Magnus Klaaborg Stubman

13 exploits Active since Aug 2015
CVE-2016-7434 NOMISEC HIGH WORKING POC
Ntp < 4.3.94 - Improper Input Validation
The read_mru_list function in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (crash) via a crafted mrulist query.
1 stars
CVSS 7.5
CVE-2015-5621 EXPLOITDB HIGH text WORKING POC
net-snmp <5.7.2 - DoS
The snmp_pdu_parse function in snmp_api.c in net-snmp 5.7.2 and earlier does not remove the varBind variable in a netsnmp_variable_list item when parsing of the SNMP PDU fails, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet.
CVSS 7.5
CVE-2018-7182 EXPLOITDB HIGH python WORKING POC
Ntp - Out-of-Bounds Read
The ctl_getitem method in ntpd in ntp-4.2.8p6 before 4.2.8p11 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mode 6 packet with a ntpd instance from 4.2.8p6 through 4.2.8p10.
CVSS 7.5
CVE-2016-7567 EXPLOITDB CRITICAL text WORKING POC
Openslp - Memory Corruption
Buffer overflow in the SLPFoldWhiteSpace function in common/slp_compare.c in OpenSLP 2.0 allows remote attackers to have unspecified impact via a crafted string.
CVSS 9.8
CVE-2019-6442 EXPLOITDB MEDIUM python WORKING POC
Ntpsec < 1.1.3 - Out-of-Bounds Write
An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can write one byte out of bounds in ntpd via a malformed config request, related to config_remotely in ntp_config.c, yyparse in ntp_parser.tab.c, and yyerror in ntp_parser.y.
CVSS 6.5
CVE-2019-6443 EXPLOITDB CRITICAL python WORKING POC
Ntpsec < 1.1.3 - Out-of-Bounds Read
An issue was discovered in NTPsec before 1.1.3. Because of a bug in ctl_getitem, there is a stack-based buffer over-read in read_sysvars in ntp_control.c in ntpd.
CVSS 9.1
CVE-2018-18065 EXPLOITDB MEDIUM text WORKING POC
Net-snmp < 5.8 - NULL Pointer Dereference
_set_key in agent/helpers/table_container.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an authenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
CVSS 6.5
CVE-2019-6444 EXPLOITDB CRITICAL python WORKING POC
Ntpsec < 1.1.3 - Out-of-Bounds Read
An issue was discovered in NTPsec before 1.1.3. process_control() in ntp_control.c has a stack-based buffer over-read because attacker-controlled data is dereferenced by ntohl() in ntpd.
CVSS 9.1
CVE-2018-12938 EXPLOITDB python WORKING POC
Rejected
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-17833. Reason: This candidate is a duplicate of CVE-2017-17833. Notes: All CVE users should reference CVE-2017-17833 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
CVE-2019-6445 EXPLOITDB MEDIUM python WORKING POC
Ntpsec < 1.1.3 - NULL Pointer Dereference
An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can cause a NULL pointer dereference and ntpd crash in ntp_control.c, related to ctl_getitem.
CVSS 6.5
EIP-2026-102695 EXPLOITDB bash WORKING POC
net-snmp 5.7.3 - (Unauthenticated) Denial of Service (PoC)
CVE-2015-7855 EXPLOITDB MEDIUM python WORKING POC
NTP <4.2.8p4-4.3.77 - DoS
The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a long data value.
CVSS 6.5
CVE-2016-7434 EXPLOITDB HIGH python WORKING POC
Ntp < 4.3.94 - Improper Input Validation
The read_mru_list function in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (crash) via a crafted mrulist query.
CVSS 7.5