16 matches found
gpsdrive <= 2.09 (friendsd2) Remote Format String Exploit (x86)
No description provided by source. !/usr/bin/perl -w Code by KF, although it is most likely ripped from John H. kflistsatdigitalmunitiondotcom http://www.digitalmunition.com FrSIRT 24/24 & 7/7 - Centre de Recherche on Donkey Testicles. Free 14 day Testicle licking trial available! friendsd.c:367:...
GoodTech SSH Server SFTP Multiple BOF Vulnerabilities
The host is running GoodTech SSH server and is prone to multiple buffer overflow vulnerabilities. The flaws are due to error in SFTP 'open', 'opendir', and 'unlink' commands. This can be exploited by passing overly long string argument. OpenVAS Vulnerability Test $Id:...
Microsoft Access Snapshot Viewer ActiveX Control Vulnerability
Microsoft Access Snapshot in Microsoft Office Access is prone to ActiveX control vulnerabilities. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...
blazedvd_bof.pl.txt
!/usr/bin/perl Title: BlazeDVD 5.0 PLF Playlist File Remote Buffer Overflow Exploit PoC Summary: BlazeDVD is leading powerful and easy-to-use DVD player software. It can provide superior video and audioDolby quality, together with other enhanced features:e.g. recording DVD,playback image and...
MS Internet Explorer (javaprxy.dll) COM Object Remote Exploit
No description provided by source. !-- update frsirt updated the comments to reflect skylined's code + gpl. /str0ke Perl code is commented so people can test the vuln on their IE /str0ke !/usr/bin/perl Microsoft Internet Explorer "javaprxy.dll" COM Object Exploit -Unpatched- Proof of Concept by t...
VUPlayer malformed playlist buffer overflow
Overview VUPlayer fails to properly handle malformed playlists. This vulnerability may allow a remote attacker to execute arbitrary code. Description VUPlayer is a freeware audio player for the Microsoft Windows platform. It can play various types of media files, such as MP3s. A Playlist .PLS or...
Immunity Canvas: WPFLASH_INCLUDE
Name| wpflashinclude ---|--- CVE| CVE-2007-2485 Exploit Pack| CANVAS Description| Wordpress plugin myflash Remote File Inclusion Notes| CVE Name: CVE-2007-2485 VENDOR: WordPress Repeatability: Infinite References: http://www.frsirt.com/english/advisories/2007/1616 CVE Url:...
PHP <= 5.2.1 wbmp file handling integer overflow
There is an integer overflow in PHP in ext/gd/libgd/wbmp.c in the function readwbmp. If large enough values are specified for wbmp image height and/or width, so that widthheight 2^32, an integer overflow occurs on the following line if wbmp-bitmap = int safeemallocwbmp-width wbmp-height, sizeofin...
proftpd -- Remote Code Execution Vulnerability
FrSIRT reports: A vulnerability has been identified in ProFTPD, which could be exploited by attackers to cause a denial of service or execute arbitrary commands. This flaw is due to a buffer overflow error in the "main.c" file where the "cmdbufsize" size of the buffer used to handle FTP commands...
freeSSHd <= 1.0.9 Key Exchange Algorithm Buffer Overflow Exploit
Exploit for unknown platform in category remote exploits ================================================================ freeSSHd = 1.0.9 Key Exchange Algorithm Buffer Overflow Exploit ================================================================ !/usr/bin/env python """ Coded by Tauqeer Ahma...
ShoutLIVE 1.1.0 - savesettings.php Remote Code Execution
ShoutLIVE 1.1.0 - savesettings.php Remote Code Execution !/usr/bin/perl ShoutLIVE | +---------------------------------------------+ | Coded by DarkFig | +------------------+ ";exit sub headers print "\n +----------------------------------------------+ | ShoutLIVE "$host", PeerPort = "80", Proto =...
gpsdrive <= 2.09 (friendsd2) Remote Format String Exploit (ppc)
Exploit for linux platform in category remote exploits =============================================================== gpsdrive = 2.09 friendsd2 Remote Format String Exploit ppc =============================================================== !/usr/bin/perl -w Heh - Code by KF...
[Full-disclosure] COM objects and MSIE vulnerabilities recap + additional fix
Disclaimer: The information in this email is distributed WITHOUT ANY WARRANTY, TO THE EXTENT PERMITTED BY APPLICABLE LAW; without even the implied warranty of CORRECTNESS or FITNESS FOR A PARTICULAR PURPOSE. You know the drill... Affected products: Various COM objects when loaded in Microsoft...
iejavaprxyexploit.pl.txt
Microsoft Internet Explorer "javaprxy.dll" COM Object Exploit Unpatched Advisory : FrSIRT/ADV-2005-0935 Rated as : Critical Status : Unpatched Code : http://www.frsirt.com/exploits/20050702.iejavaprxyexploit.pl.php !/usr/bin/perl Microsoft Internet Explorer "javaprxy.dll" COM Object Exploit...
Microsoft Internet Explorer - javaprxy.dll COM Object Remote Overflow
Microsoft Internet Explorer - javaprxy.dll COM Object Remote Overflow Bindshell on port 28876 - Based on Berend-Jan Wever's IE exploit 01 July 2005 Description - http://www.frsirt.com/english/advisories/2005/0935 Workarounds - http://www.microsoft.com/technet/security/advisory/903144.mspx...
Microsoft Internet Explorer - 'javaprxy.dll' COM Object Remote Overflow
Bindshell on port 28876 - Based on Berend-Jan Wever's IE exploit 01 July 2005 Description - http://www.frsirt.com/english/advisories/2005/0935 Workarounds - http://www.microsoft.com/technet/security/advisory/903144.mspx sec-consult - http://www.sec-consult.com/184.html Solution : Set Internet and...