727 matches found
Apple Mac OSX EvoCam Web Server (Snow Leopard) - ROP Remote Overflow
!/usr/bin/python EvoCam Web Server OSX 3.6.6 and 3.6.7 import socket import struct SHELL = "\xdb\xd2\x29\xc9\xb1\x27\xbf\xb1\xd5\xb6\xd3\xd9\x74\x24" "\xf4\x5a\x83\xea\xfc\x31\x7a\x14\x03\x7a\xa5\x37\x43\xe2" "\x05\x2e\xfc\x45\xd5\x11\xad\x17\x65\xf0\x80\x18\x8a\x71"...
Fedora 12 : quake3-1.36-7.svn1783.fc12 (2010-8558)
Wed May 12 2010 Xavier Lamien - 1.36-7.svn1783 - Update release to svn revision r1783. - Remove botlib-strcpy-abuse patch added upstream. - Thu Jan 21 2010 Hans de Goede 1.36-6 - Update fix autodlrc mirror URL's 557252 - Fri Dec 18 2009 Hans de Goede 1.36-5 - Modify Urban Terror launch script to...
NetBSD 5.0 and below Hack PATH Environment overflow proof of concept
Exploit for bsd platform in category dos / poc ==================================================================== NetBSD 5.0 and below Hack PATH Environment overflow proof of concept ==================================================================== !/bin/sh NetBSD 5.0 and below Hack PATH...
NetBSD 5.0 - Hack GENOCIDE Environment Overflow (PoC)
NetBSD 5.0 - Hack GENOCIDE Environment Overflow PoC !/bin/sh NetBSD 5.0 and below Hack GENOCIDE Environment overflow proof of concept Successfull Exploitation gives guid 100 games Vulnerable Function is in hack.main.c. /usr/games/hack -D use the wizard mode. Only work in wizard mode. It is a basi...
Picpuz 2.1.1 - Buffer Overflow (Denial of Service) (PoC)
Picpuz 2.1.1 - Buffer Overflow Denial of Service PoC Exploit Title: Picpuz Buffer Overflow DoS/PoC , http://kornelix.squarespace.com/storage/downloads/picpuz-2.1.1.tar.gz Version: = 2.1.1 Tested on: Fedora 12 CVE: None Code: Description: "from website" Picpuz is a free Linux "jigsaw puzzle"...
A stack overflow attack and the anti-vulnerability warning-the black bar safety net
Overflow is the security of the network is often a contact to a problem, once there is some kind of overflow vulnerability, the network of thousands of computers will become a Hacker brothers and sisters on the chopping block of meat. Then the overflow in the end is what? This attack method...
webdesproxy 0.0.1 - exec-shield GET Remote Code Execution
webdesproxy 0.0.1 - exec-shield GET Remote Code Execution / Fedora Core 6 exec-shield based Webdesproxy webdesproxy-0.0.1.tgz remote root exploit reverse connect-back method by Xpl017Elz Advanced exploitation in exec-shield Fedora Core case study URL:...
3proxy 0.5.3g proxy.c logurl() Remote Overflow Exploit (exec-shield)
No description provided by source. / Fedora Core 5,6 exec-shield based 3proxy HTTP Proxy 3proxy-0.5.3g.tgz remote overflow root exploit reverse connect-back method by Xpl017Elz Advanced exploitation in exec-shield Fedora Core case study URL:...
CA BrightStor ARCserve - msgeng.exe Remote Stack Overflow
CA BrightStor ARCserve - msgeng.exe Remote Stack Overflow !/usr/bin/python This one was listed in the SANS TOP 20 and I needed an exploit for analysis. I couldnt find a reliable exploit for my analysis and so came up with this. Remote exploit for the CA BrightStor msgeng.exe service stack overflo...
[Full-disclosure] Unrarlib 0.4.0 (urarlib_get) Local buffer overflow
Description: in file unrarlib.c don't exist the check control of size len filename passed in function urarlibget using strcpy Source error: -- char ArcName255; / RAR archive .. int urarlibgetvoid output, unsigned long size, char filename, void rarfile, char libpassword / Get a file from a RAR fil...
xsplumber - strcpy() buffer overflow
No description provided by source. / linuxsplumberversion2 buffer overflow, by [email protected]. this is a misc. exploit for the linux-SVGAlib space plumber game. which, as you know needs to be installed setuid root. this overflow is due to a simple oversight in the command line parser. uses...
Solaris Runtime Linker (ld.so.1) Buffer Overflow Exploit (SPARC version
No description provided by source. / ld.so.1 exploit SPARC coded by: osker178 bjr213 psu.edu Alright, so this exploits a fairly standard buffer overflow in the default Solaris runtime linker ld.so.1 discovery by Jouko Pynnonen Only real deviation here from the standard overflow and return into li...
GLSA-200610-08 : Cscope: Multiple buffer overflows
The remote host is affected by the vulnerability described in GLSA-200610-08 Cscope: Multiple buffer overflows Unchecked use of strcpy and scanf leads to several buffer overflows. Impact : A user could be enticed to open a carefully crafted file which would allow the attacker to execute arbitrary...
[SA19051] STLport Two String Handling Weaknesses
TITLE: STLport Two String Handling Weaknesses SECUNIA ADVISORY ID: SA19051 VERIFY ADVISORY: http://secunia.com/advisories/19051/ CRITICAL: Not critical IMPACT: Unknown WHERE: From remote SOFTWARE: STLport 5.x http://secunia.com/product/8487/ DESCRIPTION: Two weaknesses with unknown impacts have...
zoo contains exploitable buffer overflows
Topic: zoo contains exploitable buffer overflows Announced: 2006-02-22 Product: zoo Category: Applications/Archiving Impact: Remote code execution Credits: Jean-Sbastien Guay-Leroux I. BACKGROUND zoo is a file archiving utility for maintaining collections of files. It uses Lempel-Ziv compression ...
Memory corruption
The convert-fcrontab program in fcron 3.0.0 might allow local users to gain privileges via a long command-line argument, which causes Linux glibc to report heap memory corruption, possibly because a strcpy in the strdup2 function can "overwrite some data."...
CVE-2006-0539
The convert-fcrontab program in fcron 3.0.0 might allow local users to gain privileges via a long command-line argument, which causes Linux glibc to report heap memory corruption, possibly because a strcpy in the strdup2 function can "overwrite some data."...
CVE-2006-0539
CVE-2006-0539 affects the convert-fcrontab component of the fcron 3.0.0 package. The vulnerability arises when a long command-line argument allows a local user to gain privileges, potentially because Linux glibc heap memory corruption can occur due to a strcpy in the strdup2 function overwriting ...
iDEFENSE Security Advisory 06.14.05: Microsoft Outlook Express NNTP Response Parsing Buffer Overflow Vulnerability
Microsoft Outlook Express NNTP Response Parsing Buffer Overflow Vulnerability iDEFENSE Security Advisory 06.14.05 www.idefense.com/application/poi/display?id=263&type=vulnerabilities June 14, 2005 I. BACKGROUND Microsoft Outlook Express is an e-mail and newsgroup client shipped with the Microsoft...
wvtftpd buffer overflow
strcpy buffer overflow...