117 matches found
Oracle Secure Backup Administration Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on vulnerable installations of Oracle Secure Backup. The specific flaw exists within the register globals emulation layer which allows attackers to specify values for arbitrary program variables. When specific parameters are...
ProSSHD 1.2 remote post-auth exploit (w/ASLR and DEP bypass)
No description provided by source. Exploit Title: ProSSHD 1.2 remote post-auth exploit w/ASLR and DEP bypass Date: 03.05.2010 Author: Alexey Sintsov Software Link: http://www.exploit-db.com/application/11618 Version: 1.2 Tested on: Windows XP SP3 / Windows 7 CVE : Code : Original exploit by S2 Cr...
Addonics NAS Adapter 'bts.cgi'远程缓冲区溢出漏洞
BUGTRAQ ID: 34607 CNCAN ID:CNCAN-2009042101 ddonics NAS Adapter是一款增加任意USB存储设备到LAN的解决方案。 Addonics NAS Adapter cgi存在缓冲区溢出,远程攻击者可以利用漏洞使应用程序崩溃。 提交特殊的GET请求,可触发此漏洞,可能以应用程序权限执行任意指令。 Adapter NASU2FW41 目前没有解决方案提供: http://www.addonics.com/products/nas/nasu2.asp !/bin/bash Addonics NAS Adapter bts.cgi...
Addonics NAS Adapter - bts.cgi (Authenticated) Remote Denial of Service
Addonics NAS Adapter - bts.cgi Authenticated Remote Denial of Service !/bin/bash Addonics NAS Adapter bts.cgi Post-Auth DoS Tested against NASU2FW41 Loader 1.17 Coded by Mike Cyr, aka h00die mcyr2 at csc dotcom Notes: Any of these BoF crashes the entire stack from the web GUI so throw a GET, and...
Addonics NAS Adapter Denial Of Service
!/bin/bash Addonics NAS Adapter bts.cgi Post-Auth DoS Tested against NASU2FW41 Loader 1.17 Coded by Mike Cyr, aka h00die mcyr2 at csc dotcom Notes: Any of these BoF crashes the entire stack from the web GUI so throw a GET, and bye bye baby! Greetz to muts and loganWHD, I tried harder...
Addonics NAS Adapter (bts.cgi) Remote DoS Exploit (post-auth)
Exploit for hardware platform in category dos / poc ============================================================= Addonics NAS Adapter bts.cgi Remote DoS Exploit post-auth ============================================================= !/bin/bash Addonics NAS Adapter bts.cgi Post-Auth DoS Tested...
WinFTP 2.3.0 (LIST) Remote Buffer Overflow Exploit (post-auth)
No description provided by source. !/usr/bin/perl WinFTP 2.3.0 post-auth remote exploit. www.wftpserver.com root@halcyon:/Exploits/WinFTP perl winftp-remote.pl Usage: winftp-remote.pl host username password target Target: 1 - Win2k Target: 2 - WinXP sp2/3 DoS only root@halcyon:/Exploits/WinFTP pe...
WinFTP 2.3.0 (LIST) Remote Buffer Overflow Exploit (post-auth)
Exploit for unknown platform in category remote exploits ============================================================== WinFTP 2.3.0 LIST Remote Buffer Overflow Exploit post-auth ============================================================== !/usr/bin/perl WinFTP 2.3.0 post-auth remote exploit...
WinFTP Server 2.3.0 - 'LIST' (Authenticated) Remote Buffer Overflow
!/usr/bin/perl WinFTP 2.3.0 post-auth remote exploit. www.wftpserver.com root@halcyon:/Exploits/WinFTP perl winftp-remote.pl Usage: winftp-remote.pl Target: 1 - Win2k Target: 2 - WinXP sp2/3 DoS only root@halcyon:/Exploits/WinFTP perl winftp-remote.pl 10.0.0.5 user1 pass1 1 = Connected. = Sending...
Youngzsoft CMailServer 5.4.6 - CMailCOM.dll Remote Overwrite (SEH)
Youngzsoft CMailServer 5.4.6 - CMailCOM.dll Remote Overwrite SEH 0 strUID = arrStringi objPOP3.MoveToFolder strUID ' ---------------- bof ... By attaching olly to the w3wp.exe sub-process you will see the usual dump with ecx and eip owned, with a buffer of approxymately 13000 chars...
CMailServer 5.4.6 (CMailCOM.dll) Remote SEH Overwrite Exploit
Exploit for unknown platform in category remote exploits ============================================================= CMailServer 5.4.6 CMailCOM.dll Remote SEH Overwrite Exploit ============================================================= 0 strUID = arrStringi...
Surgemail 39e-1 Post Auth IMAP Remote Buffer Overflow DoS
No description provided by source. !/usr/bin/python Surgemail version 39e-1 - 0day Post Auth IMAP Buffer overflow DoS. Discovered by: Travis Warren The IMAP service contains a buffer overflow in the APPEND command. import socket s = socket.socketsocket.AFINET, socket.SOCKSTREAM buffer = '\x41' 30...
Surgemail 39e-1 Post Auth IMAP Remote Buffer Overflow DoS
Exploit for unknown platform in category dos / poc ========================================================= Surgemail 39e-1 Post Auth IMAP Remote Buffer Overflow DoS ========================================================= !/usr/bin/python Surgemail version 39e-1 - 0day Post Auth IMAP Buffer...
MailEnable Pro/Ent <= 3.13 (Fetch) post-auth Remote BOF Exploit
No description provided by source. !/usr/bin/perl ================================================================= MailEnable Professional = 3.13 "FETCH" post-auth buffer overflow ================================================================= Bind Shell POC Exploit for Win2K SP4 pro English...
NetWin Surgemail 3.8k4-4 IMAP post-auth Remote LIST Universal Exploit
No description provided by source. !/usr/bin/python NetWin Surgemail 0DAY IMAP POST AUTH Remote LIST Universal Exploit Discovered and coded by Matteo Memelli aka ryujin http://www.gray-world.net http://www.be4mind.com Affected Versions : Version 3.8k4-4 Windows Platform Tested on OS : Windows 200...
Mercury/32 4.52 IMAPD - 'SEARCH' (Authenticated) Overflow
Z:\ExpmercurySEARCH.pl 127.0.0.1 143 void ph4nt0m.org Mercury/32 v4.52 IMAPD SEARCH command Post-Auth Stack Overflow Exploit Found & Code by void ph4nt0m.org S: OK mercury.ph4nt0m.org IMAP4rev1 Mercury/32 v4.52 server ready. C: pst06 LOGIN void ph4nt0m.org S: pst06 OK LOGIN completed. C: pst06...
frontbase427v2-remote.txt
/ Dreatica-FXP crew ---------------------------------------- Target : Frontbase = 4.2.7 for Windows Site : http://www.frontbase.com Found by : Netragard, L.L.C Advisory ---------------------------------------- Exploit : Frontbase = 4.2.7 POST-AUTH remote buffer overflow Exploit date : 02.04.2007...