AOL Instant Messenger AIM "Away" Message Remote Exploit

No description provided by source. / CAN-2004-0636 / / AIM Away Message Buffer Overflow Exploit Exploit by John Bissell A.K.A. HighT1mes Exploit: ======== drizzit.c Vulnerable Software: ==================== - AIM 5.5.3588 - AIM 5.5.3590 Beta - AIM 5.5.3591 - AIM 5.5.3595 and a couple others...

iDefense Security Advisory 06.14.11: Adobe Shockwave Lingo Script Opcodes Integer Signedness Vulnerability

iDefense Security Advisory 06.14.11 http://labs.idefense.com/intelligence/vulnerabilities/ Jun 14, 2011 I. BACKGROUND Adobe Shockwave Player is a popular Web browser plug-in. It is available for multiple Web browsers and platforms, including Windows, and MacOS. Shockwave Player enables Web browse...

iDefense Security Advisory 10.13.09: Adobe Acrobat and Reader U3D File Invalid Array Index Vulnerability

iDefense Security Advisory 10.13.09 http://labs.idefense.com/intelligence/vulnerabilities/ Oct 13, 2009 I. BACKGROUND Adobe Acrobat Reader/Acrobat are programs for viewing and editing Portable Document Format PDF documents. For more information, see the vendor's site found at the following link...

Microsoft Host Integration Server 2006 Command Execution Vulnerability

This module exploits a command-injection vulnerability in Microsoft Host Integration Server 2006. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Host Integration Server 2006 Command...

Mac OS X <= 10.3.8 (CF_CHARSET_PATH) Local Root Buffer Overflow

No description provided by source. / MacOS XCFCHARSETPATH: local root exploit. by: [email protected] fakehalo/realhalo found by: iDefense anon finder saw the advisory on bugtraq and figured i'd slap this together, so simple i had to. exploits via the /usr/bin/su binary. you must press ENTER at the...

installshield-overflow.txt

The InstallShield Update Service Web Agent version 5.1.100.47363 suffers from an exploitable buffer overflow in the ProductCode parameter of the DownloadAndExecute function. This object is marked safe for scripting. Note that this issue appears to different from...

timbuktu_sploit.txt

!/usr/bin/perl ooOOooOOooOOooOOooOOooOOooOOooOOooOOooOOooOOooOOooOO Timbuktu Pro 8.6.3 Arbitrary File Deletion/Creation Bug & Exploit by titon titonatbastardlabsdotcom Advisory: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=590 Copyright: c2007 BastardLabs...

[Full-disclosure] iDefense Security Advisory 07.11.07: Apple QuickTime SMIL File Processing Integer Overflow Vulnerability

Apple QuickTime SMIL File Processing Integer Overflow Vulnerability iDefense Security Advisory 07.11.07 http://labs.idefense.com/intelligence/vulnerabilities/ Jul 11, 2007 I. BACKGROUND QuickTime is Apple's media player product used to render video and other media. For more information visit...

Malicious torrent files can execute arbitrary code in Opera – Opera Security Advisories

Malicious torrent files can execute arbitrary code in Opera – Opera Security Advisories OPCOM Team | May 24, 2007 Summary A malicious torrent file can cause Opera to execute arbitrary code. Severity: Highly critical Problem description A specially crafted torrent file can cause a buffer overflow ...

[Full-disclosure] iDefense Security Advisory 04.03.07: Multiple Vendor X Server XC-MISC Extension Memory Corruption Vulnerability

Multiple Vendor X Server XC-MISC Extension Memory Corruption Vulnerability iDefense Security Advisory 04.03.07 http://labs.idefense.com/intelligence/vulnerabilities/ Apr 03, 2007 I. BACKGROUND The X Window System or X11 is a graphical windowing system used on Unix-like systems. It is based on a...

iDefense Security Advisory 03.07.07: Ipswitch IMail Server 2006 Multiple ActiveX Control Buffer Overflow Vulnerabilities

Ipswitch IMail Server 2006 Multiple ActiveX Control Buffer Overflow Vulnerabilities iDefense Security Advisory 03.07.07 http://labs.idefense.com/intelligence/vulnerabilities/ Mar 07, 2007 I. BACKGROUND Ipswitch Inc.'s IMail Server is an email server aimed at providing easy to configure and mainta...

iDefense Security Advisory 02.07.07: Trend Micro TmComm Local Privilege Escalation Vulnerability

Trend Micro TmComm Local Privilege Escalation Vulnerability iDefense Security Advisory 02.07.07 http://labs.idefense.com/intelligence/vulnerabilities/ Feb 07, 2007 I. BACKGROUND The Trend Micro AntiVirus scan engine is widely relied upon to provide AntiVirus capabilities to desktop, server, and...

BrightStor ARCserve Universal Agent buffer overflow

Added: 08/07/2006 CVE: CVE-2005-1018 BID: 13102 OSVDB: 15471 Background The BrightStor ARCserve Backup family of products includes a Universal Agent which listens for connections on port 6050/TCP. Problem A buffer overflow in the Universal Agent allows remote attackers to execute arbitrary comman...

Trend Micro ServerProtect Management Console isaNVWRequest.dll chunked POST buffer overflow

Added: 01/24/2006 CVE: CVE-2005-1929 BID: 15865 OSVDB: 21771 Background ServerProtect is a virus scanner for servers. Problem A buffer overflow in ServerProtect Management Console could allow a remote attacker to execute commands using a chunked POST request to isaNVWRequest.dll. Resolution Use t...

Trend Micro ServerProtect Management Console isaNVWRequest.dll chunked POST buffer overflow

Added: 01/24/2006 CVE: CVE-2005-1929 BID: 15865 OSVDB: 21771 Background ServerProtect is a virus scanner for servers. Problem A buffer overflow in ServerProtect Management Console could allow a remote attacker to execute commands using a chunked POST request to isaNVWRequest.dll. Resolution Use t...

linux-realplayer -- RealText parsing heap overflow

An iDEFENSE Security Advisory reports: Remote exploitation of a heap-based buffer overflow vulnerability in the RealText file format parser within various versions of RealNetworks Inc.'s RealPlayer could allow attackers to execute arbitrary code...

Exim <= 4.41 dns_build_reverse Local Exploit

No description provided by source. / ripped straight off iDEFENSE advisory - so lazy I just picked up GDB... bored on a weeknight : nothing to write home to mother about due to the fact that you need a local user account on a server and all you get is to read other people's emails .... not even m...

Exim 4.41 - 'dns_build_reverse' Local Read Emails

/ ripped straight off iDEFENSE advisory - so lazy I just picked up GDB... bored on a weeknight : nothing to write home to mother about due to the fact that you need a local user account on a server and all you get is to read other people's emails .... not even my own shellcode. aleph1 shellcode -...

exim.pl.txt

This proof-of-concept demonstrates the existence of the vulnerability reported by iDEFENSE iDEFENSE Security Advisory 01.14.05. In this report it was explained that a sequence like the one below did overflowed some internal buffer: /usr/bin/exim -bh ::%Aperl -e 'print pack'L',0xdeadbeef x 256' It...

Exim 4.41 - 'dns_build_reverse' Local Buffer Overflow

/ This proof-of-concept demonstrates the existence of the vulnerability reported by iDEFENSE iDEFENSE Security Advisory 01.14.05. It has been tested against exim-4.41 under Debian GNU/Linux. Note that setuid is not included in the shellcode to avoid script-kidding. My RET is 0xbffffae4, but fb.pl...