271 matches found
IntelliTamper 2.07/2.08 (ProxyLogin) Local Stack Overflow Exploit
Exploit for unknown platform in category local exploits ================================================================= IntelliTamper 2.07/2.08 ProxyLogin Local Stack Overflow Exploit ================================================================= usage: exploit.py print "" print "...
BulletProof FTP Client (.bps File) Local Stack Overflow PoC
Exploit for unknown platform in category dos / poc =========================================================== BulletProof FTP Client .bps File Local Stack Overflow PoC =========================================================== !/usr/bin/perl Bug : BulletProof FTP Client .bps Local Stack Overflo...
BulletProof FTP Client (.bps File) Local Stack Overflow PoC
No description provided by source. !/usr/bin/perl Bug : BulletProof FTP Client .bps Local Stack Overflow PoC Founded by : Mountassif Moad Greetz : All Freind Str0ke HOw to use = go to file after Load BP session & Enter and boom :d overflowing :d use warnings; use strict; my $chars = "This is a...
BulletProof FTP Client - '.bps' Local Stack Overflow (PoC)
!/usr/bin/perl Bug : BulletProof FTP Client .bps Local Stack Overflow PoC Founded by : Mountassif Moad Greetz : All Freind Str0ke HOw to use = go to file after Load BP session & Enter and boom :d overflowing :d use warnings; use strict; my $chars = "This is a BulletProof FTP Client Session-File a...
Electronics Workbench (EWB File) Local Stack Overflow PoC
Exploit for unknown platform in category dos / poc ========================================================= Electronics Workbench EWB File Local Stack Overflow PoC ========================================================= !/usr/local/bin/perl OOO OOO OO OOO O O O O O O O O O O O O OO OO OOOOO...
Linux Kernel proc_do_xprt()函数本地栈溢出漏洞
BUGTRAQ ID: 31937 CVECAN ID: CVE-2008-3911 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的net/sunrpc/sysctl.c文件中的procdoxprt函数没有检查某些从用户域所获得缓冲区的长度,本地攻击者可以通过对/proc/sys/sunrpc/transports文件特制的读系统调用触发栈溢出,导致执行任意指令。 Linux kernel 2.6.26.3 Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
Kaspersky kl1.sys驱动本地栈溢出漏洞
CVECAN ID: CVE-2008-1518 Kaspersky Internet Security套件是一套完整的解决方案,用于保护计算机抵御几乎所有来自互联网的主要的威胁。 Internet Security及其他Kaspersky产品中所发布的kl1.sys内核驱动在处理IOCTL 0x800520e8时没有对向swprintf函数所传送的数据执行边界检查,在这种情况下目标缓冲区为2,000单元宽字符数据,因此如果源缓冲区超过了2000字符的话,就可以触发栈溢出,导致执行任意内核态指令。 Kaspersky Labs Kaspersky Antivirus 7.0...
Novell Client for Windows口令重置本地栈溢出漏洞
BUGTRAQ ID: 29109 CVECAN ID: CVE-2007-5762 Novell Client是允许NetWare连接到Windows的工作站软件。 Novell Client在处理用户名字段时存在栈溢出漏洞,如果用户在登录时提交了超长的用户名就可以触发这个溢出。 目前这个漏洞已经修复,将用户名字段限制为255个字符。但如果在登录时点击了“忘记口令”链接的话,就会弹出一个包含有所提供的用户名的窗口,这仍可触发栈溢出,导致蓝屏死机。 Novell Client http://support.novell.com/security-alerts...
GKrellM GKrellWeather 0.2.7 Plugin - Local Stack Buffer Overflow
// source: https://www.securityfocus.com/bid/27744/info The GKrellWeather plugin for GKrellM is prone to a local stack-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it to an insufficiently sized buffer. An attacker can exploit this...
CoolPlayer 2.17 - '.m3u' Local Stack Overflow
CoolPlayer, Latest Build: 217 Web:: http://coolplayer.sourceforge.net/ Playlist.m3u File Local Buffer Overflow Exploit Vuln: https://www.securityfocus.com/bid/21396 Greetz: Luigi Auriemma que ha descubierto una nueva vulnerabilidad en este software junto a esta vuln que era antigua y que ha sido...
