Acoustica MP3 CD Burner 4.32 - Local Buffer Overflow (PoC)

Acoustica MP3 CD Burner 4.32 - Local Buffer Overflow PoC / Credit's to n00b for finding this bug and poc.. Acoustica MP3 CD Burner 4.32 local buffer-overflow poc code. Date : May 31'st 2007 Tested:On win xp sp 2. Acoustica Is prone to a buffer-overflow when parasing a .asx playlist file If you ca...

Acoustica MP3 CD Burner 4.32 - Local Buffer Overflow (PoC)

/ Credit's to n00b for finding this bug and poc.. Acoustica MP3 CD Burner 4.32 local buffer-overflow poc code. Date : May 31'st 2007 Tested:On win xp sp 2. Acoustica Is prone to a buffer-overflow when parasing a .asx playlist file If you can entice some one to open a specialy crafted .asx play li...

ultra-noob.txt

/ Date : May 28th 2007. UltraISO executes calc.Don't forget you need to have the bin and cue file in the same Directory special thanks to Thomas Pollet also. / include include //Calc shellcode unsigned char shellcode = "\xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff\x4f\x49\x49\x49\x49\x49"...

UltraISO 8.6.2.2011 - .cue.bin Local Buffer Overflow (1)

UltraISO 8.6.2.2011 - .cue.bin Local Buffer Overflow 1 / Date : May 28th 2007. UltraISO executes calc.Don't forget you need to have the bin and cue file in the same Directory special thanks to Thomas Pollet also. / include include //Calc shellcode unsigned char shellcode =...

GLSA-200703-11 : Amarok: User-assisted remote execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-200703-11 Amarok: User-assisted remote execution of arbitrary code The Magnatune downloader doesn't quote the 'mcurrentAlbumFileName' parameter while calling the 'unzip' shell command. Impact : A compromised or malicious Magnatune...

PHP Rapid Kill All Version File Injection

Discovered By:Null PHP Rapid Kill All Version File Injection U Can Upload Your Shell Code To Rapidshare.de and then copy link to the Link to Download text box of the web app then your shell Uploaded To this URL www.site.com/rapidpath/yourfile.php Download App:http://www.filefactory.com/file/f1486...

Internet Explorer Heap Spray Shell Code Execution (MS06-055 MS06-067; CVE-2006-4446; CVE-2006-4777; CVE-2006-4868; CVE-2009-2991)

Heap spraying is a new and increasingly popular technique to exploit vulnerabilities in Internet browsers. Heap spraying is used by attackers to implant a shell code on a target system. Shell code is a piece of executable code that opens a command shell that the attacker can control remotely...

Apple Mac OSX 10.4.7 - Mach Exception Handling Privilege Escalation

Apple Mac OSX 10.4.7 - Mach Exception Handling Privilege Escalation / excploit.c - 28 Nov 2005 - [email protected] Exploitable Mach Exception Handling Affected: Mac OS X 10.4.6 darwin 8.6.0 and older When a process executes a setuid executable, all existing rights to the task port are...

PlumeCMS_1.1.10.txt

Vendor: Plume CMS 1.1.10 Found By : D3nGeR Scripit Site : http://plume-cms.net in file prepend.php ; includeonce $PXconfig'managerpath'.'/inc/class.config.php' code http://site.com/pathmanager/frontinc/prepend.php?PXconfigmanagerpath=shell code...

exV2 <= 2.0.4.3 extract() Remote Command Execution Exploit

Exploit for unknown platform in category web applications ========================================================== exV2 = 2.0.4.3 extract Remote Command Execution Exploit ========================================================== !/usr/bin/php -q -d shortopentag=on ? printr'...

hoagie_php_sscanf.txt

? / hoagiephpsscanf.php PHP = 4.4.3 / 5.1.4 local buffer overflow exploit howto get offsets: set $baseaddr to 0x41414141 ulimit -c 20000 /etc/init.d/apache restart execute script via web browser tail /var/log/apache/error.log ... Wed Aug 16 15:07:10 2006 notice child pid 28222 exit signal...

PHP 4.4.35.1.4 - sscanf Local Buffer Overflow

PHP 4.4.35.1.4 - sscanf Local Buffer Overflow ? / hoagiephpsscanf.php PHP = 4.4.3 / 5.1.4 local buffer overflow exploit howto get offsets: set $baseaddr to 0x41414141 ulimit -c 20000 /etc/init.d/apache restart execute script via web browser tail /var/log/apache/error.log ... Wed Aug 16 15:07:10...

VWar 1.5 - news.php?vwar_root Remote File Inclusion

VWar 1.5 - news.php?vwarroot Remote File Inclusion source: https://www.securityfocus.com/bid/19387/info VWar is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrar...

Linux Kernel 2.6.17.4 - &#039;proc&#039; Local Privilege Escalation

/ Author: h00lyshit Vulnerable: Linux 2.6 ALL Type of Vulnerability: Local Race Tested On : various distros Vendor Status: unknown Disclaimer: In no event shall the author be liable for any damages whatsoever arising out of or in connection with the use or spread of this information. Any use of...

DEBIAN-CVE-2006-3407

Tor before 0.1.1.20 allows remote attackers to spoof log entries or possibly execute shell code via strings with non-printable characters...

CVE-2006-3407

Tor before 0.1.1.20 allows remote attackers to spoof log entries or possibly execute shell code via strings with non-printable characters...

CVE-2006-3407

Tor before 0.1.1.20 allows remote attackers to spoof log entries or possibly execute shell code via strings with non-printable characters...

CVE-2006-3407

CVE-2006-3407 affects Tor before 0.1.1.20. The vulnerability allows remote attackers to spoof log entries or possibly execute shell code by supplying strings containing non-printable characters. The initial description documents these capabilities as the reported impact. Connected sources confirm...

CVE-2006-3407

Tor before 0.1.1.20 allows remote attackers to spoof log entries or possibly execute shell code via strings with non-printable characters...

Microsoft Windows XP/2000 - &#039;Mrxsmb.sys&#039; Local Privilege Escalation (MS06-030)

/////////////////////////////////////////////////////////////////////////////////////// // Mrxsmb.sys XP & 2K Ring0 Exploit 6/12/2005 // Tested on XP SP2 && 2K SP4 // Disable ReadOnly Memory protection // HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\EnforceWriteProtecti...