68 matches found
Cisco ASA - Crash (PoC)
Cisco ASA - Crash PoC Cisco ASA CVE-2018-0101 Crash PoC We basically just read: https://www.nccgroup.trust/globalassets/newsroom/uk/events/2018/02/reconbrx2018-robin-hood-vs-cisco-asa.pdf @zerosum0x0, @jennamagius, @alephnaught import requests, sys headers = headers'User-Agent' = 'Open AnyConnect...
LG MRA58K - 'ASFParser::ParseHeaderExtensionObjects' Missing Bounds-Checking
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1222 There is a memcpy in ASFParser::ParseHeaderExtensionObjects which doesn't check that the size of the copy is smaller than the size of the source buffer, resulting in an out-of-bounds heap read. The vulnerable code appears to b...
VirtualBox - Guest-to-Host Privilege Escalation via Broken Length Handling in slirp Copy Exploit
Exploit for windows platform in category local exploits Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1086 There is a vulnerability in VirtualBox that permits an attacker with root privileges in a virtual machine with a NAT network interface to corrupt the memory of the...
Oracle VM VirtualBox - Guest-to-Host Privilege Escalation via Broken Length Handling in slirp Copy
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1086 There is a vulnerability in VirtualBox that permits an attacker with root privileges in a virtual machine with a NAT network interface to corrupt the memory of the userspace host process and leak memory contents from the...
The Unarchiver 3.11.1 - '.tar.Z' Crash (PoC)
Exploit Title: The Unarchiver 3.11.1 '.tar.Z' Local Crash PoC Date: 10-17-2016 Exploit Author: Antonio Z. Vendor Homepage: http://unarchiver.c3.cx/unarchiver Software Link: http://unarchiver.c3.cx/downloads/TheUnarchiver3.11.1.zip Version: 3.11.1 Tested on: OS X 10.10, OS X 10.11, OS X 10.12 More...
Google Android - libutils UTF16 to UTF8 Conversion Heap Buffer Overflow
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=840 There's an inconsistency between the way that the two functions in libutils/Unicode.cpp handle invalid surrogate pairs in UTF16, resulting in a mismatch between the size calculated by utf16toutf8length and the number of bytes...
Xion Audio Player 1.5 (build 160) - '.mp3' Crash (PoC)
Exploit for windows platform in category dos / poc Exploit Title: Xion Audio Player new'legit.mp3'; whatever mp3 you got handy $mp3-titleset'A' x 5000; title/artist tags $mp3-artistset'A' x 5000; may vary although both seems to be needed $mp3-updatetags; $mp3-close; print " Completed.\n";...
Xion Audio Player 1.5 (build 160) - '.mp3' Crash (PoC)
Exploit Title: Xion Audio Player new'legit.mp3'; whatever mp3 you got handy $mp3-titleset'A' x 5000; title/artist tags $mp3-artistset'A' x 5000; may vary although both seems to be needed $mp3-updatetags; $mp3-close; print " Completed.\n";...
Sam Spade 1.14 - S-Lang Command Field SEH Overflow Exploit
Exploit for windows platform in category dos / poc !/usr/bin/env python Exploit Title : Sam Spade 1.14 S-Lang Command Field SEH Overflow Crash PoC Discovery by : Nipun Jaswal Email : email protected Discovery Date : 12/11/2015 Vendor Homepage : http://samspade.org Software Link :...
QNap QVR Client 5.1.0.11290 - Crash PoC
Exploit for windows platform in category dos / poc !/usr/bin/env python -- coding: utf-8 -- Exploit Title : QNap QVR Client 5.1.0.11290 Crash PoC Discovery by : Luis Martínez Email : email protected Discovery Date : 05/11/2015 Vendor Homepage: http://www.qnapsecurity.com/n/en/ Software Link :...
Flash - PCRE Regex Compilation Zero-Length Assertion Arbitrary Bytecode Execution
Source: https://code.google.com/p/google-security-research/issues/detail?id=224&can=1&q=label%3AProduct-Flash%20modified-after%3A2015%2F8%2F17&sort=id There’s an error in the PCRE engine version used in Flash that allows the execution of arbitrary PCRE bytecode, with potential for memory corrupti...
