Search criteria
6 vulnerabilities found for cain_and_abel by oxid
FKIE_CVE-2008-5405
Vulnerability from fkie_nvd - Published: 2008-12-10 06:44 - Updated: 2025-04-09 00:30
Severity ?
Summary
Stack-based buffer overflow in the RDP protocol password decoder in Cain & Abel 4.9.23 and 4.9.24, and possibly earlier, allows remote attackers to execute arbitrary code via an RDP file containing a long string.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oxid | cain_and_abel | 4.9.23 | |
| oxid | cain_and_abel | 4.9.24 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oxid:cain_and_abel:4.9.23:*:*:*:*:*:*:*",
"matchCriteriaId": "0BB410B2-BB79-485F-937C-79E44E0D56CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oxid:cain_and_abel:4.9.24:*:*:*:*:*:*:*",
"matchCriteriaId": "60F40E48-6480-41C6-BA08-55842DA311BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the RDP protocol password decoder in Cain \u0026 Abel 4.9.23 and 4.9.24, and possibly earlier, allows remote attackers to execute arbitrary code via an RDP file containing a long string."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en el protocolo decodificador de contrase\u00f1as RPD en Cain \u0026 Abel v4.9.23 y v4.9.24, y posiblemente versiones previas, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un archivo RPD que contiene una cadena larga."
}
],
"id": "CVE-2008-5405",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2008-12-10T06:44:42.173",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/50342"
},
{
"source": "cve@mitre.org",
"url": "http://oxid.netsons.org/phpBB2/viewtopic.php?t=2750"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32794"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/4703"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/32543"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/3286"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46940"
},
{
"source": "cve@mitre.org",
"url": "https://www.exploit-db.com/exploits/7297"
},
{
"source": "cve@mitre.org",
"url": "https://www.exploit-db.com/exploits/7309"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/50342"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://oxid.netsons.org/phpBB2/viewtopic.php?t=2750"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32794"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/4703"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/32543"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/3286"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46940"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/7297"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/7309"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2005-0807
Vulnerability from fkie_nvd - Published: 2005-05-02 04:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Multiple buffer overflows in Cain & Abel before 2.67 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via (1) an IKE packet with a large ID field that is not properly handled by the PSK sniffer filter, (2) the HTTP sniffer filter, or the (3) POP3, (4) SMTP, (5) IMAP, (6) NNTP, or (7) TDS sniffer filters.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oxid | cain_and_abel | 2.5 | |
| oxid | cain_and_abel | 2.5_beta21 | |
| oxid | cain_and_abel | 2.5_beta29 | |
| oxid | cain_and_abel | 2.5_beta34 | |
| oxid | cain_and_abel | 2.5_beta36 | |
| oxid | cain_and_abel | 2.5_beta40 | |
| oxid | cain_and_abel | 2.5_beta41 | |
| oxid | cain_and_abel | 2.5_beta47 | |
| oxid | cain_and_abel | 2.5_beta51 | |
| oxid | cain_and_abel | 2.5_beta56 | |
| oxid | cain_and_abel | 2.5_beta59 | |
| oxid | cain_and_abel | 2.5_beta65 | |
| oxid | cain_and_abel | 2.65 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oxid:cain_and_abel:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C3BC3981-3257-4C4E-84D6-39D418B23C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oxid:cain_and_abel:2.5_beta21:*:*:*:*:*:*:*",
"matchCriteriaId": "529D9000-ADDA-47FC-B52B-5EB11794D8C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oxid:cain_and_abel:2.5_beta29:*:*:*:*:*:*:*",
"matchCriteriaId": "057187E0-5801-4362-BB92-7A73B2A61A96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oxid:cain_and_abel:2.5_beta34:*:*:*:*:*:*:*",
"matchCriteriaId": "33BBA2EB-92CC-4961-A5A1-A535AD764A82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oxid:cain_and_abel:2.5_beta36:*:*:*:*:*:*:*",
"matchCriteriaId": "BEA4FFD4-0BBF-4368-9F48-ADB783103E20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oxid:cain_and_abel:2.5_beta40:*:*:*:*:*:*:*",
"matchCriteriaId": "50ED95C2-2E07-4F3B-BF5E-4B221EAB60AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oxid:cain_and_abel:2.5_beta41:*:*:*:*:*:*:*",
"matchCriteriaId": "08A35BC2-20C6-4CB5-8E0F-153D11C42BF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oxid:cain_and_abel:2.5_beta47:*:*:*:*:*:*:*",
"matchCriteriaId": "1C9CF0AE-1369-46DA-A395-E13E8095BB42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oxid:cain_and_abel:2.5_beta51:*:*:*:*:*:*:*",
"matchCriteriaId": "18552FDB-FF80-4AE2-8654-3AD0656249C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oxid:cain_and_abel:2.5_beta56:*:*:*:*:*:*:*",
"matchCriteriaId": "E1311B19-DBC4-4EF0-B3F0-A882DDBF3E30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oxid:cain_and_abel:2.5_beta59:*:*:*:*:*:*:*",
"matchCriteriaId": "68EDA7F0-4C16-449B-8234-0B7DFC587CFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oxid:cain_and_abel:2.5_beta65:*:*:*:*:*:*:*",
