search on Vulmon	Subscribe to Product
senkas kolibri 2.0

#!/usr/bin/env python # _ ____ __ __ ___ # (_)____ _ __/ __ \/ /_____ ____/ / _/_/ | # / // __ \ | / / / / / //_/ _ \/ __ / / / / / # / // / / / |/ / /_/ / ,< / __/ /_/ / / / / / # /_//_/ /_/|___/\____/_/|_|\___/\__,_/ / /_/_/ # Live by the byte |_/_/ # # Members: # # Pr0T3cT ...

Senkas Kolibri WebServer version 20 is vulnerable to remote code execution via an overly long POST request Sending the exploit will result in a SEH overwrite, which can then be use to redirect execution to a POP POP RET within the application's binary itself, which once executed, will allow the attacker to execute his/her payload located in the H ...

A proof of concept of an SEH overflow with arbitrary dll injection

CVE-2010-5301 A proof of concept of an SEH overflow with arbitrary dll injection Description Kolibrì HTTP Server 20 is affected by a stack-based buffer overflow At the time of discovery this vulnerability was exploited by simply overwriting the instruction pointer with a JMP ESP instruction, where ESP pointed to shellcode dropped on the stack Subsequently, it was foun

CWE-119 http://www.exploit-db.com/exploits/15834 http://osvdb.org/show/osvdb/70808 http://www.securityfocus.com/bid/45579 https://nvd.nist.gov https://github.com/lem0nSec/CVE-2010-5301 https://www.exploit-db.com/exploits/15834/

CVE-2010-5301

Vulnerability Summary

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect