SafeNet SoftRemote IKE Service Buffer Overflow

This module exploits a stack buffer overflow in Safenet SoftRemote IKE IreIKE.exe service. When sending a specially crafted udp packet to port 62514 an attacker may be able to execute arbitrary code. This module has been tested with Juniper NetScreen-Remote 10.8.0 Build 20 using...

MailEnable 1.52 - HTTP Mail Service Stack Buffer Overflow (PoC)

MailEnable 1.52 - HTTP Mail Service Stack Buffer Overflow PoC / MailEnable 1.52 HTTP Mail Service Stack Overflow POC Exploitencoded comand Debugging Info szAppName : MEHTTPS.EXE szAppVer : 1.0.0.1 szModName : MEHTTPS.EXE szModVer : 1.0.0.1 offset : 00010c21 Files that caused error :...

Microsoft Internet Information Server (IIS) FTP server NLST stack buffer overflow

Overview The Microsoft IIS FTP server contains a stack buffer overflow in the handling of directory names, which may allow a remote attacker to execute arbitrary code on a vulnerable system. Description IIS is a web server that comes with Microsoft Windows. IIS also includes FTP server...

Embedthis Appweb 3.0b.2-4 - Remote Buffer Overflow (PoC)

/ Embedthis Appweb Remote Stack Buffer Overflow Poc Embedthis Appweb Debugging Info ------------------------------- ASM INSTRUCTIONS ---------------- 100076CD 8B0A MOV ECX,DWORD PTR DS:EDX 100076CF 8B50 10 MOV EDX,DWORD PTR DS:EAX+10 100076D2 51 PUSH ECX 100076D3 52 PUSH EDX 100076D4 68 14040110...

linux/x86 - /bin/sh polymorphic shellcode 48 bytes

linux/x86 /bin/sh polymorphic shellcode 48 bytes. Shellcode exploit for linx86 platform / Title: Polymorphic Shellcode /bin/sh - 48 bytes Author: Jonathan Salwan Mail: submit ! shell-storm.org ! DataBase of shellcode : http://www.shell-storm.org/shellcode/ Original Informations...

Serveez 0.1.7 - If-Modified-Since Header Stack Buffer Overflow

Serveez 0.1.7 - If-Modified-Since Header Stack Buffer Overflow source: https://www.securityfocus.com/bid/42560/info Serveez is prone to a remote stack-based buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application...

Mediacoder 0.6.2.4275 - '.lst' Local Stack Buffer Overflow

!/usr/bin/perl MediaCoder 0.6.2.4275 .lst Stack Based Overflow Discovered by : SKULL-HACKER my $header = "\x5B\x70\x6C\x61\x79\x6C\x69\x73\x74\x5D\x0A\x46\x69\x6C\x65\x31\x3D"; my $junk = "\x41" x 254; my $ret = "\x93\x43\x92\x7c"; my $nop = "\x90" x 25; win32exec - EXITFUNC=seh CMD=calc.exe...

MediaCoder 0.6.2.4275 (.lst File) Stack Buffer Overflow Exploit

Exploit for unknown platform in category local exploits =============================================================== MediaCoder 0.6.2.4275 .lst File Stack Buffer Overflow Exploit =============================================================== !/usr/bin/perl MediaCoder 0.6.2.4275 .lst Stack Bas...

Mediacoder 0.6.2.4275 - .lst Local Stack Buffer Overflow

Mediacoder 0.6.2.4275 - .lst Local Stack Buffer Overflow !/usr/bin/perl MediaCoder 0.6.2.4275 .lst Stack Based Overflow Discovered by : SKULL-HACKER my $header = "\x5B\x70\x6C\x61\x79\x6C\x69\x73\x74\x5D\x0A\x46\x69\x6C\x65\x31\x3D"; my $junk = "\x41" x 254; my $ret = "\x93\x43\x92\x7c"; my $nop ...