"matchCriteriaId": "6F3A51F3-046D-4F1D-AA1E-D76AF9B2FF5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oxid:cain_and_abel:2.65:*:*:*:*:*:*:*",
"matchCriteriaId": "BF6F40FE-3E67-4118-90F4-9A03478A0B10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in Cain \u0026 Abel before 2.67 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via (1) an IKE packet with a large ID field that is not properly handled by the PSK sniffer filter, (2) the HTTP sniffer filter, or the (3) POP3, (4) SMTP, (5) IMAP, (6) NNTP, or (7) TDS sniffer filters."
}
],
"id": "CVE-2005-0807",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-05-02T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=111116097313427\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://secunia.com/advisories/14630"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1013476"
},
{
"source": "cve@mitre.org",
"url": "http://www.oxid.it/"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/12840"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19742"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19744"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=111116097313427\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://secunia.com/advisories/14630"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1013476"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oxid.it/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/12840"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19742"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19744"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2008-5405 (GCVE-0-2008-5405)
Vulnerability from cvelistv5 – Published: 2008-12-09 11:00 – Updated: 2024-08-07 10:49
VLAI?
Summary
Stack-based buffer overflow in the RDP protocol password decoder in Cain & Abel 4.9.23 and 4.9.24, and possibly earlier, allows remote attackers to execute arbitrary code via an RDP file containing a long string.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:49:12.950Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "7309",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/7309"
},
{
"name": "32794",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32794"
},
{
"name": "32543",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/32543"
},
{
"name": "cainabel-rdp-bo(46940)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46940"
},
{
"name": "50342",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/50342"
},
{
"name": "ADV-2008-3286",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/3286"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://oxid.netsons.org/phpBB2/viewtopic.php?t=2750"
},
{
"name": "4703",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4703"
},
{
"name": "7297",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/7297"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-11-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the RDP protocol password decoder in Cain \u0026 Abel 4.9.23 and 4.9.24, and possibly earlier, allows remote attackers to execute arbitrary code via an RDP file containing a long string."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "7309",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/7309"
},
{
"name": "32794",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32794"
},
{
"name": "32543",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/32543"
},
{
"name": "cainabel-rdp-bo(46940)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46940"
},
{
"name": "50342",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/50342"
},
{
"name": "ADV-2008-3286",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/3286"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://oxid.netsons.org/phpBB2/viewtopic.php?t=2750"
},
{
"name": "4703",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4703"
},
{
"name": "7297",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/7297"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-5405",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the RDP protocol password decoder in Cain \u0026 Abel 4.9.23 and 4.9.24, and possibly earlier, allows remote attackers to execute arbitrary code via an RDP file containing a long string."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "7309",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/7309"
},
{
"name": "32794",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32794"
},
{
"name": "32543",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32543"
},
{
"name": "cainabel-rdp-bo(46940)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46940"
},
{
"name": "50342",
"refsource": "OSVDB",
"url": "http://osvdb.org/50342"
},
{
"name": "ADV-2008-3286",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/3286"
},
{
"name": "http://oxid.netsons.org/phpBB2/viewtopic.php?t=2750",
"refsource": "CONFIRM",
"url": "http://oxid.netsons.org/phpBB2/viewtopic.php?t=2750"
},
{
"name": "4703",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4703"
},
{
"name": "7297",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/7297"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-5405",
"datePublished": "2008-12-09T11:00:00",
"dateReserved": "2008-12-08T00:00:00",
"dateUpdated": "2024-08-07T10:49:12.950Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0807 (GCVE-0-2005-0807)
Vulnerability from cvelistv5 – Published: 2005-03-20 05:00 – Updated: 2024-08-07 21:28
VLAI?
