Bash Me Some More

Good morning! This is kinda long. == Background == If you are not familiar with the original bash function export vulnerability CVE-2014-6271, you may want to have a look at this article: http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html Well, long story short: the...

IBM AIX 4.3 digest Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2033/info AIX is a version of the UNIX Operating System distributed by IBM. A vulnerability exists in the operating system which could allow a user an elevation in priviledge. The problem occurs in the digest binary. It i...

BlazeDVD 5.1- (.plf) Stack Buffer Overflow PoC Exploit - ALSR/DEP Bypass on Win7

No description provided by source. !/usr/bin/python BlazeDVD v5.1 .plf Stack Buffer Overflow PoC exploit - ALSR/DEP bypass on win7 Author: mrme - https://net-ninja.net - mrmeATcorelan.be - @StevenSeeley Download: http://www.blazevideo.com/ Tested on windows 7 version N - DEP = AlwaysOn Greetz:...

A-PDF Wav to MP3 Converter 1.2.0 - DEP Bypass

No description provided by source. Exploit Title: A-PDF Wav to MP3 Converter v 1.2.0 DEP Bypass Software Link: http://www.a-pdf.com/wav-to-mp3/a-pdf-wtm.exe Version: 1.2.0 Tested on: Win XP SP3 French Date: 12/05/2011 Author: h1ch4m Hicham Oumounid Email: [email protected] Home:...

Easy File Sharing Web Server 6.8 - Stack Buffer Overflow

No description provided by source. Exploit Title: Easy File Sharing Web Server 6.8 stack buffer overflow Date: 10 May 2014 Exploit Author: superkojiman - http://www.techorganic.com Vendor Homepage: http://www.efssoft.com Software Link: http://www.sharing-file.com/efssetup.exe Version: 6.8 Tested...

Solaris 2.5/2.5.1/2.6/7.0 sadmind Buffer Overflow Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/866/info Certain versions of Solaris ship with a version of sadmind which is vulnerable to a remotely exploitable buffer overflow attack. sadmind is the daemon used by Solstice AdminSuite applications to perform distribut...

ePSXe <= 1.6.0 nogui() Local Exploit

No description provided by source. / epsxe-e.c ePSXe v1. local exploit By: Qnix e-mail: q-nixathotmaildotcom ePSXe-website: www.epsxe.com EXP-Sample: root@Qnix:/epsxe gcc -o epsxe-e epsxe-e.c root@Qnix:/epsxe ./epsxe-e ePSXe v1. local exploit by Qnix | Q-nixathotmaildotcom Stack pointer ESP :...

FreeBSD 3.3,Linux Mandrake 7.0 'xsoldier' Buffer Overflow Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/871/info Certain versions of FreeBSD 3.3 Confirmed and Linux Mandrake confirmed ship with a vulnerable binary in their X11 games package. The binary/game in question, xsoldier, is a setuid root binary meant to be run via ...

MIPS Little Endian Shellcode

No description provided by source. Disassembled MIPS Little Endian Shellcode Shellcode was designed for ACSD exploit on the ASUS RT-AC66U SOHO router. CVE: CVE-2013-4659 Written by Jacob Holcomb, Security Analyst @ Independent Security Evaluators Blog: http://infosec42.blogspot.com Company Websit...

BlazeVideo HDTV Player 6.6 Professional - Local Overflow (SEH + ASLR + DEP Bypass)

BlazeVideo HDTV Player 6.6 Professional - Local Overflow SEH + ASLR + DEP Bypass !/usr/bin/python -w ----------------------------------------------------------------------------------- Exploit: BlazeVideo HDTV Player 6.6 Professional SEH&DEP&ASLR Author: b33f - http://www.fuzzysecurity.com/ OS:...

Off-by-one in Sybase Advantage Server 10.0.0.3

Luigi Auriemma Application: Sybase Advantage Server http://www.sybase.com/products/databasemanagement/advantagedatabaseserver Versions: = 10.0.0.3 Platforms: Windows, NetWare, Linux Bug: off-by-one Exploitation: remote, versus server Date: 27 Jun 2011 found 29 Oct 2010 Author: Luigi Auriemma...

A-PDF WAV To MP3 Converter 1.2.0 DEP Bypass

Exploit Title: A-PDF Wav to MP3 Converter v 1.2.0 DEP Bypass Software Link: http://www.a-pdf.com/wav-to-mp3/a-pdf-wtm.exe Version: 1.2.0 Tested on: Win XP SP3 French Date: 12/05/2011 Author: h1ch4m Hicham Oumounid Email: [email protected] Home: http://net-effects.blogspot.com Big thanks to...

A-PDF All to MP3 Converter 2.0.0 - DEP Bypass

A-PDF All to MP3 Converter 2.0.0 - DEP Bypass Exploit Title: A-PDF All to MP3 Converter v.2.0.0 DEP Bypass Software Link: http://www.a-pdf.com/all-to-mp3/download.htm Version: 2.0.0 Tested on: Win XP SP3 French Date: 12/05/2011 Author: h1ch4m Email: [email protected] Home:...

A-PDF All to MP3 Converter v.2.0.0 DEP Bypass

Exploit for windows platform in category local exploits Exploit Title: A-PDF All to MP3 Converter v.2.0.0 DEP Bypass Software Link: http://www.a-pdf.com/all-to-mp3/download.htm Version: 2.0.0 Tested on: Win XP SP3 French Date: 12/05/2011 Author: h1ch4m Email: email protected Home:...

Mandriva Update for ffmpeg MDVSA-2011:060 (ffmpeg)

Check for the Version of ffmpeg OpenVAS Vulnerability Test Mandriva Update for ffmpeg MDVSA-2011:060 ffmpeg Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

VMware ESX third party update for Service Console kernel

a. Service Console OS update for COS kernel packagThis patch updates the Service Console kernel to fix a stack pointer underflow issue in the 32-bit compatibility layer. Exploitation of this issue could allow a local user to gain additional privileges. The Common Vulnerabilities and Exposures...

RHEL 6 : kernel (RHSA-2010:0842)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2010:0842 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: Missi...

kernel: 64-bit Compatibility Mode Stack Pointer Underflow

The compatallocuserspace functions in include/asm/compat.h files in the Linux kernel before 2.6.36-rc4-git2 on 64-bit platforms do not properly allocate the userspace memory required for the 32-bit compatibility layer, which allows local users to gain privileges by leveraging the ability of the...

kernel: 64-bit Compatibility Mode Stack Pointer Underflow

The compatallocuserspace functions in include/asm/compat.h files in the Linux kernel before 2.6.36-rc4-git2 on 64-bit platforms do not properly allocate the userspace memory required for the 32-bit compatibility layer, which allows local users to gain privileges by leveraging the ability of the...

RHEL 4 : kernel (RHSA-2010:0718)

The remote Redhat Enterprise Linux 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2010:0718 advisory. - kernel: 64-bit Compatibility Mode Stack Pointer Underflow CVE-2010-3081 Note that Nessus has not tested for this issue but has instead relied only ...