IBM AIX bellmail 有邮件用户代理本地栈溢出漏洞
BUGTRAQ ID: 26257 CVECAN ID: CVE-2007-4623 IBM AIX是一款商业性质的UNIX操作系统。 AIX的bellmail工具实现上存在缓冲区溢出漏洞,本地攻击者可能利用此漏洞提升权限。 AIX中所安装的bellmail程序中的sendrmt函数存在栈溢出漏洞,当用户试图使用“m”命令发送邮件时会调用该函数。在这个函数中,调用了一些sprintf以将用户提供的输入连接到静态字符串,但没有执行边界检查来确保所生成的字符串会适合栈上所分配的目标缓冲区,因此攻击者可以提供超长参数控制栈上数据和受影响进程,导致以root权限执行任意指令。 IBM AIX 5...
Apple Mac OS X AppleTalk套接字IOCTL内核本地栈溢出漏洞
CVECAN ID: CVE-2007-4267 Apple Mac OS X是苹果家族机器所使用的操作系统。 AppleTalk是Apple开发的一组网络协议。Mac OS X中负责向接口的路由表添加AppleTalk区的函数中存在栈溢出漏洞,本地攻击者可能利用此漏洞提升权限。 如果向AppleTalk套接字提交了恶意的ioctl请求的话,内核会使用用户提供的长度做为目标缓冲器的字节数,这可能会在内核中触发栈溢出,导致系统关闭或执行任意代码。 Apple Mac OS X 10.4 - 10.4.10 Apple MacOS X Server 10.4 - 10.4.10 临时解决方法...
Sony CONNECT Player 4.x (m3u File) Local Stack Overflow Exploit
No description provided by source. !/usr/bin/python Secunia Advisory : SA27270 Release Date : 2007-10-29 Sony CONNECT Player M3U Playlist Processing Stack Buffer Overflow m3u File Local Exploit Bug discovered by Parvez Anwar Exploit Written by TaMBaRuS [email protected] Tested on: Sony CONNECT...
Sony CONNECT Player 4.x - .m3u Local Stack Overflow
Sony CONNECT Player 4.x - .m3u Local Stack Overflow !/usr/bin/python Secunia Advisory : SA27270 Release Date : 2007-10-29 Sony CONNECT Player M3U Playlist Processing Stack Buffer Overflow m3u File Local Exploit Bug discovered by Parvez Anwar Exploit Written by TaMBaRuS [email protected] Tested o...
Remotesoft .NET Explorer 2.0.1 Local Stack Overflow PoC
No description provided by source. /usr/bin/ python print "--------------------------------------------------------------" print "Remotesoft .NET Explorer 2.0.1 Stack Overflow" print "url: http://www.remotesoft.com/" print "author: shinnai" print "mail: shinnaiatautisticidotorg" print "site:...
Remotesoft .NET Explorer 2.0.1 - Local Stack Overflow (PoC)
Remotesoft .NET Explorer 2.0.1 - Local Stack Overflow PoC /usr/bin/ python print "--------------------------------------------------------------" print "Remotesoft .NET Explorer 2.0.1 Stack Overflow" print "url: http://www.remotesoft.com/" print "author: shinnai" print "mail:...
Remotesoft .NET Explorer 2.0.1 - Local Stack Overflow (PoC)
/usr/bin/ python print "--------------------------------------------------------------" print "Remotesoft .NET Explorer 2.0.1 Stack Overflow" print "url: http://www.remotesoft.com/" print "author: shinnai" print "mail: shinnaiatautisticidotorg" print "site: http://shinnai.altervista.org" print...
Dev-C++ 4.9.9.2 CPP File Parsing Local Stack Overflow PoC
No description provided by source. !/usr/bin/env python print "--------------------------------------------------------------" print "Dev-C++ 4.9.9.2 Stack Overflow" print "url: http://www.bloodshed.net/" print "author: shinnai" print "mail: shinnaiatautisticidotorg" print "site:...
Dev-C++ 4.9.9.2 CPP File Parsing Local Stack Overflow PoC
Exploit for unknown platform in category dos / poc ========================================================= Dev-C++ 4.9.9.2 CPP File Parsing Local Stack Overflow PoC ========================================================= !/usr/bin/env python print...
Tru64 5 (su) Env Local Stack Overflow Exploit
No description provided by source. / Copyright c 2000 ADM / / All Rights Reserved / / THIS IS UNPUBLISHED PROPRIETARY SOURCE CODE OF ADM / / The copyright notice above does not evidence any / / actual or intended publication of such source code. / / / / Title: Tru64 5 su / / Tested under: Tru64 5...