17 matches found
Oracle Database 10.1 MDSYS.MD2.SDO_CODE_SIZE Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13145/info Oracle Database is reported prone to a buffer overflow vulnerability. Reportedly this issue affects the 'MDSYS.MD2.SDOCODESIZE' procedure. An attacker can supply excessive data to an affected routine resulting ...
AT-TFTP <= 1.9 (Long Filename) Remote Buffer Overflow Exploit
No description provided by source. !/usr/bin/perl -w acaroatjervus.it http://www.securityfocus.com/bid/21320 [email protected] is credited with the discovery of this vulnerability use IO::Socket; if!$ARGV1 print Uso: atftp-19.pl victim port\n\n; exit; $victim = IO::Socket::INET-newProto='udp',...
NetNote Server <= 2.2 build 230 - Crafted String DoS Exploit
No description provided by source. / NetNote Server v2.2 build 230, crafted string vulnerability. Poc included crash the server. Full disclosure and poc exploit by class101 at DFind.kd-team.com & n3ws at EFnet 13 november 2004 ------------------ WHAT IS NETNOTE ------------------ Homepage -...
Microsoft Windows nsum.exe服务远程栈溢出漏洞(MS10-025)
BUGTRAQ ID: 39356 CVE ID: CVE-2010-0478 Microsoft Windows是微软发布的非常流行的操作系统。 Windows媒体单播服务(nsum.exe)处理传输信息网络报文的方式存在栈溢出漏洞。远程攻击者可以通过向运行可选Windows Media Services组件(非默认安装)的Windows 2000 Server SP4系统发送畸形报文触发这个溢出,导致执行任意代码。 Microsoft Windows 2000 Server SP4 临时解决方法: 停止和禁用Windows媒体单播服务。 使用Windows组件向导卸载Windows...
Oracle Database Server <= 10.1.0.2 Buffer Overflow Exploit
No description provided by source. / Advanced SQL Injection in Oracle databases Exploit for the buffer overflow vulnerability in procedure MDSYS.MD2.SDOCODESIZE of Oracle Database Server version 10.1.0.2 under Windows 2000 Server SP4. Fixes available at http://metalink.oracle.com. The exploit...
HP OpenView Network Node Manager 07.50 - CGI Remote Buffer Overflow
HP OpenView Network Node Manager 07.50 - CGI Remote Buffer Overflow !/usr/bin/python HP OpenView Network Node Manager CGI Buffer Overflow Tested on NNM Release B.07.50 / Windows 2000 server SP4 http://www.zerodayinitiative.com/advisories/ZDI-07-071.html Coded by Mati Aharoni...
CVE-2007-3028
The LDAP service in Windows Active Directory in Microsoft Windows 2000 Server SP4 does not properly check "the number of convertible attributes", which allows remote attackers to cause a denial of service service unavailability via a crafted LDAP request, related to "client sent LDAP request...
Design/Logic Flaw
The LDAP service in Windows Active Directory in Microsoft Windows 2000 Server SP4 does not properly check "the number of convertible attributes", which allows remote attackers to cause a denial of service service unavailability via a crafted LDAP request, related to "client sent LDAP request...
efs20-remote.txt
!/usr/bin/python Remote exploit for Easy File Sharing FTP server V2.0. The vulnerability was discovered by h07 and a POC for windows XP SP2 polish version was provided. This exploit was tested on windows 2000 server SP4. The exploit binds a shell on TCP port 4444. Author shall bear no...
Helix Server 11.0.1 Remote Heap Overflow Exploit (win2k SP4)
Exploit for unknown platform in category remote exploits ============================================================ Helix Server 11.0.1 Remote Heap Overflow Exploit win2k SP4 ============================================================ /usr/bin/python Remote exploit for the vulnerability in Hel...
Mercur v5.0 IMAP SP3 SELECT Buffer Overflow
Mercur v5.0 IMAP server is prone to a remotely exploitable stack-based buffer overflow vulnerability. This issue is due to a failure of the application to properly bounds check user-supplied data prior to copying it to a fixed size memory buffer. Credit to Tim Taylor for discover the vulnerabilit...
Microsoft Windows - Wkssvc NetrJoinDomain2 Stack Overflow (MS06-070)
Microsoft Windows - Wkssvc NetrJoinDomain2 Stack Overflow MS06-070 / Microsoft Windows Wkssvc NetrJoinDomain2 Stack OverflowMS06-070 Exploit by cocoruderfrankruderathotmail.com,2006.11.15 page:http://ruder.cdut.net/default.asp Code fixed by S A Stevens - 17.11.2006 - changed shellcode, Changed co...
WorldMail-3.0.pl.txt
Eudora WorldMail 3.0 Windows 2000 Remote System Exploit November 2005 Tested on Windows 2000 Server SP4 infoATcom-winner.com http://www.com-winner.com http://www.com-winner.com/CWCOM/cwc-index/ use IO::Socket::INET; use strict; win32bind - EXITFUNC=seh LPORT=4444 Size=344 Encoder=PexFnstenvSub...
Watchfire AppScan QA 5.0.x - Remote Code Execution
Watchfire AppScan QA PoC - Coded by Mariano Nuñez Di Croce @ CYBSEC How to use: 1. Run this script to setup the fake web server. 2. Scan the server with AppScan QA, either in Interactive or Manual mode. 3. If you get an "You are vulnerable!" popup, you should upgrade inmediatly. PoC developed for...
MS Windows Metafile (mtNoObjects) Denial of Service Exploit (MS05-053)
No description provided by source. / Author: Winny Thomas Pune, INDIA The crafted metafile WMF from this code when viewed in explorer crashes it. The issue is seen when the field 'mtNoObjects' in the Metafile header is set to 0x0000. The code was tested on Windows 2000 server SP4. The issue does...
MS Windows Metafile (mtNoObjects) Denial of Service Exploit (MS05-053)
Exploit for unknown platform in category dos / poc ====================================================================== MS Windows Metafile mtNoObjects Denial of Service Exploit MS05-053 ====================================================================== / Author: Winny Thomas Pune, INDIA Th...
CVE-2005-0545
CVE-2005-0545 affects Microsoft Windows XP Pro SP2 and Windows 2000 Server SP4 in Active Directory environments. The issue allows local users to bypass group policies that restrict access to hidden drives by using Office 10 applications (Word/Excel) Browse feature or via a flash drive. The vulner...