Sitebuilder 1.4 - 'sitebuilder.cgi' Directory Traversal

source: https://www.securityfocus.com/bid/8521/info Sitebuilder is said to be prone to a directory traversal vulnerability, potentially allowing users to disclose the contents of system files. The problem occurs due to the application failing to parse user-supplied input for directory traversal...

gtkftpd[v1.0.4(and below)]: remote root buffer overflow exploit.

basic audit of gtkftpd; buffer overflow exists in the "LIST" command, in conjunction with a large file or directory namedoesn't account for the prefix to the buffer to exceed 256 bytes. this is explained in more detial in the exploit comment header. all purpose brute force exploit original exploi...

MS Windows 2000 RSVP Server Authority Hijacking PoC Exploit

Exploit for unknown platform in category remote exploits =========================================================== MS Windows 2000 RSVP Server Authority Hijacking PoC Exploit =========================================================== // Microsoft Windows 2000 Subnet Bandwidth Manager RSVP Serv...

Meteor FTP Server 1.2/1.5 - USER Memory Corruption

source: https://www.securityfocus.com/bid/8376/info Meteor FTP Server is prone to a memory corruption vulnerability that can be triggered by a malicious client via an overly value for the FTP USER command. This could be exploited to cause a server crash. Further reports indicate that this may...

Xtokkaetama 1.0 b-6 - Nickname Local Buffer Overflow (2)

Xtokkaetama 1.0 b-6 - Nickname Local Buffer Overflow 2 // source: https://www.securityfocus.com/bid/8337/info xtokkaetama is prone to a locally exploitable buffer overflow vulnerability. This is due to insufficient bounds checking of the '-nickname' command line option, which could result in...

Xtokkaetama 1.0 b-6 - Nickname Local Buffer Overflow (1)

// source: https://www.securityfocus.com/bid/8337/info xtokkaetama is prone to a locally exploitable buffer overflow vulnerability. This is due to insufficient bounds checking of the '-nickname' command line option, which could result in execution of arbitrary code in the context of the software...

WU-FTPD 2.6.2 - Off-by-One Remote Command Execution

WU-FTPD 2.6.2 - Off-by-One Remote Command Execution / wu-ftpd v2.6.2 off-by-one remote 0day exploit. exploit by "you dong-hun"Xpl017Elz Brute-Force function added. / define VERSION "v0.0.3" include include include include include include define DEBUGNG undef DEBUGNG define NRL 0 define SCS 1 defi...

Apache 1.3.x mod_mylo Remote Code Execution Exploit

No description provided by source. / Apache + modmylo remote exploit By Carl Livitt / July 2003 carllivitt at hush dot com Public release - Linux and FreeBSD targets. / include sys/types.h include sys/stat.h include sys/socket.h include net/if.h include netinet/in.h include netinet/tcp.h include...

The Analysis of LSD's Buffer Overrun in Windows RPC Interface by Xfocus [Moderator: new targets in exploit code]

The Analysis of LSD's Buffer Overrun in Windows RPC Interface Author:Flashsky site:www.xfocus.org WWW.VENUSTECH.COM.CN WWW.SHOPSKY.COM Email:[email protected] Translator:Benjurry Email:[email protected] Code by Flashsky and Benjurry http://www.xfocus.org/documents/200307/2.html Foreword On Ju...

MS Windows (RPC DCOM) Remote Buffer Overflow Exploit

No description provided by source. include stdio.h include winsock2.h include windows.h include process.h include string.h include winbase.h pragma commentlib,"ws232" unsigned char bindstr= 0x05,0x00,0x0B,0x03,0x10,0x00,0x00,0x00,0x48,0x00,0x00,0x00,0x7F,0x00,0x00,0x00,...

Top 1.x/2.0 - 'HOME Environment' Local Buffer Overflow

// source: https://www.securityfocus.com/bid/8239/info A buffer overflow condition has been reported in top when handling environment variables of excessive length. This may result in an attacker potentially executing arbitrary code. / UHAGr CONFIDENTIAL SOURCE - DO NOT DISTRIBUTE Local...

Savant Web Server 3.1 - CGITest.HTML Cross-Site Scripting

Savant Web Server 3.1 - CGITest.HTML Cross-Site Scripting source: https://www.securityfocus.com/bid/8242/info cgitest.html has been reported prone to cross-site scripting attacks. The issue occurs due to a lack of sufficient sanitization performed on data supplied to the cgitest.html script. This...

Cisco IOS IPv4 Packet Denial of Service Exploit (cisco-bug-44020.c)

Exploit for hardware platform in category dos / poc =================================================================== Cisco IOS IPv4 Packet Denial of Service Exploit cisco-bug-44020.c =================================================================== // / cisco-bug-44020.c - Copyright by Marti...

splatt.txt

From: "BlackAngels" To: Subject: Splatt Forum html injection code in post icon Date: Wed, 16 Jul 2003 20:36:59 +0200 Vulnerability description Any user can inject html code when create a new post. The bug is in the post icon : If you create a personalized form with this code:...

XPCD 2.0.8 - 'HOME Environment' Local Buffer Overflow

// source: https://www.securityfocus.com/bid/8370/info A problem in the handling of long strings in environment variables by xpcd may result in a buffer overflow condition. This may allow an attacker to gain unauthorized access to system resources. / xpcd 2.0.8 latest exploit written by r-code...

CitadelUX BBS 6.07 - Remote Overflow

CitadelUX BBS 6.07 - Remote Overflow / Citadel/UX 6.07 Remote exploit By Carl Livitt, July 2003 / include include include include include include include include include include include include include include // If you change these, things will probably break. define SIZ 4096 define LEN 298 defi...

Citadel/UX BBS 6.07 Remote Exploit

Exploit for linux platform in category remote exploits ================================== Citadel/UX BBS 6.07 Remote Exploit ================================== / Citadel/UX 6.07 Remote exploit By Carl Livitt, July 2003 / include include include include include include include include include...

CyberShop-ASP 6.0Fx Vulnerable with shopdbtest.asp

$Indonesia - Security Development Team 2000 - 2003 Advisory Name: CyberShop-ASP 6.0Fx Vulnerable with shopdbtest.asp Release Date: 3:41 PM 7/13/03 Application: CyberShop ASP 6.0Fx Platform: Win32 Severity: High BUG Type: Security leak Author: DrPonidi [email protected] Discover by:...

Samba 2.2.8 - Brute Force Method Remote Command Execution

/ Mass Samba Exploit by Schizoprenic Xnuxer-Research c 2003 This code just for eduction purpose / include include include void usagechar s printf"Usage: %s \n",s; exit-1; int mainint argc, char argv printf"Mass Samba Exploit by Schizoprenic\n"; ifargc != 3 usageargv0; scanargv1, argv2; return 0;...

Microsoft IIS 5.0 - WebDAV Remote Code Execution (3) (xwdav)

Microsoft IIS 5.0 - WebDAV Remote Code Execution 3 xwdav / IIS 5.0 WebDAV Exploit Xnuxer Lab By Schizoprenic, Copyright c 2003 WebDAV exploit without netcat or telnet and with pretty magic number as RET / include include include include include include include include include define RET 0xc9c9...