2086 matches found
BulletProof FTP Client BPS Buffer Overflow Exploit
Exploit for windows platform in category local exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'BulletProof FTP Client BPS Buffer Overflow', 'Description' = %q This module...
i-FTP Schedule Buffer Overflow Exploit
This Metasploit module exploits a stack-based buffer overflow vulnerability in i-Ftp version 2.20, caused by a long time value set for scheduled download. By persuading the victim to place a specially-crafted Schedule.xml file in the i-FTP folder, a remote attacker could execute arbitrary code on...
Amazon Linux AMI : rpm (ALAS-2014-458)
It was found that RPM could encounter an integer overflow, leading to a stack-based overflow, while parsing a crafted CPIO header in the payload section of an RPM file. This could allow an attacker to modify signed RPM files in such a way that they would execute code chosen by the attacker during...
Important: rpm
Issue Overview: It was found that RPM could encounter an integer overflow, leading to a stack-based overflow, while parsing a crafted CPIO header in the payload section of an RPM file. This could allow an attacker to modify signed RPM files in such a way that they would execute code chosen by the...
UBUNTU-CVE-2014-8504
Stack-based buffer overflow in the srecscan function in bfd/srec.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service crash and possibly have other unspecified impact via a crafted file...
libvncserver: server stacked-based buffer overflow flaws in file transfer handling
Two stack-based buffer overflow flaws were found in the way LibVNCServer handled file transfers. A remote attacker could use this flaw to crash the VNC server using a malicious VNC client...
PT-2014-2598 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel versions 2.6.x through 3.x Description: The issue is a stack-based buffer overflow in the acdb ioctl function in audio acdb.c in the acdb audio driver. This allows attackers to gain privileges via an application that leverages...
Yokogawa Patches Buffer Overflow Bugs in ICS Gear
Vulnerabilities in production control system software used in manufacturing, energy and other critical industries worldwide have been patched by the vendor, an advisory from the Industrial Control System Cyber Emergency Response Team said. Yokogawa Electric Corp., of Japan patched critical buffer...
H-Sphere Webshell 2.4 - Local Root Exploit
No description provided by source. source: http://www.securityfocus.com/bid/6527/info A vulnerability has been discovered in H-Sphere Webshell. During the pre-authentication phase Webshell fails to perform sufficient bounds checking on user-supplied HTTP parameters. As a result, a malicious...
PSOProxy 0.91 Remote Buffer Overflow Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/9706/info It has been reported that PSOProxy is prone to a remote buffer overflow vulnerability. The issue is due to the insufficient boundary checking. A malicious user may exploit this condition to potentially corrupt...
marbles 1.0.1 - Local Home Environment Variable Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8710/info A problem in the handling of data in the Home environment variable has been reported in the marbles program. This may make it possible for a local attacker to gain elevated privileges. / c-marbles.c PoC exploit...
Cogent DataHub <= 7.1.1.63 Stack Overflow
No description provided by source. Luigi Auriemma Application: Cogent DataHub http://www.cogentdatahub.com/Products/CogentDataHub.html Versions: = 7.1.1.63 Platforms: Windows Bug: stack unicode overflow Exploitation: remote Date: 13 Sep 2011 Author: Luigi Auriemma e-mail: [email protected] web...
3Com TFTP Service <= 2.0.1 - Remote Buffer Overflow Exploit (meta)
No description provided by source. package Msf::Exploit::3comtftplongmode; use strict; use base Msf::Exploit; use Pex::Text; use IO::Socket; my $advanced = ; my $info = 'Name' = 'TFTP Server 3CTftpSvc Buffer Overflow Vulnerability', 'Version' = '$ 1.0 $', 'Authors' = 'Enseirb vincenty at...
Linux Kernel 2.6.x NETLINK_FIB_LOOKUP Local Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/23677/info The Linux kernel is prone to a denial-of-service vulnerability. This issue presents itself when a NETLINK message is misrouted. A local attacker may exploit this issue to trigger an infinite-recursion stack-bas...
Easy CD-DA Recorder - (PLS File) Buffer Overflow
No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::FILEFORMAT def initializeinfo =...
ghttpd 1.4.x Log() Function Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5960/info A buffer overflow has been reported in ghttpd which will allow arbitrary code to be executed with the privileges of the webserver. The overflow occurs when the argument to a 'GET' request is of excessive length...
Acunetix 8 build 20120704 - Remote Stack Based Overflow
No description provided by source. !/usr/bin/python Title: Acunetix Web Vulnerability Scanner Buffer Overflow Exploit Version: 8 Build: 20120704 Tested on: Windows XP SP2 en Vendor: http://www.acunetix.com/ Original Advisory: http://an7isec.blogspot.co.il/2014/04/pown-noobs-acunetix-0day.html...
WinZIP <= 10.0.7245 (FileView ActiveX) Remote Buffer Overflow Exploit
No description provided by source. / WinZip = 10.0.7245 FileView ActiveX buffer overflow exploit ============================================================ A vulnerability has been identified within Winzip that allows remote attackers to execute arbitrary code. User interaction is required to...
3CDaemon 2.0 - Buffer Overflow Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/4638/info 3CDaemon is an FTP server developed by Dan Gill of 3Com. Reportedly, it is possible to initiate a buffer overflow on a host running 3CDaemon. Submitting an unusually large amount of data to the ftp server, could...
IrfanView 4.33 Format PlugIn TTF File Parsing Stack Based Overflow
No description provided by source. Application: IrfanView 4.33 Format PlugIn TTF File Parsing Stack Based Overflow Plateform: Windows Exploitation: Remote code execution Secunia Number: SA49319 PRL: 2012-11 Author: Francis Provencher Protek Research Lab's Website: http://www.protekresearchlab.com...