Remote Exploitation of the NeoCoolcam IP Cameras and Gateway

Foreword The Internet of Connected Things has become a massive phenomenon during the past few years and will continue to grow at an incredible pace. More than 26 billion smart devices will be on the market by 2020, Gartner estimates. We’re looking at an explosive growth, as IoT opportunities...

File Upload Vulnerability in NetSense SecSSL VPN

Netnifty SecSSL VPN provides 2-in-1 VPN service and network firewall service based on SSL protocol + IPsec protocol, which provides security for data interaction. A file upload vulnerability exists in NetShen SecSSL VPN. An attacker can utilize the vulnerability to upload malicious script files o...

Apache Mina 2.0.13 - Remote Command Execution Exploit

Exploit for multiple platform in category remote exploits Source: https://remoteawesomethoughts.blogspot.com/2016/09/apache-mina-2013-remote-command.html Apache Mina 2.0.13 uses the OGNL library in the “IoSessionFinder” class. Its constructor takes into parameter one OGNL expression. Then this...

WordPress Plugin Mail Masta 1.0 - Local File Inclusion

WordPress Plugin Mail Masta 1.0 - Local File Inclusion + Date: 23-8-2016 + Autor Guillermo Garcia Marcos + Vendor: https://downloads.wordpress.org/plugin/mail-masta.zip + Title: Mail Masta WP Local File Inclusion + info: Local File Inclusion The File Inclusion vulnerability allows an attacker to...

CVE-2015-8702

The DNS::GetResult function in dns.cpp in InspIRCd before 2.0.19 allows remote DNS servers to cause a denial of service netsplit via an invalid character in a PTR response, as demonstrated by a "\032" whitespace character in a hostname...

CVE-2012-6700

The decodesearch function in dhcp.c in dhcpcd 3.x does not properly free allocated memory, which allows remote DHCP servers to cause a denial of service via a crafted response...

CVE-2012-6699

The decodesearch function in dhcp.c in dhcpcd 3.x allows remote DHCP servers to cause a denial of service out-of-bounds read via a crafted response...

MGASA-2016-0094 Updated samba packages fix security vulnerabilities

Updated ldb and samba packages fix security vulnerabilities: A malicious client can send packets that cause the LDAP server in the samba daemon process to become unresponsive, preventing the server from servicing any other requests CVE-2015-3223. Versions of Samba from 3.0.0 to 4.3.2 inclusive ar...

Acunetix 9.5 - OLE Automation Array Remote Code Execution

!/usr/bin/python import BaseHTTPServer, sys, socket Acunetix OLE Automation Array Remote Code Execution Author: Naser Farhadi Linkedin: http://ir.linkedin.com/pub/naser-farhadi/85/b3b/909 Date: 27 Mar 2015 Version: acunetix.exe Video: https://vid.me/SRCb class...

Maxthon Browser 1.x Content-Type Buffer Overflow Vulnerability

source: http://www.securityfocus.com/bid/30617/info Maxthon Browser is prone to a buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition...

CUPS Server <= 1.1 (Get Request) Denial of Service Exploit

No description provided by source. / dl-cups.c v0.1 CUPS server freeze and processor load fuckup exploit bug found and exploit coded by tracewar darklogic team for educaional purposes only. greetz goes to: setuid, matan. / include stdio.h include sys/types.h include sys/socket.h include...

Easy Ftp Server 1.7.0.2 - MKD Remote Post-Authentication BoF Exploit

No description provided by source. include stdio.h include stdlib.h include string.h include sys/socket.h include netinet/in.h // // EasyFtp Server v1.7.0.2 MKD Remote Post-Authentication BoF Exploit // 11470x90c.c // // Date: 24/03/2010 // Author: x90c x90c.org // // Discovered by: loneferret //...

CGIScript.NET csMailto Hidden Form Field Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4579/info CGIScript.NET csMailto is a Perl script designed to support multiple mailto: forms. A vulnerability has been reported in some versions of this script. Reportedly, configuration values used by the script are...

NConf 1.3 Arbitrary File Creation

No description provided by source. Exploit Title: nconf file read and wrtite exploit Date: 2013/1/20 Exploit Author: [email protected] Software Link: http://sourceforge.net/projects/nconf/files/nconf/ Version: nconf 1.3 Tested on: Server: Apache/2.2.15 Centos PHP/5.3.3 nconf can modify th...

textcounter.pl 1.2 Arbitrary Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2265/info textcounter.pl is distributed through Matt's Scripts archive, and provides added features to httpd servers such as counters, guestbooks, and http cookie management. Due to insufficient checking of entered...

TPTEST <= 3.1.7 Stack Buffer Overflow PoC

No description provided by source. !/usr/local/bin/perl TPTEST = 3.1.7 maby also 5.0.2? tptest.sourceforge.net stackbased buffer overflow poc in server client can also be exploit author: ffwd use IO::Socket;$host,$port=@ARGV; $rem=IO::Socket::INET-newProto=tcp,PeerAddr=$host,PeerPort=$port;...

NConf 1.3 - Arbitrary File Creation

Exploit Title: nconf file read and wrtite exploit Date: 2013/1/20 Exploit Author: haidao，[email protected] Software Link: http://sourceforge.net/projects/nconf/files/nconf/ Version: nconf 1.3 Tested on: Server: Apache/2.2.15 Centos PHP/5.3.3 nconf can modify the config file of nagios and save it...

Tiny Server 1.1.5 - Arbitrary File Disclosure

!/usr/bin/perl -w Title : Tiny Server v1.1.5 Arbitrary File Disclosure Exploit Author : KaHPeSeSe Test : PERFECT XP PC1 / SP3 Date : 15/03/2012 Thanks : exploit-db.com use LWP::Simple; use LWP::UserAgent; system'color','A'; system'cls'; print "\n\t\n"; print "\n\t....... Tiny Server v1.1.5...

CVE-2011-3211

The server in Bcfg2 1.1.2 and earlier, and 1.2 prerelease, allows remote attackers to execute arbitrary commands via shell metacharacters in data received from a client...

Golden FTP 4.70 PASS Overflow Exploit

Exploit for windows platform in category remote exploits !/usr/bin/python Exploit Title: GoldenFTP 4.70 PASS exploit Date: July 5, 2011 Author: Joff Thyer email protected / / Software Link: http://www.goldenftpserver.com/ Version: 4.70 Tested on: WinXP-SP0/SP2/SP3 CVE: 2006-6576 based on exploit...