Linux Kernel SGI GRU驱动单字节漏洞

Bugraq ID: 35753 CNCAN ID：CNCAN-2009072204 Linux是一款开放源代码的操作系统。 Linux sgi-gru procfs接口实现存在内核栈缓冲区溢出，本地攻击者可以利用漏洞对系统进行拒绝服务攻击，可能导致以内核上下文执行任意指令。 optionswrite函数的"count"参数是用户可控制的，利用这个漏洞可以写'\0'字节到内核堆栈上大多数任意位置，可能导致任意代码执行。 Linux kernel 2.6.30 Linux kernel 2.6.29 4 Linux kernel 2.6.29 1 Linux kernel 2.6.29...

openSUSE Security Update : mozilla-xulrunner181 (mozilla-xulrunner181-237)

This update brings mozilla-xulrunner181 to security fix version 1.8.1.17. It contains the following security fixes: MFSA 2008-45 / CVE-2008-4069: XBM image uninitialized memory reading MFSA 2008-44 / CVE-2008-4067 / CVE-2008-4068: resource: traversal vulnerabilities MFSA 2008-43: BOM characters...

Oracle 8i TNS Listener SERVICE_NAME Buffer Overflow

This module exploits a stack buffer overflow in Oracle. When sending a specially crafted packet containing a long SERVICENAME to the TNS service, an attacker may be able to execute arbitrary code. This module requires Metasploit: https://metasploit.com/download Current source:...

ISC DHCP dhclient stack buffer overflow

Overview The ISC DHCP dhclient application contains a stack buffer overflow, which may allow a remote, unauthenticated attacker to execute arbitrary code with root privileges. Description As described in RFC 2131, "The Dynamic Host Configuration Protocol DHCP provides a framework for passing...

Microsoft Internet Explorer 'AddFavorite'方法拒绝服务漏洞

Bugraq ID: 35620 Microsoft Internet Explorer是一款流行的WEB浏览器。 Microsoft Internet Explorer添加收藏夹功能存在问题，远程攻击者可以利用漏洞使应用程序崩溃。 构建使用特殊构建的'AddFavorite'方法的恶意WEB页，诱使用户打开，可导致应用程序崩溃。 Microsoft Internet Explorer 8 Microsoft Internet Explorer 7.0 目前没有解决方案提供： http://www.microsoft.com/windows/ie/...

Microsoft Internet Explorer (AddFavorite) Remote Crash PoC

No description provided by source. ------------------------------------------- IE Add Favourites Stack Buffer Overflow POC Sberry, Compaq ------------------------------------------- html head script language="JavaScript" type="Text/Javascript" function go var str =unescape'%u4141'; var finalstr =...

Microsoft Internet Explorer - AddFavorite Remote Crash (PoC)

Microsoft Internet Explorer - AddFavorite Remote Crash PoC ------------------------------------------- IE Add Favourites Stack Buffer Overflow POC Sberry, Compaq ------------------------------------------- function go var str =unescape'%u4141'; var finalstr = createInlineBufferstr, 5150000; var l...

MS Internet Explorer (AddFavorite) Remote Crash PoC

Exploit for unknown platform in category dos / poc ========================================================== Microsoft Internet Explorer AddFavorite Remote Crash PoC ========================================================== ------------------------------------------- IE Add Favourites Stack...

Microsoft DirectShow Video Streaming ActiveX IMPEG2TuneRequest Overflow

Added: 07/07/2009 CVE: CVE-2008-0015 BID: 35558 OSVDB: 55651 Background DirectX is a feature of the Windows operating system used for streaming media. Within DirectX, the DirectShow technology performs client-side audio and video sourcing, manipulation and rendering. Problem A stack buffer overfl...

Microsoft DirectShow Video ActiveX Control Stack Buffer Overflow (CVE-2008-0015)

The Microsoft Video Control object is a Microsoft ActiveX control that connects Microsoft DirectShow filters for use in capturing, recording, and playing video. A stack buffer overflow vulnerability has been discovered in Microsoft DirectShow. The flaw is in the way Microsoft Video ActiveX contro...

Microsoft DirectShow Video Streaming ActiveX IMPEG2TuneRequest Overflow

Added: 07/07/2009 CVE: CVE-2008-0015 BID: 35558 OSVDB: 55651 Background DirectX is a feature of the Windows operating system used for streaming media. Within DirectX, the DirectShow technology performs client-side audio and video sourcing, manipulation and rendering. Problem A stack buffer overfl...