Published: 31/01/2013 Updated: 31/01/2013

CVSS v2 Base Score: 7.1 | Impact Score: 10 | Exploitability Score: 3.9

VMScore: 720

Vector: AV:N/AC:H/Au:S/C:C/I:C/A:C

Stack-based buffer overflow in Sysax Multi Server prior to 5.52, when HTTP is enabled, allows remote authenticated users with the create folder permission to execute arbitrary code via a crafted request.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sysax multi server
sysax multi server 4.3
sysax multi server 4.5

########################################################################################################## #Title: Sysax Multi Server 550 Create Folder Remote Code Exec BoF (MSF Module) #Author: Craig Freyman (@cd1zz) #Tested on: XP SP3 32bit and Server 2003 SP2 32bit(No DEP) #Notes: My original exploit => wwwexploit-dbcom/exploits/183 ...

#!/usr/bin/python ########################################################################################################## #Title: Sysax Multi Server 550 Create Folder BOF #Author: Craig Freyman (@cd1zz) #Tested on: XP SP3 32bit and Server 2003 SP2 32bit(No DEP) #Date Discovered: January 13, 2012 #Vendor Contacted: January 15, 2012 #Vendor Respo ...

CWE-119 http://www.exploit-db.com/exploits/18420 http://www.exploit-db.com/exploits/18382 http://www.pwnag3.com/2012/01/sysax-multi-server-550-exploit.html http://www.securityfocus.com/bid/51548 https://nvd.nist.gov https://www.exploit-db.com/exploits/18420/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2012-6530

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect