CVE-2007-4746

The CVE-2007-4746 issue involves Cisco Video Surveillance devices where default passwords exist for sypixx and root accounts. Affected are the Cisco Video Surveillance IP Gateway Encoder/Decoder (Standalone and Module) firmware 1.8.1 and earlier; Video Surveillance SP/ISP Decoder Software firmwar...

CVE-2007-4747

CVE-2007-4747 concerns Cisco Video Surveillance IP Gateway Encoder/Decoder (Standalone and Module) firmware 1.8.1 and earlier, Video Surveillance SP/ISP Decoder Software firmware 1.11.0 and earlier, and Video Surveillance SP/ISP firmware 1.23.7 and earlier. The telnet service in these products do...

Cisco Security Advisory: Cisco Video Surveillance IP Gateway and Services Platform Authentication Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco Video Surveillance IP Gateway and Services Platform Authentication Vulnerabilities Advisory ID: cisco-sa-20070905-video http://www.cisco.com/warp/public/707/cisco-sa-20070905-video.shtml Revision 1.0 For Public Release...

Mercury/32 Mail Server 3.32 < 4.51 - SMTP EIP Overwrite

/ Dreatica-FXP crew ---------------------------------------- Target : Mercury/32 SMTP Server Found by : [email protected], http://www.offensive-security.com ---------------------------------------- Exploit : Mercury/32 v3.32-v4.51 SMTP Pre-Auth EIP overwrite exploit Exploit date :...

Alphanumeric Shellcode Encoder Decoder

Exploit for generator platform in category shellcode ====================================== Alphanumeric Shellcode Encoder Decoder ====================================== / //////////////////////////////////////////////////////////////////////////////////////////////////////////////////////...

CrystalPlayer 1.98 - '.mls' Local Buffer Overflow

!/usr/bin/perl Crystal Player 1.98 Playlist.mls File Local Buffer Overflow Exploit Source:: http://www.crystalplayer.com/CrystalPro.exe Credit To Timq For The Vulnerability POC By Arham Muhammad While Debugging EIP And EBP Successfully Gets Overwritten! Upon Successful Exploitation, DOS Occurs An...

WebCT 4.1.5 - Email and Discussion Board Messages HTML Injection

source: https://www.securityfocus.com/bid/28107/info WebCT is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML or JavaScript code could run in the context of the...

Pegasus ImagN - ActiveX Control Remote Buffer Overflow

?php / win32adduser - PASS=tzu EXITFUNC=seh USER=sun Size=483 Encoder=PexAlphaNum http://metasploit.com / $shellcode = "\xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff\x4f\x49\x49\x49\x49\x49". "\x49\x51\x5a\x56\x54\x58\x36\x33\x30\x56\x58\x34\x41\x30\x42\x36"...

Winamp 5.34 - .mp4 Code Execution

Winamp 5.34 - .mp4 Code Execution /\ Winamp = 5.34 .MP4 File Code Execution Winamp MP4's plugin fails to handle exceptional conditions, which can lead to code execution. However exploitation is hard, firstly because of the return address. This code exploits a call eax, and it might be complicated...

3proxy 0.5.3g (Windows x86) - 'proxy.c logurl()' Remote Buffer Overflow

/ 3proxyv0.5.3g: win32 service remote buffer overflow exploit. by: vade79/v9 [email protected] fakehalo/realhalo compile: gcc x3proxy-win32.c -o x3proxy-win32 syntax: ./x3proxy-win32 -pr -h host sumus homepage/url: http://3proxy.ru/ 3Proxy tiny free proxy server previously known as 3APA3A tiny...

3proxy 0.5.3g (Windows x86) - proxy.c logurl() Remote Buffer Overflow

3proxy 0.5.3g Windows x86 - proxy.c logurl Remote Buffer Overflow / 3proxyv0.5.3g: win32 service remote buffer overflow exploit. by: vade79/v9 [email protected] fakehalo/realhalo compile: gcc x3proxy-win32.c -o x3proxy-win32 syntax: ./x3proxy-win32 -pr -h host sumus homepage/url: http://3proxy.ru/...

phpLocal.txt

Affected versions: php 5.1.4 and older, 4.4.3 and possibly older Cause: when php-s sscanf functions format argument contains argument swap and extra arguments are given like. sscanf'foo ','$1s',$bar then it reads an pointer to pointer to zval structure past the end of argument array by one. Php...

Avoid UTF8/tolower

UTF8 Safe, tolower Safe Encoder This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework NOTE: Read this if you plan on using this encoder: This encoder has some limitations that must be considered. First, this encoder cannot ...

Non-Upper Encoder

Encodes payloads as non-alpha based bytes. This allows payloads to bypass tolower calls, but will fail isalpha. Table based design from Russel Sanford. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require...

Non-Alpha Encoder

Encodes payloads as non-alpha based bytes. This allows payloads to bypass both toupper and tolower calls, but will fail isalpha. Table based design from Russel Sanford. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework...

Polymorphic XOR Additive Feedback Encoder

This encoder implements a polymorphic XOR additive feedback encoder. The decoder stub is generated based on dynamic instruction substitution and dynamic block ordering. Registers are also selected dynamically. This module requires Metasploit: https://metasploit.com/download Current source:...

Generic Shell Variable Substitution Command Encoder

This encoder uses standard Bourne shell variable substitution tricks to avoid commonly restricted characters. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Generic Shell Variable Substitution...

SPARC DWORD XOR Encoder

This encoder is optyx's 48-byte SPARC encoder with some tweaks. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SPARC DWORD XOR Encoder', 'Description' = %q This encoder is optyx's 48-byte SPAR...

Alpha2 Alphanumeric Unicode Uppercase Encoder

Encodes payload as unicode-safe uppercase text. This encoder uses SkyLined's Alpha2 encoding suite. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/encoder/alpha2/unicodeupper' class MetasploitModule...

Alpha2 Alphanumeric Unicode Mixedcase Encoder

Encodes payload as unicode-safe mixedcase text. This encoder uses SkyLined's Alpha2 encoding suite. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/encoder/alpha2/unicodemixed' class MetasploitModule...