CVE-2013-5680
HylaFAX+ 5.2.4-5.5.3 - Heap-Based Buffer Overflow via Long USER Command
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2013-5680. PoCs published by Dennis Jenkins.
AI-analyzed exploit summary This exploit demonstrates a heap-based buffer overflow in HylaFAX+ when LDAP authentication is enabled. The PoC sends a maliciously crafted USER command with excessive data to trigger the overflow, leading to a crash or potential arbitrary code execution.
Description
Heap-based buffer overflow in hfaxd in HylaFAX+ 5.2.4 through 5.5.3, when using LDAP authentication, might allow remote attackers to cause a denial of service (child hang) or execute arbitrary code via a long USER command.
Exploits (1)
This exploit demonstrates a heap-based buffer overflow in HylaFAX+ when LDAP authentication is enabled. The PoC sends a maliciously crafted USER command with excessive data to trigger the overflow, leading to a crash or potential arbitrary code execution.