webdesproxy 0.0.1 - exec-shield GET Remote Code Execution

webdesproxy 0.0.1 - exec-shield GET Remote Code Execution / Fedora Core 6 exec-shield based Webdesproxy webdesproxy-0.0.1.tgz remote root exploit reverse connect-back method by Xpl017Elz Advanced exploitation in exec-shield Fedora Core case study URL:...

WarFTP 1.65 (USER) Remote Buffer Overlow Exploit (multiple targets)

No description provided by source. include stdio.h include string.h include winsock.h define VULNSERVER "WAR-FTPD 1.65" define VULNCMD "x55x53x45x52x20" define ZERO 'x00' define NOP 'x90' define VULNBUFF 485...

WarFTP 1.65 - 'USER' Remote Buffer Overflow

include include include define VULNSERVER "WAR-FTPD 1.65" define VULNCMD "\x55\x53\x45\x52\x20" define ZERO '\x00' define NOP '\x90' define VULNBUFF 485 define BUFFREAD 128 define PORT 21 define LENJMPESP 4 / WARFTP - VERSION 1.65 WarFTP Username Stack-Based Buffer-Overflow Vulnerability...

QFTP (LIBFtp 3.1-1) (command line) sprintf() local buffer overflow

http://nbpfaus.net/pfau/ftplib/ qftp is a utility that performs file transfers using ftplib based on instructions presented on the command line. Description buffer overflow in sprintf, setumask don't check sizelen of passed argument. Source error in main: 337: case 'm' : setumaskoptarg; break;...

Mercury32 Mail Server 4.01b - check Buffer Overflow (PoC)

Mercury32 Mail Server 4.01b - check Buffer Overflow PoC !/usr/bin/perl mercurypown-v1.pl Mercury/32 Connected\n"; $buf = "1 LOGIN"." "x$LEN-$BUFLEN."\255\n"; sendSOCKET, $buf, 0; sleep$senddelay; print"- Sending payload\n"; $buf = $NOP x 255; sendSOCKET, $buf, 0; sleep$senddelay; print"- Sending...

Mercury/32 Mail Server <= 4.01b (check) Buffer Overflow Exploit PoC

No description provided by source. !/usr/bin/perl mercurypown-v1.pl Mercury/32 v4.01b win32 remote exploit by mu-b - 28 Nov 2006 - Tested on: Mercury/32 v4.01a win32 Mercury/32 v4.01b win32 Stack-based buffer overflow caused by Mercury/32 concatenating continuation data into a fixed sized buffer...

Buffer overflow

Buffer overflow in the t2pwritepdfstring function in tiff2pdf in libtiff 3.8.2 and earlier allows attackers to cause a denial of service crash and possibly execute arbitrary code via a TIFF file with a DocumentName tag that contains UTF-8 characters, which triggers the overflow when a character i...

CVE-2006-2193

Buffer overflow in the t2pwritepdfstring function in tiff2pdf in libtiff 3.8.2 and earlier allows attackers to cause a denial of service crash and possibly execute arbitrary code via a TIFF file with a DocumentName tag that contains UTF-8 characters, which triggers the overflow when a character i...

CVE-2006-2193

Buffer overflow in the t2pwritepdfstring function in tiff2pdf in libtiff 3.8.2 and earlier allows attackers to cause a denial of service crash and possibly execute arbitrary code via a TIFF file with a DocumentName tag that contains UTF-8 characters, which triggers the overflow when a character i...

CVE-2006-2193

Buffer overflow in the t2pwritepdfstring function in tiff2pdf in libtiff 3.8.2 and earlier allows attackers to cause a denial of service crash and possibly execute arbitrary code via a TIFF file with a DocumentName tag that contains UTF-8 characters, which triggers the overflow when a character i...

CVE-2005-4713

Unspecified vulnerability in the SQL logging facility in PAM-MySQL 0.6.x before 0.6.2 and 0.7.x before 0.7pre3 allows remote attackers to cause a denial of service segmentation fault via unspecified vectors, probably involving the pammysqlsqllog function when being used in vsftpd, which does not...

CVE-2005-4713

Unspecified vulnerability in the SQL logging facility in PAM-MySQL 0.6.x before 0.6.2 and 0.7.x before 0.7pre3 allows remote attackers to cause a denial of service segmentation fault via unspecified vectors, probably involving the pammysqlsqllog function when being used in vsftpd, which does not...

Fedora Core 3 : perl-5.8.5-22.FC3 (2005-1145)

o Updated upstream fix for sprintf integer overflow vulnerabilities CVE-2005-3962 and CVE-2005-3912, including new Sys::Syslog 0.08 o Updated fix for bug 136009 / MakeMaker LDRUNPATH issue: restore previous default Red Hat behavior of removing the MakeMaker generated LDRUNPATH setting from the li...

Perl programs providing user-controlled I/O format strings may contain format string vulnerabilities

Overview Programs written in Perl may contain many of the same types of format string vulnerabilities as programs written in C. Description Perl is a programming language used in many applications and commonly used for web applications. It provides many of the same functions for formatted I/O as ...

perl, webmin, usermin -- perl format string integer wrap vulnerability

The Perl Development page reports: Dyad Security recently released a security advisory explaining how in certain cases, a carefully crafted format string passed to sprintf can cause a buffer overflow. This buffer overflow can then be used by an attacker to execute code on the machine. This was...

[Full-disclosure] Buffer-overflow in Chris Moneymaker's World Poker Championship 1.0

Luigi Auriemma Application: Chris Moneymaker's World Poker Championship http://moneymakergaming.com Versions: 1.0 Platforms: Windows Bug: buffer-overflow Exploitation: remote, versus server Date: 17 Aug 2005 Author: Luigi Auriemma e-mail: [email protected] web: http://aluigi.altervista.org 1...

Star Wars Jedi Knight: Jedi Academy 1.0.11 - Buffer Overflow (PoC)

source: https://www.securityfocus.com/bid/12977/info A buffer overflow is present in Jedi Academy that can be exploited remotely by client systems. The overflow is due to the use of the sprintf function in a text visualization procedure, GPrintf. The attacker can exploit this vulnerability to...

cscope -- buffer overflow vulnerabilities

Jason Duell reports: Cscope contains an alarming number of buffer overflow vulnerabilities. By a rough count, there are at least 48 places where we blindly sprintf a file name into a fixed-length buffer of size PATHLEN without checking to see if the file's name is = PATHLEN. We do similar things...

British National Corpus SARA - Remote Buffer Overflow

source: https://www.securityfocus.com/bid/10984/info sarad is reported prone to a buffer overflow vulnerability. This issue presents itself due to insufficient sanitization of user-supplied data. A remote attacker can trigger the overflow condition by supplying a large string value to the...

Buffer overflow in Python code

Hi, I've found buffer overflow in Python 2.1.1 source code. Maybe there're many others The buffer overflow is in the file traceback.c in the directory Python of the Python source code. Simply there's a sprintf done in this way: sprintflinebuf,FMT,filename,lineno,name What cause the overflow is th...