CVE-2010-2309
EvoLogical EvoCam 3.6.6-3.6.7 - Remote Code Execution via Long GET Request
Title source: llmExploitation Summary
EIP tracks 5 public exploits for CVE-2010-2309.
PoCs published by Metasploit, d1dn0t, Paul Harrington, dookie, including Metasploit module exploits/osx/http/evocam_webserver.
AI-analyzed exploit summary This is a functional Metasploit module exploiting a buffer overflow in the IRC client component of UFO: Alien Invasion 2.2.1. It crafts a malicious IRC server response to trigger a stack-based overflow, leading to arbitrary code execution on Mac OS X 10.5.8 x86 systems.
Description
Buffer overflow in the web server for EvoLogical EvoCam 3.6.6 and 3.6.7 allows remote attackers to execute arbitrary code via a long GET request.
Exploits (5)
This is a functional Metasploit module exploiting a buffer overflow in the IRC client component of UFO: Alien Invasion 2.2.1. It crafts a malicious IRC server response to trigger a stack-based overflow, leading to arbitrary code execution on Mac OS X 10.5.8 x86 systems.
This exploit targets a stack buffer overflow in the EvoCam web server for Mac OS X, leveraging Dino Dai Zovi's exec-from-heap technique to execute arbitrary payloads. It is designed for versions 3.6.6 and 3.6.7, with specific offsets and memory addresses for reliable exploitation.
This exploit targets a buffer overflow vulnerability in EvoCam Web Server for OSX versions 3.6.6 and 3.6.7. It uses ROP (Return-Oriented Programming) to bypass DEP and execute shellcode, resulting in remote code execution.
This exploit targets a buffer overflow vulnerability in EvoCam Web Server versions 3.6.6 and 3.6.7 on OS X 10.5.8. It sends a crafted HTTP GET request with a malicious payload to achieve remote code execution.
This Metasploit module exploits a stack buffer overflow in EvoCam's web server on Mac OS X, using a heap-based execution technique to achieve remote code execution. It targets specific versions of EvoCam (3.6.6 and 3.6.7) by sending a maliciously crafted HTTP GET request.