Summary
Multiple buffer overflows in Cain & Abel before 2.67 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via (1) an IKE packet with a large ID field that is not properly handled by the PSK sniffer filter, (2) the HTTP sniffer filter, or the (3) POP3, (4) SMTP, (5) IMAP, (6) NNTP, or (7) TDS sniffer filters.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:28:29.011Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cain-abel-http-filter-bo(19744)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19744"
},
{
"name": "20050318 Cain \u0026 Abel PSK Sniffer Heap overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111116097313427\u0026w=2"
},
{
"name": "12840",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12840"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oxid.it/"
},
{
"name": "14630",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/14630"
},
{
"name": "1013476",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1013476"
},
{
"name": "cain-abel-ikepsk-bo(19742)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19742"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-03-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in Cain \u0026 Abel before 2.67 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via (1) an IKE packet with a large ID field that is not properly handled by the PSK sniffer filter, (2) the HTTP sniffer filter, or the (3) POP3, (4) SMTP, (5) IMAP, (6) NNTP, or (7) TDS sniffer filters."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "cain-abel-http-filter-bo(19744)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19744"
},
{
"name": "20050318 Cain \u0026 Abel PSK Sniffer Heap overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111116097313427\u0026w=2"
},
{
"name": "12840",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12840"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oxid.it/"
},
{
"name": "14630",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/14630"
},
{
"name": "1013476",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1013476"
},
{
"name": "cain-abel-ikepsk-bo(19742)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19742"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0807",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in Cain \u0026 Abel before 2.67 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via (1) an IKE packet with a large ID field that is not properly handled by the PSK sniffer filter, (2) the HTTP sniffer filter, or the (3) POP3, (4) SMTP, (5) IMAP, (6) NNTP, or (7) TDS sniffer filters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "cain-abel-http-filter-bo(19744)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19744"
},
{
"name": "20050318 Cain \u0026 Abel PSK Sniffer Heap overflow",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=111116097313427\u0026w=2"
},
{
"name": "12840",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12840"
},
{
"name": "http://www.oxid.it/",
"refsource": "CONFIRM",
"url": "http://www.oxid.it/"
},
{
"name": "14630",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14630"
},
{
"name": "1013476",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013476"
},
{
"name": "cain-abel-ikepsk-bo(19742)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19742"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0807",
"datePublished": "2005-03-20T05:00:00",
"dateReserved": "2005-03-20T00:00:00",
"dateUpdated": "2024-08-07T21:28:29.011Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-5405 (GCVE-0-2008-5405)
Vulnerability from nvd – Published: 2008-12-09 11:00 – Updated: 2024-08-07 10:49
VLAI?
