5177 matches found
linux/x86 execve /bin/sh setreuid(12,12) 50 bytes
Exploit for linux/x86 platform in category shellcode ================================================= linux/x86 execve /bin/sh setreuid12,12 50 bytes ================================================= / Linux/x86 An example of setregid, execve /bin/sh I used this in practise, hence the setregid12...
WFTPD Pro Server 3.21 MLST Remote Denial of Service Exploit
Exploit for unknown platform in category dos / poc =========================================================== WFTPD Pro Server 3.21 MLST Remote Denial of Service Exploit =========================================================== /...
CesarFTP Server - Long Command Denial of Service
/ ----------------------------------------------------------------------- cesarftp.c - Cesar FTP Server Long Command DoS Exploit Copyright C 2000-2004 HUC All Rights Reserved. Author : lion : [email protected] : http://www.cnhonker.com Date : 2004-08-30...
Titan FTP Server - Long Command Heap Overflow
Titan FTP Server - Long Command Heap Overflow / ----------------------------------------------------------------------- titanftp.c - TiTan FTP Server Long Command Heap Overflow PoC Exploit Copyright C 2000-2004 HUC All Rights Reserved. Author : lion : lion cnhonker net : www cnhonker com Date :...
CVE-2004-0435
Certain "programming errors" in the msync system call for FreeBSD 5.2.1 and earlier, and 4.10 and earlier, do not properly handle the MSINVALIDATE operation, which leads to cache consistency problems that allow a local user to prevent certain changes to files from being committed to disk...
Apache HTTPd Arbitrary Long HTTP Headers DoS (c version)
No description provided by source. include include include include include include include include include define A 0x41 define PORT 80 struct sockaddrin hrm; int connchar ip int sockfd; hrm.sinfamily = AFINET; hrm.sinport = htonsPORT; hrm.sinaddr.saddr = inetaddrip; bzero&hrm.sinzero,8;...
Apache HTTPd Arbitrary Long HTTP Headers DoS (c version)
Exploit for linux platform in category dos / poc ======================================================== Apache HTTPd Arbitrary Long HTTP Headers DoS c version ======================================================== include include include include include include include include include define ...
SUSE-SA:2002:036: mod_php4
The remote host is missing the patch for the advisory SUSE-SA:2002:036 modphp4. PHP is a well known and widely used web programming language. If a PHP script runs in 'safe mode' several restrictions are applied to it including limits on execution of external programs. An attacker can pass shell...
FreeBSD : SA-04:11.msync
The remote host is running a version of FreeBSD which contains a programming error in the msync2 system call which may let a local user with read access to a given file to forbid any change to this file to be written to disk. C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0;...
FreeBSD : SA-04:13.linux
The remote host is running a version of the FreeBSD kernel which contains a programming error in the way it handles some Linux system calls, which may be exploited by an attacker to gain super-user privileges on the remote host, or to crash it. C Tenable Network Security, Inc. if !...
BryanFTPD ADVISORY
--------------------- BryanFTPD v. 1.0 Buffer Overflow -------------------- RUSSIAN ADVISORY АВТОР: D4rk Eagle [email protected] ОПИСАНИЕ: ------------------------------------------------------------------------- | FTP Server | | | | By: Bryan Cairns | | | | This is an ecapsulation of the ICS -...
Isoqlog-2.2-Beta buffer overflow
+----- Software -----+ Isoqlog is an MTA log analysis program written in C . it designed to scan qmail, postfix, sendmail, exim logfile and produce usage statistics in HTML format. for viewing through a browser. It produces Top domains output according to Incoming , Outgoing , total mails and...
cvs pserver remote heap buffer overflow
Due to a programming error in code used to parse data received from the client, malformed data can cause a heap buffer to overflow, allowing the client to overwrite arbitrary portions of the server's memory. A malicious CVS client can exploit this to run arbitrary code on the server at the...
buffer cache invalidation implementation issues
Programming errors in the implementation of the msync2 system call involving the MSINVALIDATE operation lead to cache consistency problems between the virtual memory system and on-disk contents. In some situations, a user with read access to a file may be able to prevent changes to that file from...
Microsoft Windows XP2000 - TCP Connection Reset
Microsoft Windows XP2000 - TCP Connection Reset AFX TCP Reset by Aphex http://www.iamaphex.cjb.net [email protected] Compile with Delphi 5/6/7 program Project1; $APPTYPE CONSOLE uses Windows; type TBufferArray = array0..65535 of byte; type iph = record ipverlen: byte; iptos: byte; iplen: word;...
Microsoft Windows XP/2000 - TCP Connection Reset
AFX TCP Reset by Aphex http://www.iamaphex.cjb.net [email protected] Compile with Delphi 5/6/7 program Project1; $APPTYPE CONSOLE uses Windows; type TBufferArray = array0..65535 of byte; type iph = record ipverlen: byte; iptos: byte; iplen: word; ipid: word; ipoffset: word; ipttl: byte;...
CVS path validation errors
Two programming errors were discovered in which path names handled by CVS were not properly validated. In one case, the CVS client accepts absolute path names from the server when determining which files to update. In another case, the CVS server accepts relative path names from the client when...
Invision Gallery 1.0.1 - SQL Injection
Invision Gallery 1.0.1 - SQL Injection Invision Power Top Site List SQL Injection Vendor: Invision Power Services Product: Invision Power Top Site List Version: = 1.1 RC 2 Website: http://www.invisiontsl.com/ BID: 9945 Description: Invision Power Top Site List is a flexible site ranking script...
Apache 1.3 IP address access control failure on some 64-bit platforms
Henning Brauer discovered a programming error in Apache 1.3's modaccess that results in the netmasks in IP address access control rules being interpreted incorrectly on 64-bit, big-endian platforms. In some cases, this could cause a deny from' IP address access control rule including a netmask to...
FreeBSD Security Advisory FreeBSD-SA-04:03.jail
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:03.jail Security Advisory The FreeBSD Project Topic: Jailed processes can attach to other jails Category: core Module: kernel Announced: 2004-02-25 Credits: JA...