Vulnerabilities > CVE-2001-1320 - Buffer Overflow vulnerability in PGP Keyserver 7.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Network Associates PGP Keyserver 7.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via exceptional BER encodings (possibly buffer overflows), as demonstrated by the PROTOS LDAPv3 test suite.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | Network Associates PGP KeyServer 7 LDAP Buffer Overflow. CVE-2001-1320. Remote exploit for windows platform |
id | EDB-ID:16823 |
last seen | 2016-02-02 |
modified | 2010-11-14 |
published | 2010-11-14 |
reporter | metasploit |
source | https://www.exploit-db.com/download/16823/ |
title | Network Associates PGP KeyServer 7 LDAP Buffer Overflow |
Metasploit
description | This module exploits a stack buffer overflow in the LDAP service that is part of the NAI PGP Enterprise product suite. This module was tested against PGP KeyServer v7.0. Due to space restrictions, egghunter is used to find our payload - therefore you may wish to adjust WfsDelay. |
id | MSF:EXPLOIT/WINDOWS/LDAP/PGP_KEYSERVER7 |
last seen | 2019-11-22 |
modified | 2017-11-08 |
published | 2010-11-04 |
references | |
reporter | Rapid7 |
source | https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/ldap/pgp_keyserver7.rb |
title | Network Associates PGP KeyServer 7 LDAP Buffer Overflow |
Packetstorm
data source | https://packetstormsecurity.com/files/download/95519/pgp_keyserver7.rb.txt |
id | PACKETSTORM:95519 |
last seen | 2016-12-05 |
published | 2010-11-05 |
reporter | patrick |
source | https://packetstormsecurity.com/files/95519/Network-Associates-PGP-KeyServer-7-LDAP-Buffer-Overflow.html |
title | Network Associates PGP KeyServer 7 LDAP Buffer Overflow |
References
- http://ciac.llnl.gov/ciac/bulletins/l-116.shtml
- http://www.cert.org/advisories/CA-2001-18.html
- http://www.ee.oulu.fi/research/ouspg/protos/testing/c06/ldapv3/
- http://www.kb.cert.org/vuls/id/765256
- http://www.kb.cert.org/vuls/id/JPLA-4WESNK
- http://www.securityfocus.com/bid/3046
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6900