cbcvebase.
CVE-2008-5177
published 2008-11-20

CVE-2008-5177: Stack-based buffer overflow in the DtbClsLogin function in Yosemite Backup 8.7 allows remote attackers to (1) execute arbitrary code on a Linux platform…

PriorityP259critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
16.86%
96.7th percentile
Stack-based buffer overflow in the DtbClsLogin function in Yosemite Backup 8.7 allows remote attackers to (1) execute arbitrary code on a Linux platform, related to libytlindtb.so; or (2) cause a denial of service (application crash) and possibly execute arbitrary code on a Windows platform, related to ytwindtb.dll; via a long username field during authentication.

Affected

1 ranges
VendorProductVersion rangeFixed in
insight-techyosemite_backup

Detection & IOCsextracted from sources · hover to see the quote

  • ·The Linux ROP gadget addresses (ret=0xB7DA6C90, edi=0x0809c514) are specific to Slackware 12.0 and will differ on other Linux distributions due to ASLR and differing library load addresses.
  • ·On Windows, the exploit only sends 500 'A' bytes (no shellcode), resulting in DoS/crash rather than reliable code execution; the Windows exploitation path may require different offsets.
  • ·Reports indicate successful exploits allow remote code execution on Linux systems but only denial of service on Windows systems.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.