Stream / Raped Denial of Service Attack (win version)

Exploit for multiple platform in category dos / poc ===================================================== Stream / Raped Denial of Service Attack win version ===================================================== / Straped 1.0 author: Marco Del Percio 20/05/2005 Remember: this is a mulithreaded...

Stream Raped (Windows) - Denial of Service

Stream Raped Windows - Denial of Service / Straped 1.0 author: Marco Del Percio 20/05/2005 Remember: this is a mulithreaded program! MSVC++ compile with /MT. Remember: This program requires raw socket support! You can't use it on Windows XP SP2 and if you've done MS05-019 update you'll have to...

Stream / Raped (Windows) - Denial of Service

/ Straped 1.0 author: Marco Del Percio 20/05/2005 Remember: this is a mulithreaded program! MSVC++ compile with /MT. Remember: This program requires raw socket support! You can't use it on Windows XP SP2 and if you've done MS05-019 update you'll have to re-enable raw socket support! If you still...

traceSolaris.txt

/usr/sbin/traceroute from Solaris 10 is vulnerable to buffer overflow in handling -g argument. After supplying 10 -g parameters, return address is overwritten by IP address argument: atari:root:/home/venglin /usr/sbin/traceroute -g 1 -g 2 -g 3 -g 4 -g 5 -g 6 -g 7 -g 8 -g 9 -g 10 127.0.0.1...

CVE-2004-1224

Off-by-one error in the mtrcurseskeyaction function for mtr 0.55 through 0.65 allows local users to hijack raw sockets, as demonstrated using the "s" keybinding, which leaves a buffer without a NULL terminator...

CVE-2004-1224

Off-by-one error in the mtrcurseskeyaction function for mtr 0.55 through 0.65 allows local users to hijack raw sockets, as demonstrated using the "s" keybinding, which leaves a buffer without a NULL terminator...

CVE-2004-1224

Off-by-one error in the mtrcurseskeyaction function for mtr 0.55 through 0.65 allows local users to hijack raw sockets, as demonstrated using the "s" keybinding, which leaves a buffer without a NULL terminator...

CVE-2004-1224

The CVE-2004-1224 entry concerns an off-by-one in the mtr_curses_keyaction function affecting MTR versions 0.55–0.65. This flaw can allow local attackers to hijack raw sockets via the 's' keybinding, leaving a buffer without a NULL terminator. Affected products are multiple CVE trackers (NVD, OSV...

CVE-2004-1224

Off-by-one error in the mtrcurseskeyaction function for mtr 0.55 through 0.65 allows local users to hijack raw sockets, as demonstrated using the "s" keybinding, which leaves a buffer without a NULL terminator...

Debian DSA-124-1 : mtr - buffer overflow

The authors of mtr released a new upstream version, noting a non-exploitable buffer overflow in their ChangeLog. Przemyslaw Frasunek, however, found an easy way to exploit this bug, which allows an attacker to gain access to the raw socket, which makes IP spoofing and other malicious network...

CVE-2002-0497

Buffer overflow in mtr 0.46 and earlier, when installed setuid root, allows local users to access a raw socket via a long MTROPTIONS environment variable...

CVE-2002-0497

CVE-2002-0497 describes a buffer overflow in mtr versions 0.46 and earlier when installed setuid root, allowing local users to access a raw socket via a long MTR_OPTIONS environment variable. The vulnerability is documented across multiple sources (Red Hat, Debian, NVD, CVE listings) and affects ...

CVE-2002-1247

Buffer overflow in LISa allows local users to gain access to a raw socket via a long LOGNAME environment variable for the resLISa daemon...

CVE-2002-1247

Buffer overflow in LISa/LISa-derived resLISa (KDE LAN browsing) allows local users to exploit through an overly long LOGNAME environment variable, enabling control of the resLISa process or related access. The vulnerability is triggered during parsing of LOGNAME, and exposed both in LISa and its ...

CVE-2002-1247

Buffer overflow in LISa allows local users to gain access to a raw socket via a long LOGNAME environment variable for the resLISa daemon...

CVE-2000-1213

ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, does not drop privileges after acquiring a raw socket, which increases ping's exposure to bugs that otherwise would occur at lower privileges...

CVE-2000-1213

The CVE-2000-1213 entry concerns ping (iputils) before 20001010, distributed on Red Hat Linux 6.2–7J and other OSes. The root cause is that ping fails to drop privileges after acquiring a raw socket, increasing exposure to bugs that would occur at lower privileges. The vulnerability is tied to th...

CVE-2002-0497

Buffer overflow in mtr 0.46 and earlier, when installed setuid root, allows local users to access a raw socket via a long MTROPTIONS environment variable...

Переполнение буфера в mtr (buffer overflow)

Переполнение буфера в suid-приложении дает возможность использования RAW-сокета...

mtr 0.45, 0.46

Few days ago, a new version of mtr has been released. Authors wrote in CHANGELOG, that they fixed a non-exploitable buffer overflow. In fact, this vulnerability is very easly exploitable and allows attacker to gain access to raw socket, which makes possible ip spoofing and other malicious network...