2058 matches found
Red-M Red-Alert 3.1 - Remote Denial of Service
Red-M Red-Alert 3.1 - Remote Denial of Service source: https://www.securityfocus.com/bid/9618/info Problems in various abilities have been identified in the Red-M Red-Alert network monitors. Because of this issues, an attacker may be able to crash a vulnerable device and eliminate logs, gain...
Possible Cross Site Scripting in Discuz! Board
Advisory Name:Possible Cross Site Scripting in Discuz! Board Release Date: Feb 5,2004 Application: Discuz! Board Version Affected: 2.x , 3.x Platform: PHP Severity: Low Discover: Cheng Peng Suapplesoupatmsn.com Vendor URL: http://www.discuz.com/ Proof Of Concept: A thread including:...
RhinoSoft Serv-U FTPd Server 4.x - 'site chmod' Remote Buffer Overflow
include include include include define exploitlength 511 define NOP 'A' define SEHhandleroffset 400 char SEHhandler = "\x41\x41\xEB\x04"; // 3 jmp over next four bytes char retaddress4004 = "\xab\x1c\x5f\x01"; // 1 libeay32.015f1cab char retaddress4100 = "\xcb\x1c\x41\x01"; // 1 ssleay32.01411ccb...
RhinoSoft Serv-U FTPd Server 4.x - site chmod Remote Buffer Overflow
RhinoSoft Serv-U FTPd Server 4.x - site chmod Remote Buffer Overflow include include include include define exploitlength 511 define NOP 'A' define SEHhandleroffset 400 char SEHhandler = "\x41\x41\xEB\x04"; // 3 jmp over next four bytes char retaddress4004 = "\xab\x1c\x5f\x01"; // 1...
Serv-U 4.x "site chmod" Remote Buffer Overflow Exploit
Exploit for unknown platform in category remote exploits ====================================================== Serv-U 4.x "site chmod" Remote Buffer Overflow Exploit ====================================================== include include include include define exploitlength 511 define NOP 'A'...
mIRC 6.1 - DCC Get Dialog Denial of Service
mIRC 6.1 - DCC Get Dialog Denial of Service source: https://www.securityfocus.com/bid/9492/info A vulnerability has been reported to exist in mIRC that may allow a remote attacker to crash a vulnerable mIRC client. It has been reported that the issue will present itself only in certain...
Need for Speed 2 Remote Client Buffer Overflow Exploit
No description provided by source. / Need for Speed 2 Remote Client Buffer Overflow Exploit - 23.01.2004 by Luigi Auriemma UNIX & WIN VERSION / include stdio.h include stdlib.h include string.h ifdef WIN32 include winsock.h include "winerr.h" define close closesocket else include unistd.h include...
Linux Kernel 2.4.232.6.0 - do_mremap() Bound Checking Privilege Escalation
Linux Kernel 2.4.232.6.0 - domremap Bound Checking Privilege Escalation / Linux kernel mremap bound checking bug exploit. Bug found by Paul Starzetz Copyright c 2004 iSEC Security Research. All Rights Reserved. THIS PROGRAM IS FOR EDUCATIONAL PURPOSES ONLY IT IS PROVIDED "AS IS" AND WITHOUT ANY...
Linux Kernel 2.4.23/2.6.0 - 'do_mremap()' Bound Checking Privilege Escalation
/ Linux kernel mremap bound checking bug exploit. Bug found by Paul Starzetz Copyright c 2004 iSEC Security Research. All Rights Reserved. THIS PROGRAM IS FOR EDUCATIONAL PURPOSES ONLY IT IS PROVIDED "AS IS" AND WITHOUT ANY WARRANTY. COPYING, PRINTING, DISTRIBUTION, MODIFICATION WITHOUT PERMISSIO...
Linux kernel do_mremap() local privilege escalation vulnerability
Background The Linux kernel is responsible for memory management in a working system - to allow this, processes are allowed to allocate and unallocate memory. Description The memory subsystem allows for shrinking, growing, and moving of chunks of memory along any of the allocated memory areas whi...
PhpGedView 2.61 - Search Script Cross-Site Scripting
PhpGedView 2.61 - Search Script Cross-Site Scripting source: https://www.securityfocus.com/bid/9369/info PhpGedView is prone to a cross-site scripting vulnerability. Remote attackers may create malicious links to this script that include hostile HTML and script code. If such a link was followed b...
Linux Kernel ""do_mremap"" Local Proof of Concept
No description provided by source. / Proof-of-concept exploit code for domremap Copyright C 2004 Christophe Devine and Julien Tinnes This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software...
Xsok v1.02 ""-xsokdir"" local buffer overflow game exploit
No description provided by source. / 0x333xsok 2 = xsok 1.02 local game exploit Happy new year ! 2 : coded by c0wboy c 0x333 Outsiders Security Labs / www.0x333.org / include stdio.h include unistd.h define BIN "/usr/games/xsok" define RETADD 0xbffffa3c define SIZE 200 unsigned char shellcode = /...
Xlight FTP Server 1.25/1.41 - 'PASS' Remote Buffer Overflow
source: https://www.securityfocus.com/bid/9285/info It has been reported that Xlight FTP Server is prone to a remote buffer overflow condition that may allow an attacker to gain unauthorized access to a system running the vulnerable software. The issue presents itself when an attacker sends a...
PHP-Nuke 6.9 - 'cid' SQL Injection
!/usr/bin/perl -w use IO::Socket; THIS CODE PUBLIC NOW = \ \ / | \ | / | / / \ | | \ | /\ \ / || /// | / / / / based on 'cid' sql injection vuln in Download module, more info about this vuln u can see here: http://rst.void.ru/texts/advisory10.htm work only on mysql version 4.0 tested on...
HP-UX B11.11 - usrbinct Format String Privilege Escalation
HP-UX B11.11 - usrbinct Format String Privilege Escalation / File : xhp-ux11inlsct.c Usage : cc xhp-ux11inlsct.c -o xct ; ./xct Purpose : Get a local rootshell from /usr/bin/ct,using HP-UX location language format string bug. Author : watercloud xfocus org Tested : On HP-UX B11.11 . / include...
EZPhotoShare 1.0/1.1 - Memory Corruption
source: https://www.securityfocus.com/bid/9150/info eZphotoshare has been reported prone to multiple remote memory corruption vulnerabilities. The issues present themselves in the routines employed by eZphotoshare to handle network based communications. It has been reported that a remote attacker...
Linux Kernel 2.4.22 - 'do_brk()' Local Privilege Escalation (1)
; E-DB Note: Updated Exploit https://www.exploit-db.com/exploits/131/ ; ; Christophe Devine devine at cr0.net and Julien Tinnes julien at cr0.org ; ; This exploit uses sysbrk directly to expand his break and doesn't rely ; on the ELF loader to do it. ; ; To bypass a check in sysbrk against...
Applied Watch Command Center 1.0 - Authentication Bypass (1)
// source: https://www.securityfocus.com/bid/9124/info A vulnerability has been identified in the system that may allow an attacker to bypass authentication to add attacker supplied IDS alerts and new user accounts in the console. Successful exploitation of these issues may allow an attacker to...
Thomson Cablemodem TCM315 - Denial of Service
Thomson Cablemodem TCM315 - Denial of Service // source: https://www.securityfocus.com/bid/9091/info A problem has been identified in Thomson Cable Modems when handling long requests on the HTTP port. Because of this, it may be possible for an attacker to deny service to legitimate users of the...