CVE-2006-3546
published 2006-07-13CVE-2006-3546: Patrice Freydiere ImgSvr (aka ADA Image Server) allows remote attackers to cause a denial of service (daemon crash) via a long HTTP POST request. NOTE: this…
PriorityP421medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
3.29%
87.0th percentile
Patrice Freydiere ImgSvr (aka ADA Image Server) allows remote attackers to cause a denial of service (daemon crash) via a long HTTP POST request. NOTE: this might be the same issue as CVE-2004-2463.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ada | imgsvr | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
ImgSvr 0.6.5 - POST Denial of Service
exploitdb·2006-07-04
CVE-2006-3546 ImgSvr 0.6.5 - POST Denial of Service
ImgSvr 0.6.5 - POST Denial of Service
---
#!/usr/bin/perl
##Proof of concept.
#################################################################################
#Credit's:to n00b for finding this bug.
#
#Afected :ImgSvr.exe
#
#Download softwear: http://freshmeat.net/projects/imgsvr/
#
#Crash the server with overly long http post request..
#
#Main site of affected product. http://freshmeat.net/projects/imgsvr/
#Sending an overly long post request will crash the server with the following.
#Acsess violation..
#Tested :win xp sp1..
#
#error:500 Server closed connection without sending any data back
#this is a error msg will receive on successful exploitation.
#################################################################################
##(e7c.168): Access violation - code c0000005 (first
Exploit-DB
F-Secure Internet GateKeeper for Linux < 2.15.484 / Gateway < 2.16 - Local Privilege Escalation
exploitdb·2005-11-07
CVE-2006-3546 F-Secure Internet GateKeeper for Linux < 2.15.484 / Gateway < 2.16 - Local Privilege Escalation
F-Secure Internet GateKeeper for Linux "
__lastedit__ = "Thu Sep 22 23:18:39 EDT 2005"
__usage__ = """usage: %s [-options]
options:
--version show program's version number and exit.
-h, --help show this help message and exit.
-s, --suid file location to suid.
-d, --dir cgi directory.
-c, --clean cleans any left over files from the environment creation.
-# enter numerical value of vulnerable file to exploit. [list below]
1: ifconfig_suid.cgi | 2: reboot_suid.cgi | 3: proxy_suid.cgi
4: edittmpl_suid.cgi | 5: version_suid.cgi | 6: hostname_suid.cgi
7: gateway_suid.cgi | 8: halt_suid.cgi | 9: edituserdb_suid.cgi
10: htpasswd_suid.cgi | 11: pattern_up_suid.cgi | 12: license_suid.cgi
13: iptables_suid.cgi | 14: dns_suid.cgi | 15: pattern_autoup_suid.cgi
16: spam_list_suid.cgi | 17: diag_suid.
No writeups or analysis indexed.
http://securityreason.com/securityalert/1232http://www.securityfocus.com/archive/1/438971/100/0/threadedhttp://www.securityfocus.com/bid/18784https://exchange.xforce.ibmcloud.com/vulnerabilities/27613http://securityreason.com/securityalert/1232http://www.securityfocus.com/archive/1/438971/100/0/threadedhttp://www.securityfocus.com/bid/18784https://exchange.xforce.ibmcloud.com/vulnerabilities/27613
2006-07-13
Published