mIRC 6.1 - IRC Protocol Remote Buffer Overflow

mIRC 6.1 - IRC Protocol Remote Buffer Overflow / remote mirc 998 chars to someone on IRC is simply NOT done : Then I remember the iframe-irc:// flaw found by uuuppzz 2 This exploit will write an malicious HTML file containing an iframe executing the irc:// address. So you can give this to anyone ...

mIRC 6.1 - 'IRC' Protocol Remote Buffer Overflow

/ remote mirc 998 chars to someone on IRC is simply NOT done : Then I remember the iframe-irc:// flaw found by uuuppzz 2 This exploit will write an malicious HTML file containing an iframe executing the irc:// address. So you can give this to anyone on IRC for example ; The shellcode included doe...

IBM DB2 - Universal Database 7.2 db2licm Local Overflow

IBM DB2 - Universal Database 7.2 db2licm Local Overflow / Local Exploit for db2licm IBM db2 v 7.1 Linux/x86 vulnerability researched by Juan Manuel Pascual Escriba pask at uninet.edu / char sc= "\x31\xc0" / begin setuid 0 / "\x31\xdb" "\xb0\x17" "\xcd\x80" "\xeb\x1f" "\x5e" "\x89\x76\x08"...

GtkFtpd 1.0.4 - Remote Buffer Overflow

/ gtkftpdv1.0.4and below: remote root buffer overflow exploit. by: vade79/v9 v9 at fakehalo.deadpig.org fakehalo/realhalo Url: http://gtkftpd.sourceforge.net/ GtkFtpd, versions v1.0.4 and belowas of this time, contain a remotely exploitable buffer overflow. the overflow occurs when GtkFtpd...

SynAtari800.pl

!perl PoC By OpTiKoOl, for Atari 800 Emulator, Version 1.3.0 based on http://www.securityfocus.com/archive/1/331518/2003-08-01/2003-08-07/0 - This PoC exploits a bof in parsing a very long config file 250 bytes As in the advisory there's other bofs. but i just researched this one to make a...

LeapWare LeapFTP 2.7.x - Remote Buffer Overflow

LeapWare LeapFTP 2.7.x - Remote Buffer Overflow / ,---------------------------------------------------- ; LeapFTP remote buffer overflow exploit ; by drG4njubas \ DWC Group ---------------------------------------------------- ,---------------------------------------------------- ;This exploit...

FoxWeb 2.5 - PATH_INFO Remote Buffer Overrun

source: https://www.securityfocus.com/bid/8547/info FoxWeb is prone to a remotely exploitable buffer overrun vulnerability. This is due to insufficient bounds checking of user-supplied PATHINFO data to the Foxweb CGI and ISAPI extension. Successful exploitation would permit a remote attacker to...

Atftpd 0.6 Remote Root Exploit (atftpdx.c)

Exploit for linux platform in category remote exploits ========================================== Atftpd 0.6 Remote Root Exploit atftpdx.c ========================================== / PoC linux/86 remote exploit against atftpd c gunzip FIXED / include include include include include include inclu...

Microsoft Internet Explorer - Object Tag (MS03-020)

!/usr/bin/perl Proof of concept exploit on IE 5.x - 6.x by Alumni IE-Object longtype dynamic call oferflow url:// the flaw actually exists in URLMON.DLL when converting backslashes to wide char, this can be seen on stack dump near '&CLSID=AAA...2F2F...'. To exploit: i start server perl script; ii...

ATFTP 0.7 - Timeout Command Line Argument Local Buffer Overflow

ATFTP 0.7 - Timeout Command Line Argument Local Buffer Overflow source: https://www.securityfocus.com/bid/7902/info atftp is prone to a locally exploitable buffer overflow condition. This issue is due to insufficient bounds checking performed on input supplied to the command line parameter -t for...

Ifenslave 0.0.7 - Argument Local Buffer Overflow (1)

Ifenslave 0.0.7 - Argument Local Buffer Overflow 1 source: https://www.securityfocus.com/bid/7682/info ifenslave for Linux has been reported prone to a buffer overflow vulnerability. The issue is reportedly due to a lack of sufficient bounds checking performed on user-supplied data before it is...

ListProc 8.2.9 - Catmail ULISTPROC_UMASK Buffer Overflow

source: https://www.securityfocus.com/bid/7533/info ListProc catmail has been reported prone to a buffer overflow vulnerability when handling a ULISTPROCUMASK environment variable of excessive length. The issue is likely due to a lack of sufficient bounds checking performed when copying the...

[SECURITY] [DSA 295-1] New pptpd packages fix remote root exploit

-------------------------------------------------------------------------- Debian Security Advisory DSA 295-1 [email protected] http://www.debian.org/security/ Martin Schulze April 30th, 2003 http://www.debian.org/security/faq -...

[SECURITY] [DSA-262-1] samba security fix

------------------------------------------------------------------------ Debian Security Advisory DSA-262-1 [email protected] http://www.debian.org/security/ Wichert Akkerman March 15, 2003 - ------------------------------------------------------------------------ Package : samba Problem type :...

HP-UX 11.0/11.11 swxxx Local Root Shell Exploit

Exploit for hp-ux platform in category local exploits =============================================== HP-UX 11.0/11.11 swxxx Local Root Shell Exploit =============================================== / Program : xhpux11isw.c Use : HP-UX 11.11/11.0 exploit swxxx to get local root shell. Complie : cc...

war-ftpd-bof.pl

use IO::Socket; $port=21; $|=1; Kernel32 jmp esp 7754a3ab Kernel32 MessageBoxA 77e375d5 MSVCRT cexit 78003985 print "\tRemote Buffer overflow of user in WarFTPd 1.65 for Win2k\n\n\tBy [email protected]\n\n"; print "\tEnter The Target IP :"; $ip = ; chomp $ip; $host = inetaton$ip; $ServerAddr =...

[SECURITY] [DSA-089-1] several problems in icecast-server

Package : icecast-server Problem type : remote root exploit and others Debian-specific: no The icecast-server a streaming music server package as distributed in Debian GNU/Linux 2.2 has several security problems: if a client added a / after the filename of a file to be downloaded the server would...

xloadimage 4.1 - Remote Buffer Overflow

xloadimage 4.1 - Remote Buffer Overflow // source: https://www.securityfocus.com/bid/3006/info // // xloadimage is a utility used for displaying images of varying formats on X11 servers. // // xloadimage and possibly derivatives such as 'xli' contain a buffer overflow vulnerability in the handlin...

jaZip 0.32-2 - Local Buffer Overflow

jaZip 0.32-2 - Local Buffer Overflow !/usr/bin/perl jaZip Exploit / Tested version: jaZip-0.32-2 / anno 2000 || http://teleh0r.cjb.net/ Vulnerable: Turbolinux 6.0 teleh0r@localhost teleh0r$ rpm -q jaZip jaZip-0.32-2 teleh0r@localhost teleh0r$ ./jazip-exploit.pl Address: 0xbffff7ac bash $shellcode...

INND/NNRP < 1.6.x - Remote Overflow

/ INND/NNRP remote root overflow / include include include include define DEFAULTOFFSET 792 define BUFFERSIZE 796 define ADDRS 80 define RET 0xefbf95e4 define NOP "\x08\x21\x02\x80" int mainargc, argv int argc; char argv; char buff = NULL, ptr = NULL; ulong addrptr = NULL; int ofs = DEFAULTOFFSET...