CVE-2005-3489

Asus Video Security Online < 3.5.0.0 - Buffer Overflow via Long Username/Password

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-3489. PoCs published by Luigi Auriemma.

AI-analyzed exploit summary This exploit demonstrates a buffer overflow vulnerability in the authentication mechanism of the Asus VideoSecurity Online web server. It also includes a directory traversal attack, both of which are triggered via crafted HTTP requests.

Description

Buffer overflow in Asus Video Security 3.5.0.0 and earlier, when using authorization, allows remote attackers to execute arbitrary code via a long username/password string.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Luigi Auriemma · cremotewindows

https://www.exploit-db.com/exploits/26460

View Code ZIP pw:eip

This exploit demonstrates a buffer overflow vulnerability in the authentication mechanism of the Asus VideoSecurity Online web server. It also includes a directory traversal attack, both of which are triggered via crafted HTTP requests.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Asus VideoSecurity Online <= 3.5.0.0

Auth required

Prerequisites: Authentication must be enabled on the target server · Network access to the target web server

MITRE ATT&CK