Winmail Mail Server 2.3 Build 0402 - Remote Format String

/ Magic Winmail Server 2.3Build 0402 Remote Format string exploit. Coded by ThreaT. This one take advantage of a format bug in the SMTP protocol smtp port + The command to execute cannot exceed 90 characters + compile : cl.exe mwmxploit.c /w / include include pragma comment lib,"wsock32.lib" void...

man[v1.5l]: (catalog) format strings exploit / POC.

was looking at the source code to man, and came upon this. newer g libc's will stop this from happening. but, still worth noting/effective bypass with older glibc's explained in exploit header Vade79 - fakehalo.deadpig.org - fakehalo. -- xmanfmt.c: start -- / linuxmanv1.5l: format string exploit...

Crob FTP Server 2.50.4 - Remote 'Username' Format String

source: https://www.securityfocus.com/bid/7776/info A vulnerability has been reported for Crob FTP Server. The problem occurs due to invalid format specifiers used when displaying a user-supplied username. As a result, it may be possible for an attacker to embed format specifiers within a malicio...

eXtremail Multiple SMTP Command flog Function Format String

According to its version number, the remote eXtremail server has a format string vulnerability. A remote attacker could exploit this to crash the service, or possibly execute arbitrary code. C Tenable Network Security, Inc. Ref: http://online.securityfocus.com/archive/1/192791 Could not find a...

Slurp 1.10 - SysLog Remote Format String

source: https://www.securityfocus.com/bid/4935/info slurp is a freely available, open source NNTP client. It is designed for use on most Unix and Linux operating systems. It may be possible for a remote server to execute code on a vulnerable client. slurp offers functionality that allows the...

Unixware Message catalog exploit code

Hi, I'm jGgM. I was reported this problem Caldera, a few week ago. And, This exploit is fixed already. Hacker can modify message catalog and, It can possible format string exploit. for example $ gcc -o expshell expshell.c $ gcc -o getret getret.c $ gcc -o fmtexp fmtexp.c $ ./expshell $ ./getret...

sastcpd Buffer Overflow and Format String Vulnerabilities

---------------------------------------------------------- sastcpd Buffer Overflow and Format String Vulnerabilities Ministry-of-Peace - www.ministryofpeace.co.uk ---------------------------------------------------------- SYNOPSIS "SAS software provides the foundation, tools, and solutions for da...

eXtremail 1.x/2.1 - Remote Format String (1)

// source: https://www.securityfocus.com/bid/2908/info eXtremail is a freeware SMTP server available for Linux and AIX. eXtremail contains a format-string vulnerability in its logging mechanism. Attackers can send SMTP commands argumented with maliciously constructed arguments that will exploit...

eXtremail 1.x2.1 - Remote Format String (2)

eXtremail 1.x2.1 - Remote Format String 2 // source: https://www.securityfocus.com/bid/2908/info eXtremail is a freeware SMTP server available for Linux and AIX. eXtremail contains a format-string vulnerability in its logging mechanism. Attackers can send SMTP commands argumented with maliciously...

NSI Rwhoisd 1.5 - Remote Format String

NSI Rwhoisd 1.5 - Remote Format String // source: https://www.securityfocus.com/bid/3474/info Rwhoisd is a publicly available RWHOIS server daemon for Unix based systems developed and maintained by Network Solutions Inc. Rwhoisd contains a remotely exploitable format string vulnerability. It is...

WU-FTPD 2.6.0 - Remote Format Strings

/ 12:40 11/10/00: Tool for either attack or defense within an information warfare setting. Rather, it is a small program demonstrating proof of concept. Default values for solaris 2.8 and inetd. If you are not the intended recipient, or a person responsible for delivering it to the intended...

wu-ftpd 2.6.0 Remote Format Strings Exploit

Exploit for solaris platform in category remote exploits =========================================== wu-ftpd 2.6.0 Remote Format Strings Exploit =========================================== / 12:40 11/10/00: Tool for either attack or defense within an information warfare setting. Rather, it is a...

LPRng 3.6.24-1 Remote Root Exploit

Exploit for linux platform in category remote exploits ================================== LPRng 3.6.24-1 Remote Root Exploit ================================== / REMOTE ROOT EXPLOIT for linux x86 - LPRng-3.6.24-1 RedHat 7.0 The RedHat 7.0 replaced the BSD lpr with the LPRng package which is...

BFTPd vsprintf() Format Strings Exploit

Exploit for linux platform in category remote exploits ======================================= BFTPd vsprintf Format Strings Exploit ======================================= Copyright c 2000 - Security.is The following material may be freely redistributed, provided that the code or the disclaimer...

Solaris/SPARC 2.7 / 7 locale Format String Exploit

Exploit for solaris platform in category local exploits ================================================== Solaris/SPARC 2.7 / 7 locale Format String Exploit ================================================== / Exploit for the locale format string vulnerability in Solaris/SPARC 2.7 / 7 Based on t...

David Bagley xlock 4.16 - User Supplied Format String (2)

// source: https://www.securityfocus.com/bid/1585/info A vulnerability exists in versions of the xlockmore program, originally written by David Bagley. It is believed to affect all versions of xlock derived from xlockmore. This includes the xlock shipped with a number of popular operating systems...

Conectiva 4.x5.x Debian 2.x RedHat 6.x S.u.S.E 6.x7.0 Trustix 1.x - rpc.statd Remote Format String (3)

Conectiva 4.x5.x Debian 2.x RedHat 6.x S.u.S.E 6.x7.0 Trustix 1.x - rpc.statd Remote Format String 3 // source: https://www.securityfocus.com/bid/1480/info A vulnerability exists in the 'rpc.statd' program, which is part of the 'nfs-utils' package that is shipped with a number of popular Linux...

Conectiva 4.x/5.x / Debian 2.x / RedHat 6.x / S.u.S.E 6.x/7.0 / Trustix 1.x - rpc.statd Remote Format String (1)

// source: https://www.securityfocus.com/bid/1480/info A vulnerability exists in the 'rpc.statd' program, which is part of the 'nfs-utils' package that is shipped with a number of popular Linux distributions. Because of a format-string vulnerability when calling the 'syslog' function, a remote...

WU-FTPD 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (1)

// source: https://www.securityfocus.com/bid/1387/info Washington University ftp daemon wu-ftpd is a very popular unix ftp server shipped with many distributions of Linux and other UNIX operating systems. Wu-ftpd is vulnerable to a very serious remote attack in the SITE EXEC implementation. Becau...