• 

  SNMPc: Fun with SEH

  Recently I found a stack based buffer overflow in Caste Rock Computing’s SNMPc Enterprise Edition 9 & 10 software; details here if you want to read my disclosure info. Now, BOFs are relatively easy to identify, and old school vanilla EIP BOFs are even easier to write exploits for, however this time I encountered something […]

  Posted: July 11th, 2019 ˑ  No Comments
  Filled under: Infosec
• 

  (CVE-2019-13494) SNMPc Enterprise Edition 9 & 10 Stack Based Buffer Overflow

  Background: On the 27th May 2019 I discovered a number of stack based buffer overflows in Castle Rock Computing’s SNMPc Enterprise Edition 9 & 10. Exploitation of the these vulnerabilities allows an attacker to execute arbitrary code on the targeted system/s. Castle Rock Computing’s (CRC) SNMPc Enterprise 10 “is a secure distributed Network Management System […]

  Posted: July 11th, 2019 ˑ  No Comments
  Filled under: Infosec