CVE-2019-7712

An issue was discovered in handleripcomshellpwd in the Interpeak IPCOMShell TELNET server on Green Hills INTEGRITY RTOS 5.0.4. When using the pwd command, the current working directory path is used as the first argument to printf without a proper check. An attacker may thus forge a path containin...

EUVD-2020-0199

Malware in sbrugna...

EUVD-2007-0642

Malware in sbrugna...

EUVD-2008-7186

Malware in sbrugna...

CVE-2019-7715

An issue was discovered in the Interpeak IPCOMShell TELNET server on Green Hills INTEGRITY RTOS 5.0.4. The main shell handler function uses the value of the environment variable ipcom.shell.greeting as the first argument to printf. Setting this variable using the sysvar command results in a...

Rockwell Automation Stratix Ethernet Switches < 15.3 IOS Link Layer Discovery Protocol Format String Exploit

Binary data 720231.prm...

udisks2 2.8.0 Denial Of Service

Exploit: udisks2 2.8.0 - Denial of Service PoC Author: oxagast Date: 2018-09-22 Vendor Homepage: http://storaged.org/ Software Link: https://github.com/storaged-project/udisks Version: =udisks2 2.8.0 Tested on: Ubuntu x64 / / / \ / / / O / / \ \ /\//\// ========The vulnerable section of code...

Apple iChat 3.1.6 441 - aim:// URL Handler Format String Exploit PoC

No description provided by source. !DOCTYPE html PUBLIC -//W3C//DTD XHTML 1.1//EN http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd html head titleMOAB-20-01-2007/title script function boom var str = ''; for var i = 0; i 20; i++ str = str + escape'A%n'; str = 'aim:gochat?roomname=' + str;...

Mac OS X <= 10.4.6 (launchd) Local Format String Exploit (x86)

No description provided by source. !/usr/bin/perl http://www.digitalmunition.com/FailureToLaunch.pl Code by Kevin Finisterre kflistsatdigitalmunitiondotcom This is a practical application of Non Executable Stack Lovin - http://www.digitalmunition.com/NonExecutableLovin.txt This code currently jum...

Axigen <= 5.0.2 AXIMilter Remote Format String Exploit

No description provided by source. / Axigen 5.0.x AXIMilter Format String Exploit by hempel JAN 16 2008 thx to mu-b digit-labs.org / include stdio.h include netinet/in.h include sys/socket.h include sys/types.h include sys/uio.h include unistd.h include string.h char buf =...

ISC DHCPD 2.0/3.0.1 NSUPDATE Remote Format String Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4701/info The ISC DHCPD Dynamic Host Configuration Protocol is a collection of software implementing the DHCP protocol. It is available for a range of operating systems, including BSD and Solaris. A remote format string...

GNU Mailutils imap4d 0.6 - Remote Format String Exploit (exec-shield)

No description provided by source. / Fedora Core 6 exec-shield based GNU imap4d mailutils-0.6 search remote format string exploit by Xpl017Elz Advanced exploitation in exec-shield Fedora Core case study URL: http://x82.inetcop.org/h0me/papers/FCexploit/FCexploit.txt Reference:...

gpsdrive <= 2.09 (friendsd2) Remote Format String Exploit (x86)

No description provided by source. !/usr/bin/perl -w Code by KF, although it is most likely ripped from John H. kflistsatdigitalmunitiondotcom http://www.digitalmunition.com FrSIRT 24/24 & 7/7 - Centre de Recherche on Donkey Testicles. Free 14 day Testicle licking trial available! friendsd.c:367:...

Prozilla <= 1.3.7.3 - Remote Format String Exploit

No description provided by source. / ...\ \ /--..... .::.:/ / \ :.::. .::::./ / / |/ .::::. / / | \ \ / / .\\ / . . . ..::.... Electronic Souls ....::.. - Prozilla vs. Gentoo Security round 2 !@ Sometime ago there was a private exploit for Prozilla and due to some kiddo who randomly 0wned...

sudo 1.8.0 &lt; 1.8.3p1 - &#039;sudo_debug&#039; glibc FORTIFY_SOURCE Bypass + Privilege Escalation

/ death-star.c sudo v1.8.0-1.8.3p1 sudodebug format string root exploit + glibc FORTIFYSOURCE bypass by aeon - http://infosecabsurdity.wordpress.com/ This PoC exploits: - CVE-2012-0864 - FORTIFYSOURCE format string protection bypass via "nargs" integer overflow - CVE-2012-0809 - sudo v1.8.0-1.8.3...

CVE-2012-0809

Format string vulnerability in the sudodebug function in Sudo 1.8.0 through 1.8.3p1 allows local users to execute arbitrary code via format string sequences in the program name for sudo...

PHP <5.3.2 phar扩展多个格式化字符串漏洞

No description provided by source...

Gentoo Security Advisory GLSA 200409-01 (vpopmail)

The remote host is missing updates announced in advisory GLSA 200409-01. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Dream FTP 1.2 Remote Format String Exploit

No description provided by source. include stdio.h include sys/types.h include sys/socket.h include netinet/in.h // WIN NT/2K/XP cmd.exe shellcode // kernel32.dll baseaddress calculation: OS/SP-independent // string-save: 00, 0a and 0d free. // portbinding: port 28876 // looping: reconnect after...

VLC 0.8.6d httpd_FileCallBack Remote Format String Exploit

No description provided by source. / Epibite // bite since 1442 pown meme ta mamie / / Advisory from Luigi Auriemma CVE-2007-6682 / format string in VideoLAN VLC 0.8.6d Description : Format string vulnerability in the httpdFileCallBack...