eSignal and eSignal Pro <= 10.6.2425.1208 Multiple Vulnerabilites

No description provided by source. Luigi Auriemma Application: eSignal and eSignal Pro http://www.esignal.com/esignal/default.aspx Versions: = 10.6.2425.1208 Platforms: Windows Bugs: A code execution B heap overflow Exploitation: file Date: 06 Sep 2011 Author: Luigi Auriemma e-mail:...

Microsoft Excel释放后重用远程代码执行漏洞

BUGTRAQ ID: 50533 Microsoft Excel是微软公司的办公软件Microsoft office的组件之一，是由Microsoft为Windows和Apple Macintosh操作系统的电脑而编写和运行的一款试算表软件。Excel 是微软办公套装软件的一个重要的组成部分，它可以进行各种数据的处理、统计分析和辅助决策操作，广泛地应用于管理、统计财经、金融等众多领域。 Microsoft Excel在处理vbscript宏的代码时存在释放后重用漏洞，远程攻击者可利用此漏洞执行任意代码。 Microsoft Excel 2003 SP3 厂商补丁： Microsoft...

RealPlayer 14.0.1.633 - Heap Overflow

RealPlayer 14.0.1.633 - Heap Overflow Luigi Auriemma Application: RealPlayer http://www.real.com Versions: = 14.0.1.633 Platforms: Windows, Macintosh OSX, Linux, Symbian, Palm Bug: heap overflow Exploitation: remote Date: 21 Mar 2011 found 17 Feb 2011 Author: Luigi Auriemma e-mail:...

ZDaemon NULL指针拒绝服务漏洞

BUGTRAQ ID: 30340 CNCAN ID：CNCAN-2008072306 ZDaemon是一款大量使用的Doom引擎的游戏。 ZDaemon服务器存在NULL指针引用问题，远程攻击者可以利用漏洞对服务程序进行拒绝服务攻击。 当使用特定类型命令type 6，发送给ZDaemon服务器解析，可导致NULL指针引用而导致应用程序崩溃。 ZDaemon ZDaemon 1.8.7 ZDaemon ZDaemon 1.8.1 目前没有解决方案提供： http://www.zdaemon.org 可参考如下测试程序： http://aluigi.org/poc/zdaemonull.z...

Server freezed in Skulltag 0.97d2-RC2

Luigi Auriemma Application: Skulltag http://www.skulltag.com Versions: = 0.97d2-RC2 Platforms: Windows, Linux and FreeBSD Bug: loop during the parsing of the packets Exploitation: remote, versus server Date: 16 Jun 2008 Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org 1...

VLC highlander bug

The old buffer-overflow in the subtitles handled by VLC has not been fully patched in version 0.8.6e, in fact buffertext2 in ParseSSA is still unchecked: if sscanf s, "Dialogue: ^,,d:d:d.d,d:d:d.d,81920^rn", buffertext2, The funny thing is that my old proof-of-concept was built just to test this...

Pre-auth buffer-overflow in mySQL through yaSSL

The following is a proof-of-concept for testing the buffer-overflow which affects yaSSL = 1.7.5 on mySQL servers, any version, included the latest 6.0.3: http://aluigi.org/poc/mysqlo.zip The vulnerability is exploitable before authentication so the only requirements for testing it are the usage o...

Netrek 2.12.0 pmessage2() Remote Limited Format String Exploit

No description provided by source. Luigi Auriemma Application: Netrek http://www.netrek.org Versions: = 2.12.0 Vanilla server Platforms: nix and Windows Bug: format string Exploitation: remote in-game Date: 02 Mar 2007 Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org 1...