Summary
Stack-based buffer overflow in the RDP protocol password decoder in Cain & Abel 4.9.23 and 4.9.24, and possibly earlier, allows remote attackers to execute arbitrary code via an RDP file containing a long string.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:49:12.950Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "7309",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/7309"
},
{
"name": "32794",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32794"
},
{
"name": "32543",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/32543"
},
{
"name": "cainabel-rdp-bo(46940)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46940"
},
{
"name": "50342",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/50342"
},
{
"name": "ADV-2008-3286",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/3286"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://oxid.netsons.org/phpBB2/viewtopic.php?t=2750"
},
{
"name": "4703",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4703"
},
{
"name": "7297",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/7297"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-11-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the RDP protocol password decoder in Cain \u0026 Abel 4.9.23 and 4.9.24, and possibly earlier, allows remote attackers to execute arbitrary code via an RDP file containing a long string."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "7309",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/7309"
},
{
"name": "32794",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32794"
},
{
"name": "32543",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/32543"
},
{
"name": "cainabel-rdp-bo(46940)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46940"
},
{
"name": "50342",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/50342"
},
{
"name": "ADV-2008-3286",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/3286"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://oxid.netsons.org/phpBB2/viewtopic.php?t=2750"
},
{
"name": "4703",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4703"
},
{
"name": "7297",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/7297"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-5405",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the RDP protocol password decoder in Cain \u0026 Abel 4.9.23 and 4.9.24, and possibly earlier, allows remote attackers to execute arbitrary code via an RDP file containing a long string."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "7309",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/7309"
},
{
"name": "32794",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32794"
},
{
"name": "32543",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32543"
},
{
"name": "cainabel-rdp-bo(46940)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46940"
},
{
"name": "50342",
"refsource": "OSVDB",
"url": "http://osvdb.org/50342"
},
{
"name": "ADV-2008-3286",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/3286"
},
{
"name": "http://oxid.netsons.org/phpBB2/viewtopic.php?t=2750",
"refsource": "CONFIRM",
"url": "http://oxid.netsons.org/phpBB2/viewtopic.php?t=2750"
},
{
"name": "4703",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4703"
},
{
"name": "7297",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/7297"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-5405",
"datePublished": "2008-12-09T11:00:00",
"dateReserved": "2008-12-08T00:00:00",
"dateUpdated": "2024-08-07T10:49:12.950Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0807 (GCVE-0-2005-0807)
Vulnerability from nvd – Published: 2005-03-20 05:00 – Updated: 2024-08-07 21:28
VLAI?
Summary
Multiple buffer overflows in Cain & Abel before 2.67 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via (1) an IKE packet with a large ID field that is not properly handled by the PSK sniffer filter, (2) the HTTP sniffer filter, or the (3) POP3, (4) SMTP, (5) IMAP, (6) NNTP, or (7) TDS sniffer filters.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:28:29.011Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cain-abel-http-filter-bo(19744)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19744"
},
{
"name": "20050318 Cain \u0026 Abel PSK Sniffer Heap overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111116097313427\u0026w=2"
},
{
"name": "12840",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12840"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oxid.it/"
},
{
"name": "14630",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/14630"
},
{
"name": "1013476",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1013476"
},
{
"name": "cain-abel-ikepsk-bo(19742)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19742"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-03-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in Cain \u0026 Abel before 2.67 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via (1) an IKE packet with a large ID field that is not properly handled by the PSK sniffer filter, (2) the HTTP sniffer filter, or the (3) POP3, (4) SMTP, (5) IMAP, (6) NNTP, or (7) TDS sniffer filters."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "cain-abel-http-filter-bo(19744)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19744"
},
{
"name": "20050318 Cain \u0026 Abel PSK Sniffer Heap overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111116097313427\u0026w=2"
},
{
"name": "12840",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12840"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oxid.it/"
},
{
"name": "14630",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/14630"
},
{
"name": "1013476",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1013476"
},
{
"name": "cain-abel-ikepsk-bo(19742)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19742"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0807",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in Cain \u0026 Abel before 2.67 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via (1) an IKE packet with a large ID field that is not properly handled by the PSK sniffer filter, (2) the HTTP sniffer filter, or the (3) POP3, (4) SMTP, (5) IMAP, (6) NNTP, or (7) TDS sniffer filters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "cain-abel-http-filter-bo(19744)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19744"
},
{
"name": "20050318 Cain \u0026 Abel PSK Sniffer Heap overflow",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=111116097313427\u0026w=2"
},
{
"name": "12840",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12840"
},
{
"name": "http://www.oxid.it/",
"refsource": "CONFIRM",
"url": "http://www.oxid.it/"
},
{
"name": "14630",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14630"
},
{
"name": "1013476",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013476"
},
{
"name": "cain-abel-ikepsk-bo(19742)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19742"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0807",
"datePublished": "2005-03-20T05:00:00",
"dateReserved": "2005-03-20T00:00:00",
"dateUpdated": "2024-08-07T21:28:29.011Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}