Remote Cisco IOS FTP exploit

Hi, The IOS FTP server vulnerabilities were published in an advisory by Cisco in May 2007. The FTP server does not run by default, it is not widely used and has since been removed from new versions of IOS. Therefore, I took the decision to release this exploit code in order to show that IOS can b...

xorg -- multiple vulnerabilities

Matthieu Herrb of X.Org reports: Several vulnerabilities have been found in the server-side code of some extensions in the X Window System. Improper validation of client-provided data can cause data corruption. Exploiting these overflows will crash the X server or, under certain circumstances all...

OpenSSL 0.9.8c-1 < 0.9.8g-9 (Debian and Derivatives) - Predictable PRNG Brute Force SSH

the debian openssl issue leads that there are only 65.536 possible ssh keys generated, cause the only entropy is the pid of the process generating the key. This leads to that the following perl script can be used with the precalculated ssh keys to brute force the ssh login. It works if such a key...

Debian generated SSH-Keys working exploit

Hi Securityfocus, the debian openssl issue leads that there are only 65.536 possible ssh keys generated, cause the only entropy is the pid of the process generating the key. This leads to that the following perl script can be used with the precalculated ssh keys to brute force the ssh login. It...

antserver_exploit.py.txt

!/usr/bin/python BigAnt Server Ver 2.2 PreAuth Remote SEH Overflow 0day Matteo Memelli aka ryujin www.be4mind.com - www.gray-world.net 04/13/2008 Tested on Windows 2000 Sp4 English Vulnerable process is AntServer.exe Offset for SEH overwrite is 954 Bytes...

Prozilla Freelancers (project) Remote SQL Injection Vulnerability

No description provided by source. --==+================================================================================+==-- --==+ Prozilla Freelancers SQL Injection Vulnerabilitys +==-- --==+================================================================================+==-- Discovered By:...

Prozilla Freelancers (project) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ================================================================= Prozilla Freelancers project Remote SQL Injection Vulnerability =================================================================...

Podcast Generator <= 1.0 BETA 2 RFI / File Disclosure Vulnerabilities

Exploit for unknown platform in category web applications ===================================================================== Podcast Generator = 1.0 BETA 2 RFI / File Disclosure Vulnerabilities ===================================================================== Podcast Generator = 1.0 BETA 2...

FreeBSD : xorg -- multiple vulnerabilities (fe2b6597-c9a4-11dc-8da8-0008a18a9961)

Matthieu Herrb of X.Org reports : Several vulnerabilities have been identified in server code of the X window system caused by lack of proper input validation on user controlled data in various parts of the software, causing various kinds of overflows. Exploiting these overflows will crash the X...

JoomlaFlash Component Multiple Remote File Inclusion

Autore: Smasher Sito: http://warwolfz.altervista.org Tipo: Remote File Inclusion Rischio: Alto A remote attacker can gain access to your website throug a Remote shell inclusion. PoC available:...

Debian Security Advisory DSA 537-1 (ruby)

The remote host is missing an update to ruby announced via advisory DSA 537-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Hot or Not Clone by Jnshosts.com Database Backup Dump Vulnerability

No description provided by source. Name : Hot or Not Clone by Jnshosts.com Dump backup And See Password Admin Download From : http://www.jnshosts.com/downloads/hot-or-not-clone-script/index.php Found By : RoMaNcYxHaCkEr Home Page : Not Yet : Google Dork : Copyright @ 2007 Powered By Hot or Not...

Nullsoft Winamp MP4 tags Stack Overflow

!/bin/perl Nullsoft Winamp MP4 tags Stack Overflow 0-day discovered and exploited by SYS 49152 Tested on win XP SP2 ENG Tuned for Nullsoft Winamp 5.32 d.i. Shell on port 49152 usage: well, not much fun for you kids here .. to get the shell you have to use ALT+3 and press UPDATE. Instead this one ...

Media Player Classic 6.4.9 - &#039;.MP4&#039; File Stack Overflow

!/bin/perl Media Player Classic 6.4.9 MP4 Stack Overflow 0-day discovered and exploited by SYS 49152 Tested on win XP SP2 ENG Shell on port 49152 usage: - download this codec in order to manage MP4 content: http://www.3ivx.com/coral/3ivxd4451win.exe - open the MP4 file with mplayerc.exe SYS 49152...

A CGI vulnerability discovery and exploit-vulnerability warning-the black bar safety net

Disclaimer:writing this post the purpose is not encouraged to vandalize,just to illustrate one Issue,there who used to post the information provided did what bad thing,that is entirely his own Own thing,and own nothing! A few days ago at home a 1 6 9 node read news,this site is the top of a Row...

iDefense Security Advisory 07.11.07: SquirrelMail G/PGP Plugin gpg_recv_key&#40;&#41; Command Injection Vulnerability

SquirrelMail G/PGP Plugin gpgrecvkey Command Injection Vulnerability iDefense Security Advisory 07.11.07 http://labs.idefense.com/intelligence/vulnerabilities/ Jul 11, 2007 I. BACKGROUND The SquirrelMail G/PGP Encrpytion Plugin is a general purpose encryption, decryption, and digital signature...

iDefense Security Advisory 07.11.07: SquirrelMail G/PGP Plugin deleteKey&#40;&#41; Command Injection Vulnerability

SquirrelMail G/PGP Plugin deleteKey Command Injection Vulnerability iDefense Security Advisory 07.11.07 http://labs.idefense.com/intelligence/vulnerabilities/ Jul 11, 2007 I. BACKGROUND The SquirrelMail G/PGP Encrpytion Plugin is a general purpose encryption, decryption, and digital signature...

Use the saber to create your own simple Backdoor-vulnerability warning-the black bar safety net

We all know nc is a powerful and flexible hacking tools, he can do many things, such as a telnet client port, such as the invasion of time to bounce back the shell, such as scanning...... But have you ever wondered will he build into a service-level Backdoor? Now much better with me as the rookie...

CVE-2007-3280

The Database Link library dblink in PostgreSQL 8.1 implements functions via CREATE statements that map to arbitrary libraries based on the C programming language, which allows remote authenticated superusers to map and execute a function from any library, as demonstrated by using the system...

Design/Logic Flaw

The Database Link library dblink in PostgreSQL 8.1 implements functions via CREATE statements that map to arbitrary libraries based on the C programming language, which allows remote authenticated superusers to map and execute a function from any library, as demonstrated by using the system...