Havij Pro - Crash POC Exploit
Exploit for windows platform in category dos / poc !/usr/bin/env python Exploit Title:Havij Pro Crash POC Tested:windows7 Sofrware Link:http://www.itsecteam.com/ Version:1.17 Email:email protected Author:email protected Team run python poc.py copy content to target click Analyze EDB-Note: tested...
Acunetix Web Vulnerability Scanner 9.5 - Crash PoC Exploit
Exploit for windows platform in category dos / poc !/usr/bin/env python Title : Acunetix Web Vulnerability Scanner 9.5 - Crash Proof Of Concept Website : https://www.acunetix.com Tested : win 7 / win 8.1 / win vista Author : Hadi Zomorodi Monavar Email : email protected 1 . run python code : pyth...
Immunity Debugger 1.85 - Crash PoC
Exploit for windows platform in category dos / poc Title: Immunity Debugger - Crash Date: 08/07/2015 Author: Arsyntex Vendor Homepage: http://www.immunityinc.com/products/debugger/ Version: v1.85 Tested on: Windows 8.1 Pro Incorrect path/file EXtEnsion parsing. -Create folder with the name:...
Seagate Dashboard 4.0.21.0 - Crash (PoC)
!/usr/bin/env python Exploit Title: Crash PoC Seagate Dashboard 4.0.21.0 Date: 2015-06-20 Exploit Author: HexTitan Vendor Homepage: http://www.seagate.com/ Software Link: http://www.seagate.com/support/downloads/item/seagate-dashboard-windows-master-dl/ Version: 4.0.21.0 Tested on: Windows 8.1...
Private Shell SSH Client 3.3 - Crash PoC
Exploit for windows platform in category dos / poc ''' Exploit title: privateshell SSH Client v.3.3 denial of service vulnerability Date: 27-5-2015 Vendor homepage: www.privateshell.com Software Link: http://www.privateshell.com/files/pshell.exe Version: 3.3 Author: 3unnym00n Details: -------- wh...
jetAudio 8.1.3.2200 Crash Proof Of Concept
Exploit Title : jetAudio 8.1.3.2200 Basic m3u Crash POC Product : jetAudio Basic Date : 27.12.2014 Exploit Author : Hadji Samir [email protected] Software Link : http://www.jetaudio.com/download/ Vulnerable version : 8.1.3.2200 Basic Vendor Homepage : http://www.jetaudio.com/ Tested on : Windows 7...
TEC-IT TBarCode OCX ActiveX Control (TBarCode4.ocx 4.1.0) - Crash PoC
No description provided by source. Exploit Title: TEC-IT TBarCode OCX ActiveX Control TBarCode4.ocx 4.1.0 dos poc Date: 29.7.2013 Exploit Author: d3b4g Vendor Homepage:http://www.tec-it.com/en/start/Default.aspx Software Link: http://www.tec-it.com/en/start/Default.aspx Tested on: Windows XP SP3...
VLC 2.1.2 - (.asf file) Crash PoC
No description provided by source. !/usr/bin/python VLC Media Player up to 2.1.2 DOS POC Integer Division By zero in ASF Demuxer VLC Media Player is prone to DOS utilizing a division by zero error if minimium data packet size is equal to zero. this was tested on windows XP sp3 and affects all...
Pure-FTPd 1.0.21 (CentOS 6.2 & Ubuntu 8.04) - Crash PoC (Null Pointer Dereference)
No description provided by source. Pure-FTPd Crash PoC Null Pointer Dereference, tested with pure-ftpd v1.0.21 centos 6.2, ubuntu 8.04 latest version v1.0.36 is not affected !! discovered by Kingcope root@ubuntu: grep seg /var/log/syslog Aug 13 13:55:28 ubuntu kernel: 226.791747 pure-ftpd4825:...