KarjaSoft Sami FTP Server 2.0.1 - Remote Stack Buffer Overflow

!/usr/bin/perl Sami FTP Server v2.0.1 Remote notepad.exe execution PoC by Critical Security research http://www.critical.lt Tested on Windows XP SP2, Windows XP SP0 and even on FreeBSD 6.0-RELEASE Wine 0.9.6 : use Net::FTP; - jo, að tinginys : use Switch; if @ARGV 3 print...

MS04-031 Microsoft NetDDE Service Overflow

This module exploits a stack buffer overflow in the NetDDE service, which is the precursor to the DCOM interface. This exploit effects only operating systems released prior to Windows XP SP1 2000 SP4, XP SP0. Despite Microsoft's claim that this vulnerability can be exploited without authenticatio...

Veritas Backup Exec Windows Remote Agent Overflow

This module exploits a stack buffer overflow in the Veritas BackupExec Windows Agent software. This vulnerability occurs when a client authentication request is received with type '3' and a long password argument. Reliable execution is obtained by abusing the stack buffer overflow to smash a SEH...

freeFTPd 1.0 Username Overflow

This module exploits a stack buffer overflow in the freeFTPd multi-protocol file transfer service. This flaw can only be exploited when logging has been enabled non-default. This module requires Metasploit: https://metasploit.com/download Current source:...

SlimFTPd LIST Concatenation Overflow

This module exploits a stack buffer overflow in the SlimFTPd server. The flaw is triggered when a LIST command is received with an overly-long argument. This vulnerability affects all versions of SlimFTPd prior to 3.16 and was discovered by Raphael Rigo. This module requires Metasploit:...

SentinelLM UDP Buffer Overflow

This module exploits a simple stack buffer overflow in the Sentinel License Manager. The SentinelLM service is installed with a wide selection of products and seems particular popular with academic products. If the wrong target value is selected, the service will crash and not restart. This modul...

eDirectory 8.7.3 iMonitor Remote Stack Buffer Overflow

This module exploits a stack buffer overflow in eDirectory 8.7.3 iMonitor service. This vulnerability was discovered by Peter Winter-Smith of NGSSoftware. NOTE: repeated exploitation attempts may cause eDirectory to crash. It does not restart automatically in a default installation. This module...

Microsoft IIS ISAPI RSA WebAgent Redirect Overflow

This module exploits a stack buffer overflow in the SecurID Web Agent for IIS. This ISAPI filter runs in-process with inetinfo.exe, any attempt to exploit this flaw will result in the termination and potential restart of the IIS service. This module requires Metasploit:...

AppleFileServer LoginExt PathName Overflow

This module exploits a stack buffer overflow in the AppleFileServer service on MacOS X. This vulnerability was originally reported by Atstake and was actually one of the few useful advisories ever published by that company. You only have one chance to exploit this bug. This particular exploit use...

Mercury/32 v4.01a IMAP RENAME Buffer Overflow

This module exploits a stack buffer overflow vulnerability in the Mercury/32 v.4.01a IMAP service. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Mercury/32 v4.01a IMAP RENAME Buffer Overflow'...

WebSTAR FTP Server USER Overflow

This module exploits a stack buffer overflow in the logging routine of the WebSTAR FTP server. Reliable code execution is obtained by a series of hops through the System library. This module requires Metasploit: https://metasploit.com/download Current source:...

CURL-CVE-2005-3185 NTLM Buffer Overflow

libcurl's NTLM function can overflow a stack-based buffer if given a too long username or domain name. This would happen if you enable NTLM authentication and either: A - pass in a username and domain name to libcurl that together are longer than 192 bytes B - allow libcurl to follow HTTP...

[EEYEB20050803] - Windows UMPNPMGR wsprintfW Stack Buffer Overflow Vulnerability

Windows UMPNPMGR wsprintfW Stack Buffer Overflow Vulnerability Release Date: October 11, 2005 Date Reported: August 3, 2005 Severity: High Remote Code Execution with Authentication Medium Privilege Escalation to SYSTEM Vendor: Microsoft Systems Affected: Windows NT 4.0 Windows 2000 Windows XP eEy...

FreeBSD : mozilla -- vCard stack buffer overflow (da690355-1159-11d9-bc4a-000c41e2cdad)

Georgi Guninski discovered a stack-based buffer overflow which may be triggered when viewing email messages with vCard attachments. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyrigh...

PT-2005-3139 · Tonec · Internet Download Manager

Name of the Vulnerable Software and Affected Versions: Internet Download Manager version 4.05 Description: A stack-based buffer overflow issue allows remote attackers to execute arbitrary code via a long URL. Recommendations: For Internet Download Manager version 4.05, at the moment, there is no...

CVE-2005-2081

Stack-based buffer overflow in the function that parses commands in Asterisk 1.0.7, when the 'write = command' option is enabled, allows remote attackers to execute arbitrary code via a command that has two double quotes followed by a tab character...

CVE-2004-1752

Stack-based buffer overflow in Gaucho 1.4 Build 145 allows remote attackers to execute arbitrary code via a POP3 email with a long Content-Type header...

Authentication Buffer Overflows

Due to bad usage of the base64 decode function to a stack-based buffer without checking the data length, it was possible for a malicious HTTP server to overflow the client during NTLM negotiation and for an FTP server to overflow the client during krb4 negotiation. The announcement of this flaw w...

RTF2LATEX2E 1.0 - Remote Stack Buffer Overflow

RTF2LATEX2E 1.0 - Remote Stack Buffer Overflow source: https://www.securityfocus.com/bid/11994/info It is reported that rtf2latex2e is susceptible to a stack buffer overflow vulnerability. This issue is due to a failure of the application to properly bounds check user-supplied image data prior to...

RTF2LATEX2E 1.0 - Remote Stack Buffer Overflow

source: https://www.securityfocus.com/bid/11994/info It is reported that rtf2latex2e is susceptible to a stack buffer overflow vulnerability. This issue is due to a failure of the application to properly bounds check user-supplied image data prior to copying it into a fixed-size memory buffer. Th...