UNIX 7th Edition /bin/mkdir - Local Buffer Overflow

/ Exploit for /bin/mkdir Unix V7 PDP-11. mkdir has a buffer overflow when checking if the directory in /arg/with/slashes/fname exists. This will run /bin/sh with euid 0, but not uid 0. Since the shell doesn't do anything special about this, we don't really care. If you care, run setuid0;...

CVE-2004-0409

Stack-based buffer overflow in the Socks-5 proxy code for XChat 1.8.0 to 2.0.8, with socks5 traversal enabled, allows remote attackers to execute arbitrary code...

[Full-Disclosure] Mdaemon 7.0.1 IMAP overflow.

Let it be known that this bug is after authentication "postauth" and therefore useless. In the current version of Mdaemon from ALTN there exists an easy to exploit, run-of-the-mill stack overflow. By authenticating and sending a large argument to the STATUS command in the IMAP component, a buffer...

eMule 0.42d - IRC Remote Buffer Overflow

!/usr/bin/perl eMule = 0.42d Remote Exploit by kcope exploits the DecodeBase16 buffer overflow tested on WinXP SP1 / Win2k SP4 bindport/connectback shellcode thanks Kostya Kortchinsky for his posting to bugtraq greetings to sander, blackzero, beginna, adize, A-cru and wY :p have fun! kcope,...

Foxmail 5.0 - 'PunyLib.dll' Remote Stack Overflow

/ fmx.c - x86/win32 Foxmail 5.0 PunyLib.dll remote stack buffer overflow exploit C COPYRIGHT XFOCUS Security Team, 2004 All Rights Reserved ----------------------------------------------------------------------- Author : xfocus : http://www.xfocus.org Maintain : XFOCUS Security Team Version : 0.2...

Important: Red Hat Security Advisory: apache, openssl security update for Stronghold

Updated versions of Stronghold 4 cross-platform are available that fix security issues affecting OpenSSL and the Apache HTTP Server. A number of bug fixes are also included. Stronghold 4 contains a number of open source technologies, including OpenSSL 0.9.6 and the Apache HTTP Server. Testing...

Crafty Game Stack Overflow & Exploit

Copyright © Rosiello Security http://www.rosiello.org ADVISORY: http://www.rosiello.org/en/readbugs.php?18 BACKGROUND: by SecurityTracker EXPLOIT: http://www.rosiello.org/archivio/crafty.zip Impact: Execution of arbitrary code via local system, User access via local system Versions: 19.3 and prio...

Serv-U 4.x ""site chmod"" Remote Buffer Overflow Exploit

No description provided by source. include stdio.h include sys/types.h include sys/socket.h include netinet/in.h define exploitlength 511 define NOP 'A' define SEHhandleroffset 400 char SEHhandler = "\x41\x41\xEB\x04"; // 3 jmp over next four bytes char retaddress4004 = "\xab\x1c\x5f\x01"; // 1...

EZMeeting 3.x - EZNet.exe Long HTTP Request Remote Buffer Overflow

EZMeeting 3.x - EZNet.exe Long HTTP Request Remote Buffer Overflow //source: https://www.securityfocus.com/bid/9167/info // //A problem has been identified in the handling of some types of requests by the eZ package, resulting in a buffer overrun. Because of this, it may be possible for a remote...

[EXPL] Oracle Command Line Overflow (Exploit)

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

Atrium Software Mercur MailServer 3.3/4.0/4.2 - IMAP AUTH Remote Buffer Overflow

source: https://www.securityfocus.com/bid/8861/info A problem has been reported in MERCUR Mailserver when handling the IMAP AUTH command. The issue occurs when an overly long command is submitted, which may be due to a buffer overrun. This problem may make it possible for an attacker to gain...

ProFTPd 1.2.9 rc2 - '.ASCII' File Remote Code Execution (1)

/ proftpd 1.2.7/1.2.9rc2 remote root exploit by bkbll bkbllcnhonker.net, 2003/10/1 for FTPProFTPDTranslateOverflow found by X-force happy birthday, China. this code is dirty, there are more beautiful exploits of proftpd for this vuln in the world. this code want to provied u a method, not finally...

DSA-390 marbles - buffer overflow

Bulletin has no description...

CVE-2003-0694

The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c...

Pine 4.56 - Remote Buffer Overflow

Pine 4.56 - Remote Buffer Overflow / Mon Sep 15 09:35:01 CEST 2003 remote? Pine eip/ebp this can actually be "bruteforced" I didn't show this since this is a PoC and uses "exact offsets" All u do is supply multiple charsets and overwrite larger areas of memory This makes method 1 100% successfull...

Eudora 6.0 attachment spoof, exploit

Eudora 6.0 was released recently; I tested the Windows version only. It still contains several vulnerabilities, the most serious being an execute-any-code bug. It is distressing that the "spoof and steal" bug was pointed out years ago; the execute-any-code bug in 5.2.1 was sent to Qualcomm on 29...

Pine <= 4.56 Remote Buffer Overflow Exploit

No description provided by source. / Mon Sep 15 09:35:01 CEST 2003 remote? Pine = 4.56 exploit by sorbo sorbox yahoo com darkirco Ok won't talk much about the bug since as usual idefense advisories are proper advisories and explain everything... exploiting the bug is trivial after reading the adv...

Microsoft WordPerfect Document Converter Exploit (MS03-036)

Exploit for unknown platform in category remote exploits =========================================================== Microsoft WordPerfect Document Converter Exploit MS03-036 =========================================================== // / Microsoft WordPerfect Document Converter Buffer Overflow...

CVE-2003-0725

Buffer overflow in the RTSP protocol parser for the View Source plug-in vsrcplin.so or vsrcplin3260.dll for RealNetworks Helix Universal Server 9 and RealSystem Server 8, 7 and RealServer G2 allows remote attackers to execute arbitrary code...

GtkFtpd 1.0.4 Remote Root Buffer Overflow Exploit

No description provided by source. / gtkftpdv1.0.4and below: remote root buffer overflow exploit. by: vade79/v9 v9 at fakehalo.deadpig.org fakehalo/realhalo Url: http://gtkftpd.sourceforge.net/ GtkFtpd, versions v1.0.4 and belowas of this time, contain a remotely exploitable buffer overflow. the...