CVE-2007-4375
published 2007-08-16CVE-2007-4375: The administrative interface (aka DkService.exe) in Diskeeper 9 Professional, 2007 Pro Premier, and probably other versions exposes a memory comparison…
PriorityP426medium5.8CVSS 2.0
AVNACMAuNCPINAP
EXPLOIT
EPSS
3.38%
87.3th percentile
The administrative interface (aka DkService.exe) in Diskeeper 9 Professional, 2007 Pro Premier, and probably other versions exposes a memory comparison function via RPC over TCP, which allows remote attackers to (1) obtain sensitive information (process memory contents), as demonstrated by an attack that obtains module base addresses to defeat Address Space Layout Randomization (ASLR); or (2) cause a denial of service (application crash) via an out-of-bounds address.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| diskeeper | diskeeper | — | — |
| diskeeper | diskeeper | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
BaoFeng2 - 'mps.dll' ActiveX Multiple Remote Buffer Overflows (PoC)
exploitdb·2007-09-08
CVE-2007-4816 BaoFeng2 - 'mps.dll' ActiveX Multiple Remote Buffer Overflows (PoC)
BaoFeng2 - 'mps.dll' ActiveX Multiple Remote Buffer Overflows (PoC)
---
BaoFeng2 Mps.dll Activex Multiple Remote Buffer Overflow PoC
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/4375.zip (09082007-storm.zip)
# milw0rm.com [2007-09-08]
Exploit-DB
Diskeeper 9 - Remote Memory Disclosure
exploitdb·2007-08-17
CVE-2007-4375 Diskeeper 9 - Remote Memory Disclosure
Diskeeper 9 - Remote Memory Disclosure
---
/*
Diskeeper Remote Memory Disclosure
Credit: Pravus (pravus -a-t- hush -d-o-t- com)
Greetz: Scientology for making a remotely accessible disk
defragmenter. Felix, Jenna, and Isaac.
Vulnerability Description:
This vulnerability involves a memory comparison function that is
remotely, anonymously accessible via the remote procedure call in
the Diskeeper administrative interface. Using this, an attacker
can guess / brute force memory at any address in the process;
although passing a bad pointer will cause a memory read exception
and DoS the process. Since causing a Denial of Service for
Diskeeper is of minimal consequence, this write-up will focus on
the memory reading aspect.
By making use of shared user memory at 0x7FFE0000, an attacker can
lea
No writeups or analysis indexed.
http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065245.htmlhttp://osvdb.org/39546http://osvdb.org/39547http://secunia.com/advisories/26431http://securityreason.com/securityalert/3018http://www.securityfocus.com/archive/1/476954/100/0/threadedhttp://www.securityfocus.com/bid/25320https://exchange.xforce.ibmcloud.com/vulnerabilities/36007https://exchange.xforce.ibmcloud.com/vulnerabilities/36008http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065245.htmlhttp://osvdb.org/39546http://osvdb.org/39547http://secunia.com/advisories/26431http://securityreason.com/securityalert/3018http://www.securityfocus.com/archive/1/476954/100/0/threadedhttp://www.securityfocus.com/bid/25320https://exchange.xforce.ibmcloud.com/vulnerabilities/36007https://exchange.xforce.ibmcloud.com/vulnerabilities/36008
2007-08-16
Published