Peter Baris

Name of the Vulnerable Software and Affected Versions: Synchronet BBS version 3.16c for Windows Description: The issue allows remote attackers to cause a denial of service, resulting in a service crash, by sending a long string in the `HTTP Referer` header. Recommendations: For Synchronet BBS version 3.16c for Windows, consider restricting access to the HTTP service until a patch is available, or limit the length of the `HTTP Referer` header to prevent service crashes. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** NetDecision version 5.8.2 **Description** The issue allows local users to gain privileges through a crafted 0x9C402088 IOCTL call to the Winring0x32.sys driver. **Recommendations** For NetDecision version 5.8.2, consider restricting access to the Winring0x32.sys driver until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Cerberus FTP Server version 8.0.10.1 **Description** The issue involves a crafted HTTP request that can cause the Windows service to crash. This is achieved by including a long Host header and an invalid Content-Length header in the request. **Recommendations** For Cerberus FTP Server version 8.0.10.1, consider restricting access to the HTTP service until a patch is available to prevent potential crashes caused by maliciously crafted requests.

**Name of the Vulnerable Software and Affected Versions** EvoStream Media Server version 1.7.1 **Description** A Buffer Overflow issue was found, which can be triggered by a crafted HTTP request containing a malicious header, leading to a crash. An example of an attack methodology includes sending a GET request with a long message-body. **Recommendations** For EvoStream Media Server version 1.7.1, consider restricting access to the HTTP endpoint to minimize the risk of exploitation until a patch is available. Avoid using long message-bodies in GET requests to reduce the risk of triggering the issue.

**Name of the Vulnerable Software and Affected Versions** FTPShell Client version 6.53 **Description** A Remote Code Execution issue was found, caused by the client sending a PWD command to the FTP server without checking the response's length, leading to a buffer overflow situation. **Recommendations** For FTPShell Client version 6.53, consider updating to a newer version that addresses this issue, as the current version does not properly validate the response length from the FTP server, resulting in a potential buffer overflow. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Azure Data Expert Ultimate version 2.2.16 **Description** The issue is related to a buffer overflow in the SMTP verification function, which can lead to remote code execution. This occurs when a crafted SMTP daemon sends a long "Service ready" string, specifically the 220 response code. **Recommendations** For Azure Data Expert Ultimate version 2.2.16, consider disabling the SMTP verification function until a patch is available to prevent potential remote code execution. Restrict access to the SMTP daemon to minimize the risk of exploitation. Avoid using the SMTP verification function with untrusted or unknown SMTP daemons until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** DiskSavvy Enterprise version 9.4.18 **Description** A buffer overflow issue exists in the built-in web server, allowing remote attackers to execute arbitrary code via a long URI in a GET request to the "/api" endpoint, such as "/api/v1/login" or similar. **Recommendations** For DiskSavvy Enterprise version 9.4.18, consider disabling the built-in web server until a patch is available to prevent exploitation.

**Name of the Vulnerable Software and Affected Versions** GOM Player version 2.3.10.5266 **Description** The issue allows remote attackers to cause a denial of service, resulting in memory corruption, or possibly have other unspecified impacts through a crafted fpx file. **Recommendations** For version 2.3.10.5266, consider avoiding the use of fpx files until a patch is available. As a temporary workaround, restrict the handling of fpx files to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** SAP GUI 7.40 versions SAPlpd through 7400.3.11.33 **Description** The issue is related to a Denial of Service vulnerability that can cause a service crash when a long string is sent to TCP port 515. **Recommendations** For SAP GUI 7.40 versions SAPlpd through 7400.3.11.33, consider restricting access to TCP port 515 to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.