[Security] XM Easy Personal FTP Server Multiple DoS vulnerabilities

XM Easy Personal FTP Server Multiple DoS vulnerabilities Credits: NeerajT of Nevis Labs http://www.nevisnetworks.com/services.php?id=10 Date of Discovery: 14-May-2009 Vendor: Dxmsoft URL: http://www.dxm2008.com/ Affected: XM Easy Personal FTP Server 5.7.0 Earlier versions may also be affected...

IceWarp Merak Mail Server 9.4.1 - Forgot Password Input Validation

IceWarp Merak Mail Server 9.4.1 - Forgot Password Input Validation source: https://www.securityfocus.com/bid/34827/info IceWarp Merak Mail Server is prone to an input-validation vulnerability because it uses client-supplied data when performing a 'Forgot Password' function. Attackers can exploit...

Addonics NAS Adapter FTP Denial Of Service

!/usr/bin/python Addonics NAS Adapter FTP server DoS Tested against NASU2FW41 Loader 1.17 Coded by Mike Cyr, aka h00die mcyr2 at csc dotcom Notes: Since the HTTP server was so vulnerable, is this really a suprise? Greetz to muts and loganWHD, I tried harder...

JetAudio Basic 7.0.3 Buffer Overflow

!/usr/bin/python By ALpHaNiX NullArea.Net proofs of concept EAX FFFFFFFF ECX 41414141 EDX 00000001 EBX 7FFD3000 ESP 04ECFD8C EBP 04ECFDBC ESI 041F8648 EDI 41414141 EIP 7711737D kernel32.7711737D ESI & EDI Overritten print "+ JetAudio Basic 7.0.3 BufferOverFlow PoC" lol="alpix.m3u" file=openlol,'w...

EPOLL SYSTEM 3.1 - Password.dat Disclosure

EPOLL SYSTEM 3.1 - Password.dat Disclosure !/usr/bin/python Portal Name: EPOLL SYSTEM Version : All version 'Google Dork : Powered by Egorix Exploit Coded by: PouyaServer Exploit Discovered by: PouyaServer Contact Me : [email protected] Epoll system login page = www.site.com/Path/admin.php...

runcms161-sql.txt

!/usr/bin/python """ ================================================================================================= / | |\ \ / | / |/ | | |/ \ | | | |||| /| / / ================================================================================================= This is a public Exploit...

WFTPD Explorer Pro 1.0 - Remote Heap Overflow (PoC)

WftpdExpProHeapPoC.py Discovered by r4x Kamil Szczerba [email protected] Soft : WFTPD Explorer Pro 1.0 Vendor : Texas Imperial Software Vuln : Heap Overwlow Res: LIST Exploit : PoC Reg Overwrite Reg: EAX = 41414141 ECX = 41414141 EDX = 00a57b38 ASCII "AAAA..." ESI = 00a57b30 ASCII "AAAA..."...

JetCast Server 2.0.0.4308 Remote Denial of Service Exploit

Exploit for unknown platform in category dos / poc ========================================================== JetCast Server 2.0.0.4308 Remote Denial of Service Exploit ========================================================== !/usr/bin/python """ / | \ \ / / | / | '/ \ \ V /| || | | | / / \/||...

Remotesoft .NET Explorer 2.0.1 - Local Stack Overflow (PoC)

Remotesoft .NET Explorer 2.0.1 - Local Stack Overflow PoC /usr/bin/ python print "--------------------------------------------------------------" print "Remotesoft .NET Explorer 2.0.1 Stack Overflow" print "url: http://www.remotesoft.com/" print "author: shinnai" print "mail:...

Bloodshed Dev-C++ CPP源文件缓冲区溢出漏洞

Bloodshed Dev-C++是一款C++ 开发工具。 Bloodshed Dev-C++处理CPP文件存在缓冲区溢出，远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 构建恶意CPP文件，诱使用户打开可触发此漏洞。 Bloodshed Software Dev-C++ 4.9.9 .2 目前没有解决方案提供,请关注以下链接： http://www.bloodshed.net/dev/devcpp.html !/usr/bin/env python print...

[Full-disclosure] WarFTPd 1.82.00-RC11 Remote Denial Of Service

WarFTPd 1.82.00-RC11 Remote Denial Of Service --------------------------------------------- WarFTPd is vulnerable to a DOS condition when passing to various commands a long string with two times the "s" characters inside. It looks as non exploitable as the problem crashes with the same output at...

Multi-Threaded TFTP 1.1 - GET Denial of Service

!/usr/bin/python Multithreaded TFTP 1.1 Server d0s exploit by n00b the following is affected causing a denial of service Due to an overly long GET request to the ftp server Tested on winx xp sp1,sp2 eng. Vendor dont know but s00n will :p n00b is credited for finding this dos exploit. Vendor web...

0verkill 0.16 (ASCII-ART Game) Remote Integer Overflow Crash Exploit

No description provided by source. !/usr/bin/env python ----------------------------------------------------- Exploit id: FSE:016 Author: Federico Fazzi Contact: [email protected] Date: 09/06/2006, 13:58 Sinthesis: 0verkill 0.16, Remote integer overflow Product:...

0verkill 0.16 - ASCII-ART Game Remote Integer Overflow Crash (PoC)

!/usr/bin/env python ----------------------------------------------------- Exploit id: FSE:016 Author: Federico Fazzi Contact: [email protected] Date: 09/06/2006, 13:58 Sinthesis: 0verkill 0.16, Remote integer overflow Product: http://artax.karlin.mff.cuni.cz/brain/0verkill/...

WinEggDropShell 1.7 Multiple PreAuth Remote Stack Overflow PoC

No description provided by source. WinEggDropShell Multipe PreAuth Remote Stack Overflow PoC HTTP Server "GET" && FTP Server "USER" "PASS" command Bug Discoverd and coded by Sowhat Greetingz to killer,baozi,Darkeagle,all 0x557 and XFocus guys....; http://secway.org 2005-10-11 Affected:...

codethatFlaws.txt

CodeThat ShoppingCart Critical information disclosure XSS and SQL injection vendor Url: http://www.codethat.com/shoppingcart/ advisore:http://lostmon.blogspot.com/2005/05/ codethat-shoppingcart-critical.html vendor notifY: yes exploit available: yes Discovered By Lostmon And icaro exploit code by...