CVE-2002-0595
published 2002-06-18CVE-2002-0595: Buffer overflow in WTRS_UI.EXE (WTX_REMOTE.DLL) for WebTrends Reporting Center 4.0d allows remote attackers to execute arbitrary code via a long HTTP GET…
PriorityP339high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
10.73%
95.3th percentile
Buffer overflow in WTRS_UI.EXE (WTX_REMOTE.DLL) for WebTrends Reporting Center 4.0d allows remote attackers to execute arbitrary code via a long HTTP GET request to the /reports/ directory.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| webtrends | reporting_center | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
BadBlue 2.5 - Easy File Sharing Remote Buffer Overflow
exploitdb·2005-02-27
CVE-2005-0595 BadBlue 2.5 - Easy File Sharing Remote Buffer Overflow
BadBlue 2.5 - Easy File Sharing Remote Buffer Overflow
---
/*
BadBlue, Easy File Sharing Remote BOverflow
Homepage: badblue.com
Affected version: v2.5 (2.60 and below not tested)
Patched version: v2.61
Link: badblue.com/bbs98.exe
Date: 27 February 2005
Application Risk: Severely High
Internet Risk: Low
Dicovery Credits: Andres Tarasco (atarasco _at_ sia.es)
Exploit Credits : class101 & metasploit.com
Hole History:
26-2-2005: BOF flaw published by Andres Tarasco of sia.es
27-2-2002: Hat-Squad.com releases an exploit
28-2-2005: haxorcitos releases a dupe with fake date :>
or you sux doing private stuffs.
Notes:
-6 bad chars, 0x00, 0x26, 0x20, 0x0A, 0x8C, 0x3C, badly interpreted by
BadBlue
-using offsets from ext.dll, universal.
-use findjmp2 to quick search into ext.dll to see
if th
Exploit-DB
WebTrends Reporting Center for Windows 4.0 d - GET Buffer Overflow
exploitdb·2002-04-17
CVE-2002-0595 WebTrends Reporting Center for Windows 4.0 d - GET Buffer Overflow
WebTrends Reporting Center for Windows 4.0 d - GET Buffer Overflow
---
source: https://www.securityfocus.com/bid/4531/info
WebTrends Reporting Center is used to organize and present usage information for multiple server web environments. Reporting Center is available for Windows NT and 2000, Linux and Solaris.
An issue has been reported in WebTrends Reporting Center for Windows. An authenticated user of the system may be able to exploit a buffer overflow condition by submitting an oversized GET request. Exploitation may result in the execution of arbitrary code with SYSTEM privileges, or in a denial of service attack.
http://targetmachine:1099/reports/(Long Char String)
No writeups or analysis indexed.
http://archives.neohapsis.com/archives/bugtraq/2002-04/0207.htmlhttp://www.iss.net/security_center/static/8864.phphttp://www.securityfocus.com/bid/4531http://archives.neohapsis.com/archives/bugtraq/2002-04/0207.htmlhttp://www.iss.net/security_center/static/8864.phphttp://www.securityfocus.com/bid/4531
2002-06-18
Published