HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)

A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RSTSTREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any...

TECO JN5 L510-DriveLink 1.482 - .lf5 Overwrite Buffer Overflow (SEH)

TECO JN5 L510-DriveLink 1.482 - .lf5 Overwrite Buffer Overflow SEH !/usr/bin/perl TECO JN5 L510-DriveLink 1.482 SEH Overwrite Buffer Overflow Exploit Vendor: TECO Electric and Machinery Co., Ltd. Product web page: http://www.teco-group.eu Download:...

Pdf Shaper Buffer Overflow

This module requires Metabuffer: http://metabuffer.com/download Current source: https://github.com/rapid7/metabuffer-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank definition: http://dev.metabuffer.com/redmine/projects/framework/wiki/ExploitRanking...

MAARCH 1.4 - Arbitrary File Upload

No description provided by source. / Exploit Title: Maarch 1.4 Arbitrary file upload Google Dork: intext:"Maarch Maerys Archive v2.1 logo" Date: 29/10/2014 Exploit Author: Adrien Thierry Exploit Advisory: http://asylum.seraum.com/Security-Alert-GED-ECM-Maarch-Critical-Vulnerabilities.html Vendor...

F5 Big-IP - rsync Access

When configured in a high availability mode, the F5 solution suffers from an unauthenticated rsync access vulnerability that can be leveraged to upload a malicious SSH key and gain remote root access to the appliance. The BigIP platform configures an rsync daemon listening on the ConfigSync...

VisualSite CMS 1.3 - Multiple Vulnerabilities

No description provided by source. ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ http://www.exploit-db.com/moaub-25-visualsite-cms-multiple-vulnerabilities/ ''' Abysssec Inc Public Advisory Title : VisualSite CMS Multiple...

ALLMediaServer 0.95 Buffer Overflow Vulnerability

This Metasploit module exploits a stack buffer overflow in ALLMediaServer 0.95. The vulnerability is caused due to a boundary error within the handling of HTTP request. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the...

PCMan's FTP Server 2.0.7 - Buffer Overflow Exploit

Exploit for windows platform in category remote exploits !/usr/bin/env python import signal from time import sleep from socket import from sys import exit, excinfo TitlePCMan FTP Server v2.0.7 Remote Root Shell Exploit - USER Command Discovered and ReportedJune 2013 Discovered/Exploited ByJacob...

Windows Light HTTPD 0.1 - Buffer Overflow Vulnerability

Exploit for windows platform in category remote exploits import urllib2 from time import sleep TitleWindows Light HTTPD v0.1 HTTP GET Buffer Overflow Discovered and Reported24th of April, 2013 Discovered/Exploited ByJacob Holcomb/Gimppy042 Software...

Windows Light HTTPD 0.1 Buffer Overflow

import urllib2 from time import sleep TitleWindows Light HTTPD v0.1 HTTP GET Buffer Overflow Discovered and Reported24th of April, 2013 Discovered/Exploited ByJacob Holcomb/Gimppy042 Software Vendorhttp://sourceforge.net/projects/lhttpd/?source=navbar Exploit/Advisoryhttp://infosec42.blogspot.com...

Ultimate PHP Board 2.2.7 - Broken Authentication and Session Management

Ultimate PHP Board 2.2.7 - Broken Authentication and Session Management Exploit Title : Ultimate PHP Board 2.2.7 "Broken Authentication and Session Management" Date : 2011.05.17 Author : i2sec - Gi bum Hong Software Link : http://sourceforge.net/projects/textmb/files/UPB/UPB%202.2.7/ Version :...

Rosoft media player 4.4.4 SEH Buffer Overflow

No description provided by source. !/usr/bin/python Title: Rosoft media player 4.4.4 SEH buffer overflow Date: August 15, 2010 Author: dijital1 Original Advisory: http://www.exploit-db.com/exploits/14601 - abhishek lyall Download: http://www.exploit-db.com/application/14601/ Platform: Windows XP...

taifajobs 1.0 SQL Injection

ECHOADV103$2009 ----------------------------------------------------------------------------------------- ECHOADV103$2009 taifajobs = 1.0 jobid Remote SQL Injection Vulnerability ----------------------------------------------------------------------------------------- Author : K-159 Date :...

cvstrac.txt

Hi, Im Richard Ngo, this is the first time i report an exploit and found a remote exploit that could allow arbitrary code execution in CVStrac. sample exploit filediff?f=CVSROOT/rcsinfo&v1=1.1&v2=1.2;w; All versions vulnerable. I have not contacted cvstrac.org since i cant find their email addres...

PtHProductions Gastenboek - XSS

------------------------------------------------------------------ - EXPL-A-2003-022 exploitlabs.com Advisory 022 ------------------------------------------------------------------ -= PtHProductions Gastenboek =- Donnie Werner Aug, 29 2003 Vunerabilitys: ---------------- 1. Persistant XSS injecti...

Revival of the SUQ.DIQ homepage

Lots of people have requested the SUQ.DIQ package since the closing of the SUQ.DIQ website. Did you all notice how IBMs stocks dropped after the release of this "exploit" and the rather aggresive advisory released by IBM seemed only to make it worse? I can imagine it's a bit of a set back for IBM...