CVE-2001-0184
published 2001-03-26CVE-2001-0184: eEye Iris 1.01 beta allows remote attackers to cause a denial of service via a malformed packet, which causes Iris to crash when a user views the packet.
PriorityP412low2.6CVSS 2.0
AVNACHAuNCNINAP
EXPLOIT
EPSS
2.67%
83.9th percentile
eEye Iris 1.01 beta allows remote attackers to cause a denial of service via a malformed packet, which causes Iris to crash when a user views the packet.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| eeye_digital_security | iris | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Sudo 1.6.x - Password Prompt Heap Overflow
exploitdb·2001-11-01
CVE-2002-0184 Sudo 1.6.x - Password Prompt Heap Overflow
Sudo 1.6.x - Password Prompt Heap Overflow
---
// source: https://www.securityfocus.com/bid/4593/info
Sudo is a widely used Linux/Unix utility allow users to securely run commands as other users.
Sudo is vulnerable to a heap overflow condition related to it's customizable password prompt feature. The nature of the sudo utility requires that it be installed setuid root. Successful exploitation may allow for local attackers to gain root privileges.
/*
* Created: November 1, 2001
* Updated: August 8, 2002
* Updated-2: November 4, 2002 by Eds and Dexter_Man
* ______
* / ___\ __ _ ____ ____ ____ ____ ____ __ _
* \____ \/ / \/ \/ \/ _ \ \ _ \/ / \
* / \___ \ \ \ \ \ ___/ \_/___ \___ \
* \______ / ____/__/ /__/ /___ \__/ / ____/ ____/
* \/\/ \/ \/ \/ \/ \/
*
* Hudo versus Linux/Intel Sudo
*
Exploit-DB
eEye Digital Security IRIS 1.0.1 - GET Denial of Service
exploitdb·2001-01-21
CVE-2001-0184 eEye Digital Security IRIS 1.0.1 - GET Denial of Service
eEye Digital Security IRIS 1.0.1 - GET Denial of Service
---
// source: https://www.securityfocus.com/bid/2278/info
A maliciously-formed packet sent to Iris by a remote attacker, upon opening in the program for analysis by a user, will cause Iris to terminate.
The crash is caused by an inability of Iris to handle packets with malformed values in its headers.
/* Denial of Service attack against :
* Iris The Network Traffic Analyzer beta 1.01
* ------------------------------------------------
*
* Will create an incorrect packet which will cause
* Iris to hang when it is opened by a user.
*
* Vulnerability found by : [email protected]
* Exploit code by : [email protected]
*
* Respect to the guys from eEye, for there fast
* response.
*
* greetings to hit2000, hwa, synnergy, securi
No writeups or analysis indexed.
http://archives.neohapsis.com/archives/bugtraq/2001-01/0343.htmlhttp://archives.neohapsis.com/archives/bugtraq/2001-01/0352.htmlhttp://www.securityfocus.com/bid/2278https://exchange.xforce.ibmcloud.com/vulnerabilities/5981http://archives.neohapsis.com/archives/bugtraq/2001-01/0343.htmlhttp://archives.neohapsis.com/archives/bugtraq/2001-01/0352.htmlhttp://www.securityfocus.com/bid/2278https://exchange.xforce.ibmcloud.com/vulnerabilities/5981
2001-03-26
Published