Hanso Player 1.4.0.0 - 'Skinfile' Buffer Overflow (Denial of Service)

Exploit Title: Hanso Player 1.4.0.0 Buffer Overflow - DoS Skinfile Date: 05.02.2011 Author: Dame Jovanoskibadc0re Software Link: http://www.hansotools.com/downloads/hanso-player-setup.exe Version: 1.4.0.0 Tested on: XP sp3 from struct import import time f=open"default.ini","w"...

Linux Kernel 2.6.x - 'net/core/filter.c' Local Information Disclosure

/ source: https://www.securityfocus.com/bid/44758/info The Linux kernel is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. / / You've done it. After hours of gdb and caffeine, you've...

A-PDF All To MP3 Coverter 1.1.0 Universal Exploit

!/usr/bin/python Exploit Title: A-PDF All to MP3 Converter v.1.1.0 Universal Local SEH Exploit Date: September 18, 2010 Author: modpr0be Software Link: http://www.a-pdf.com/all-to-mp3/download.htm Version: 1.1.0 Tested on: Windows XP SP3 Open application -- Next -- Add -- blah.wav -- calc will po...

HP OpenView NNM getnnmdata.exe CGI Invalid ICount Remote Code Execution

Exploit Title: HP OpenView NNM getnnmdata.exe CGI Invalid ICount Remote Code Execution Date: 2010.07.02 Author: S2 Crew Hungary Software Link: hp.com Version: 7.53 Tested on: Windows 2003 CVE: CVE-2010-1554 Code : !/usr/bin/python import struct import socket import httplib import urllib calc.exe...

FreeBSD Kernel mountnfs() Exploit

No description provided by source. / mountnfsex.c -- Patroklos Argyroudis, argp at domain census-labs.com Local kernel exploit for FreeBSD 8.0, 7.3 and 7.2. Discovered and exploited by Patroklos argp Argyroudis. The vulnerability is in mountnfs which is reachable by the mount2 and nmount2 system...

Batch Audio Converter Lite Edition 1.0.0.0 Buffer Overflow

Exploit Title: Batch Audio Converter Lite Edition = v1.0.0.0 Stack Buffer Overflow SEH Date: 06/17/2010 Author: modpr0be Software Link: http://www.freesoftwaretoolbox.com/files/batchaudiosetup.exe Version: =1.0.0.0 0.4.0.0 tested and worked Tested on: Windows XP SP2 Type of Vuln: SEH CVE : N/A Co...

MySQL COM_TABLE_DUMP Information Leakage and Arbitrary Command Execution

No description provided by source. / April 21.st 2006 myexploit.c MySql COMTABLEDUMP Memory Leak & MySql remote B0f MySql = 5.0.20 MySql COMTABLEDUMP Memory Leak MySql = 4.x.x copyright 2006 Stefano Di Paola stefano.dipaolaatwisec.it GPL 2.0 Disclaimer: In no event shall the author be liable for...

Linux Kernel <= 2.6.28.3 set_selection() UTF-8 Off By One Local Exploit

No description provided by source. / CVE-2009-1046 Virtual Console UTF-8 setselection off-by-onetwo Memory Corruption Linux Kernel = 2.6.28.3 coded by: sgrakkyu at antifork.org http://kernelbof.blogspot.com/2009/07/even-when-one-byte-matters.html Dedicated to all people talking nonsense about non...

CUPS 1.3.9 - 'cups/ipp.c' Null Pointer Dereference Denial of Service

source: https://www.securityfocus.com/bid/35169/info CUPS is prone to a denial-of-service vulnerability because of a NULL-pointer dereference that occurs when processing two consecutive IPPTAGUNSUPPORTED tags in specially crafted IPP Internet Printing Protocal packets. An attacker can exploit thi...

httpdx 0.5b - FTP Server (CWD) Remote Buffer Overflow (SEH)

!/usr/bin/python Usage : httpdxcwd.py targetip user pass Example : httpdxcwd.py 192.168.1.3 ftp 123 Stack encouraged me to exploit this bug , so thx brotha | || | / \ | | | | | | | | | - " %sys.argv0 sys.exit0 skape's egghunter shellcode shellunt=...

SunOS Release 5.11 snv_101b - Remote IPv6 Crash

SunOS Release 5.11 snv101b - Remote IPv6 Crash / SunOS Release 5.11 Version snv101b Remote IPV6 Kernel Crash Exploit 0day By Kingcope/2009 / include include include include include include include include include include unsigned char rawData =...

I4L: fix isdn_ioctl memory issue

The isdnioctl function in isdncommon.c in Linux kernel 2.6.23 allows local users to cause a denial of service via a crafted ioctl struct in which iocts is not null terminated, which triggers a buffer overflow...

CVE-2008-5722

Buffer overflow in SAWStudio 3.9i allows user-assisted remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a long SAWSTUDIO PREFERENCES STRUCT value in a .prf preferences file...

kernel: dio: zero struct dio with kzalloc instead of manually

fs/direct-io.c in the dio subsystem in the Linux kernel before 2.6.23 does not properly zero out the dio struct, which allows local users to cause a denial of service OOPS, as demonstrated by a certain fio test...

kernel security and bug fix update

2.6.9-78.0.8.0.1.EL - fix entropy flag in bnx2 driver to generate entropy pool John Sobecki orabug 5931647 - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug 6845794 - fix enomem due to larger mtu size page alloc Zach Brown orabug 5486128 - fix percpu api bugon with...

kernel: dio: zero struct dio with kzalloc instead of manually

fs/direct-io.c in the dio subsystem in the Linux kernel before 2.6.23 does not properly zero out the dio struct, which allows local users to cause a denial of service OOPS, as demonstrated by a certain fio test...

FreeBSD Security Advisory (FreeBSD-SA-03:17.procfs.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-03:17.procfs.asc ADV FreeBSD-SA-03:17.procfs.asc OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Sof...

NetFTPd 4.2.2 User Authentication Remote Buffer Overflow Exploit

No description provided by source. Net-ftpd 4.2.2 user autentication b0f exploit 0day coded by Sergio 'shadown' Alvarez import struct import socket import sys import time class warftpd: def initself, host, port: self.host = host self.port = port self.bsize = 512 self.ebpaddr = 0xcacacaca...

Xitami Web Server 2.5c2 - LRWP Processing Format String (PoC)

/ PoC exploit for Xitami Web Server v2.5c2 LRWP processing format string bug Advisory is available at: http://www.bratax.be/advisories/b013.html multiple vulnerabilities! check it out! @author: bratax @url: http://www.bratax.be/ @email: [email protected] Thanks to BuzzDee for learning me how to us...

CVE-2007-6151

The isdnioctl function in isdncommon.c in Linux kernel 2.6.23 allows local users to cause a denial of service via a crafted ioctl struct in which iocts is not null terminated, which triggers a buffer overflow...