Vulnerabilities > CVE-2005-1009 - Remote Heap Overflow vulnerability in Bakbone Netvault 7.0/7.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Multiple buffer overflows in BakBone NetVault 6.x and 7.x allow (1) remote attackers to execute arbitrary code via a modified computer name and length that leads to a heap-based buffer overflow, or (2) local users to execute arbitrary code via a long Name entry in the configure.cfg file.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Exploit-Db
description BakBone NetVault Remote Heap Overflow. CVE-2005-1009. Remote exploit for windows platform id EDB-ID:16448 last seen 2016-02-01 modified 2010-09-20 published 2010-09-20 reporter metasploit source https://www.exploit-db.com/download/16448/ title BakBone NetVault Remote Heap Overflow description BakBone NetVault 6.x/7.x Remote Heap Buffer Overflow. CVE-2005-1009,CVE-2005-1547. Remote exploit for windows platform id EDB-ID:990 last seen 2016-01-31 modified 2005-05-17 published 2005-05-17 reporter nolimit source https://www.exploit-db.com/download/990/ title BakBone NetVault 6.x/7.x - Remote Heap Buffer Overflow description BakBone NetVault 6.x/7.x Remote Heap Buffer Overflow Exploit (2). CVE-2005-1009. Remote exploit for windows platform id EDB-ID:906 last seen 2016-01-31 modified 2005-04-01 published 2005-04-01 reporter class101 source https://www.exploit-db.com/download/906/ title BakBone NetVault 6.x/7.x - Remote Heap Buffer Overflow Exploit 2 description BakBone NetVault 6.x/7.x Local Stack Buffer Overflow Exploit. CVE-2005-1009. Local exploit for windows platform id EDB-ID:905 last seen 2016-01-31 modified 2005-04-01 published 2005-04-01 reporter class101 source https://www.exploit-db.com/download/905/ title BakBone NetVault 6.x/7.x - Local Stack Buffer Overflow Exploit
Metasploit
description | This module exploits a heap overflow in the BakBone NetVault Process Manager service. This code is a direct port of the netvault.c code written by nolimit and BuzzDee. |
id | MSF:EXPLOIT/WINDOWS/MISC/BAKBONE_NETVAULT_HEAP |
last seen | 2020-03-11 |
modified | 2017-07-24 |
published | 2006-12-28 |
references | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1009 |
reporter | Rapid7 |
source | https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/misc/bakbone_netvault_heap.rb |
title | BakBone NetVault Remote Heap Overflow |
Nessus
NASL family | Gain a shell remotely |
NASL id | NETVAULT_REMOTE_HBOF.NASL |
description | The installed version of BakBone NetVault on the remote host suffers from two remote heap-based buffer overflow vulnerabilities. An attacker may be able to exploit these flaws and execute arbitrary code with SYSTEM privileges on the affected machine. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 18257 |
published | 2005-05-14 |
reporter | This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/18257 |
title | BakBone NetVault < 7.1.2 / 7.3.1 Multiple Remote Overflows |
code |
|
Packetstorm
data source | https://packetstormsecurity.com/files/download/83217/bakbone_netvault_heap.rb.txt |
id | PACKETSTORM:83217 |
last seen | 2016-12-05 |
published | 2009-11-26 |
reporter | H D Moore |
source | https://packetstormsecurity.com/files/83217/BakBone-NetVault-Remote-Heap-Overflow.html |
title | BakBone NetVault Remote Heap Overflow |
Saint
bid | 12967 |
description | BakBone NetVault remote heap overflow |
id | misc_netvault |
osvdb | 15234 |
title | netvault_heap_overflow |
type | remote |
References
- http://secunia.com/advisories/14814
- http://securitytracker.com/id?1013625
- http://www.class101.org/netv-locsbof.pdf
- http://www.class101.org/netv-remhbof.pdf
- http://www.hat-squad.com/en/000164.html
- http://www.hat-squad.com/en/000165.html
- http://www.securityfocus.com/archive/1/394801
- http://www.securityfocus.com/bid/12967
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19932