409 matches found
Enhanced CTorrent / dtorrent "btFiles::BuildFromMI()"缓冲区溢出漏洞
CNCAN ID:CNCAN-2009042102 Enhanced CTorrent是一款UNIX环境下的Bittorrent客户端。 Enhanced CTorrent存在缓冲区溢出,远程攻击者可以利用漏洞以应用程序权限执行任意指令。 btfiles.cpp包含的"btFiles::BuildFromMI"函数存在边界错误,诱使用户打开特殊构建的torrent文件,可导致触发基于栈的缓冲区溢出,可能以应用程序权限执行任意指令。 Enhanced CTorrent 3.x 目前没有解决方案提供: http://sourceforge.net/projects/dtorrent/...
cTorrent/DTorrent Buffer Overflow
!/usr/bin/python Written By Michael Brooks 04/17/2009 Stack Based Buffer Overflow The vulnerability is in the btFiles::BuildFromMI function inside the btfiles.cpp file Exploit tested on cTorrent 1.3.4 using Debian Sarge using Linux kernel 2.4.27-3-386 Can't get the exploit working on a modern lin...
eZip Buffer Overflow Vulnerability
eZip Wizard is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
BreakPoint Software, Hex Workshop Buffer Overflow vulnerability
This host has Hex Workshop installed and is prone to Stack based Buffer Overflow vulnerability. OpenVAS Vulnerability Test $Id: gbbpsofthexworkshopbofvuln.nasl 4865 2016-12-28 16:16:43Z teissa $ BreakPoint Software, Hex Workshop Buffer Overflow vulnerability Authors: Nikita MR Copyright: Copyrigh...
W3C Amaya Multiple Buffer Overflow Vulnerabilities - Dec08 (Windows)
This host is installed with W3C Amaya Web Browser and is prone to Multiple Stack based Buffer Overflow Vulnerabilities. OpenVAS Vulnerability Test $Id: gbw3camayamultbofvulndec08win.nasl 5370 2017-02-20 15:24:26Z cfi $ W3C Amaya Multiple Buffer Overflow Vulnerabilities - Dec08 Windows Authors:...
vlcrt-overflow.txt
!/usr/bin/perl VLC Media Player This should work on a fully up-to-date Windows XP SP3. If you want it to work on your OS version, just find a "jmp esp" address in one of the dlls loaded with VLC :. Have fun. Remember that VLC will open the file .rt automatically with a video of the same name...
VideoLAN VLC Media Player < 0.9.6 - '.rt' Local Stack Buffer Overflow
!/usr/bin/perl VLC Media Player This should work on a fully up-to-date Windows XP SP3. If you want it to work on your OS version, just find a "jmp esp" address in one of the dlls loaded with VLC :. Have fun. Remember that VLC will open the file .rt automatically with a video of the same name...
VLC Media Player < 0.9.6 .RT Stack Buffer Overflow Exploit
No description provided by source. !/usr/bin/perl VLC Media Player 0.9.6 .RT File Buffer Overflow Stack Based --------------------------------------------------------------- Exploit by SkD [email protected] This should work on a fully up-to-date Windows XP SP3. If you want it to work on your OS...
VLC Media Player < 0.9.6 .RT Stack Buffer Overflow Exploit
Exploit for unknown platform in category local exploits ========================================================== VLC Media Player This should work on a fully up-to-date Windows XP SP3. If you want it to work on your OS version, just find a "jmp esp" address in one of the dlls loaded with VLC :...
Anzio Web Print Object ActiveX Control Remote BOF Vulnerability
The host is running Anzio, which is prone to a heap-based buffer overflow vulnerability. OpenVAS Vulnerability Test $Id: secpodanziowebprintobjbofvuln900115.nasl 5370 2017-02-20 15:24:26Z cfi $ Description: Anzio Web Print Object ActiveX Control Remote BOF Vulnerability Authors: Sharath S...
Anzio Web Print Object ActiveX Control Remote BOF Vulnerability
Anzio is prone to a heap-based buffer overflow vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Buffer-overflow and format string in VideoLAN VLC 0.8.6d
Luigi Auriemma Application: VideoLAN VLC http://www.videolan.org Versions: = 0.8.6d Platforms: Windows, Mac, BSD, nix and more Bugs: A buffer-overflow in the handling of the subtitles originally found by Michal Luczaj B format string in the web interface Exploitation: A local B remote Date: 24 De...
Oracle Jinitiator ActiveX buffer overflow
Multiple stack based buffer overflows...
PHP msql_connect buffer overflow
Stack based buffer overflow on oversized function's argument...
FreeBSD -- Buffer overflow in tcpdump(1)
Problem Description: An un-checked return value in the BGP dissector code can result in an integer overflow. This value is used in subsequent buffer management operations, resulting in a stack based buffer overflow under certain circumstances. Impact: By crafting malicious BGP packets, an attacke...
Vivotek Motion Jpeg Control - MjpegDecoder.dll 2.0.0.13 Remote Overflow
Vivotek Motion Jpeg Control - MjpegDecoder.dll 2.0.0.13 Remote Overflow ' metasploit one, alpha2... add a user 'sun' with pass 'tzu' FRAGMENT =...
FreeBSD : rar -- password prompt buffer overflow vulnerability (94234e00-be8a-11db-b2ec-000c6ec775d9)
iDefense reports : Remote exploitation of a stack based buffer overflow vulnerability in RARLabs Unrar may allow an attacker to execute arbitrary code with the privileges of the user opening the archive. Unrar is prone to a stack based buffer overflow when processing specially crafted password...
rar -- password prompt buffer overflow vulnerability
iDefense reports: Remote exploitation of a stack based buffer overflow vulnerability in RARLabs Unrar may allow an attacker to execute arbitrary code with the privileges of the user opening the archive. Unrar is prone to a stack based buffer overflow when processing specially crafted password...
ZDI-06-049: Symantec Veritas NetBackup Long Request Buffer Overflow Vulnerability
ZDI-06-049: Symantec Veritas NetBackup Long Request Buffer Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-06-049.html December 13, 2006 -- CVE ID: CVE-2006-6222 -- Affected Vendor: Symantec -- Affected Products: Veritas NetBackup 6.0 MP4 Veritas NetBackup 5.1 MP6 Veritas...
gnupg -- remotely controllable function pointer
Werner Koch reports: GnuPG uses data structures called filters to process OpenPGP messages. These filters are used in a similar way as a pipelines in the shell. For communication between these filters context structures are used. These are usually allocated on the stack and passed to the filter...