AVG Internet Security 9.0.851 - Local Denial of Service Exploit

No description provided by source. / Exploit Title: AVG Internet Security 0day Local DoS Exploit Date: 2010-11-01 Author: Nikita Tarakanov CISS Research Team Software Link: http://www.avg.com Version: up to date, version 9.0.851, avgtdix.sys version 9.0.0.832 Tested on: Win XP SP3 CVE :...

Apache < 1.3.37, 2.0.59, 2.2.3 (mod_rewrite) Remote Overflow PoC

No description provided by source. !/bin/sh Exploit for Apache modrewrite off-by-one. Vulnerability discovered by Mark Dowd. CVE-2006-3747 by jack jack\x40gulcas\x2Eorg 2006-08-20 Thx to xuso for help me with the shellcode. I suppose that you've the RewriteRule kung/. $1 rule if not you must...

Linux Kernel 2.6.x - IPv6_SockGlue.c NULL Pointer Dereference Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/23142/info The Linux kernel is prone to a NULL-pointer dereference vulnerability. A local attacker can exploit this issue to crash the affected application, denying service to legitimate users. The attacker may also be ab...

mtftpd <= 0.0.3 - Remote Root Exploit

No description provided by source. / \ mtftpd = 0.0.3 remote root exploit / by darkeagle \ / discovered by darkeagle - xx.10.04 \ / c unl0ck research team http://unl0ck.org \ / greetz: unl0ckerZ, rosielloZ, nosystemZ, etc.. \ / darkeagle@localhost darkeagle$ ./0x666-ftpd -a 127.0.0.1 -p...

Netscape SmartDownload 1.3 - Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2615/info Netscape SmartDownload, a download manager add-on for popular web browsers, is vulnerable to a buffer overflow. The library 'sdph20.dll' used by SmartDownload contains an URL parser function that will overflow...

Macromedia ColdFusion MX 6.0 - Remote Development Service File Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8109/info A vulnerability has been reported for the RDS service that may allow an attacker to obtain unauthorized access to a data residing on a ColdFusion MX server. The vulnerability is due to the way that authenticatio...

WebScripts WebBBS 4.x/5.0 - Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5048/info WebBBS does not sufficiently filter shell metacharacters from CGI parameters. As a result, remote attackers may execute arbitrary commands on the underlying shell of the system hosting the vulnerable software...

Firebird 1.0 - Remote Pre-Authentication Database Name Buffer Overrun Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10446/info Firebird is reported prone to a remote buffer-overrun vulnerability. The issue occurs because the application fails to perform sufficient boundary checks when the database server is handling database names. A...

MS Index Server 2.0 and Indexing Service for Win 2000 ISAPI Extension Buffer Overflow (2)

No description provided by source. source: http://www.securityfocus.com/bid/2880/info Windows Index Server ships with Windows NT 4.0 Option Pack; Windows Indexing Service ships with Windows 2000. An unchecked buffer resides in the 'idq.dll' ISAPI extension associated with each service. A...

SiteScape Enterprise Forum 7 TCL Injection

No description provided by source. !/usr/bin/env python -- coding: utf-8 -- sitescapesploit.py Copyright 2010 Spencer McIntyre [email protected] This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free...

MiniWeb 0.8.19 Remote Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/34563/info MiniWeb is prone to a remote buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a...

LogWatch 2.1.1/2.5 Insecure Temporary Directory Creation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4374/info LogWatch is a freely available, open source script for monitoring log files. It may be used with the Linux and Unix Operating systems. Upon execution, LogWatch creates a directory in /tmp. This directory uses th...

Microsoft Windows NT <= 4.0 SP5,Terminal Server 4.0 "Pass the Hash" with Modified SMB Client Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/233/info A modified SMB client can mount shares on an SMB host by passing the username and corresponding LanMan hash of an account that is authorized to access the host and share. The modified SMB client removes the need...

TinyIdentD <= 2.2 - Remote Buffer Overflow Exploit

No description provided by source. tinyidentd exploit code by thomas . pollet at gmail . com bug by Maarten Boone usage: python exploit.py target import socket,sys jmp into nop sled payload = '\xeb\x20' ident crap payload += ', 28 : USERID : UNIX : ' nop sled payload +='XXXX' jmp %esi payload +=...

Linux Kernel (<= 2.4.27 , 2.6.8) binfmt_elf Executable File Read Exploit

No description provided by source. / binfmtelf executable file read vulnerability gcc -O3 -fomit-frame-pointer elfdump.c -o elfdump Copyright c 2004 iSEC Security Research. All Rights Reserved. THIS PROGRAM IS FOR EDUCATIONAL PURPOSES ONLY IT IS PROVIDED AS IS AND WITHOUT ANY WARRANTY. COPYING,...

paFileDB 3.1 - Cross Site Scripting Vulnerability

No description provided by source. ======================================================================================== | Title : paFileDB 3.1 Cross Site Scripting Vulnerability | | Author : indoushka | | email : [email protected] | | Home : Souk Naamane - 04325 - Oum El Bouaghi - Algeria...

Mandrake 7.0/7.1,RedHat Kon2 0.3.9 fld Input File Overflow

No description provided by source. source: http://www.securityfocus.com/bid/1371/info KON Kanji On Console is a package for displaying Kanji text under Linux and comes with two suid binaries which are vulnerable to buffer overflows. fld, one of the vulnerable programs, accepts options input from ...

MovieLibrary 1.4.401 - Local DoS (.dmv)

No description provided by source. Exploit Title: MovieLibrary Local Dos .dmv file Date: April 14, 2010 Software Link: http://wensoftware.com/ Version: v1.4.401 Tested on: Windows XP SP3 Author: anonymous Site: www.setfreesecurity.com At the top: Click - New - Open Open the newly created dmv file...

phpMUR Remote File Disclosure Vulnerability

No description provided by source. Exploit Title: phpMUR Remote File Disclosure Date: 10/08/2010 Author: Offensive [email protected] Red-Stone On Inject0r Community ! Software Link: http://sourceforge.net/projects/phpmur Version : n/a Tested on: Windows XP C0nditi0ns : PHP Version 4.x.x Exploit...

Pragma Systems InterAccess TelnetD Server 4.0 Terminal Configuration Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1001/info The Pragma Systems InterAccess TelnetID Server 4.0 can be crashed by sending invalid, unexpected characters in the client's terminal configuration settings. This causes telnetd.exe to GPF, and will cause the...