222 matches found
EasyFTP Server 1.7.0.11 - CWD (Authenticated) Remote Buffer Overflow
EasyFTP Server 1.7.0.11 - CWD Authenticated Remote Buffer Overflow Exploit Title: Easy FTP Server v1.7.0.11 CWD Command Remote Buffer Overflow Exploit Post Auth Date: 2010-07-18 Author: @fdiskyou e-mail: rui at deniable.org Software Link: Version: 1.7.0.11 Tested on: Windows XP SP3 en import sock...
EasyFTP Server 1.7.0.11 - 'CWD' (Authenticated) Remote Buffer Overflow
Exploit Title: Easy FTP Server v1.7.0.11 CWD Command Remote Buffer Overflow Exploit Post Auth Date: 2010-07-18 Author: @fdiskyou e-mail: rui at deniable.org Software Link: Version: 1.7.0.11 Tested on: Windows XP SP3 en import socket import sys buffersize = 268 windows/exec - 227 bytes...
VulnCheck KEV: CVE-2004-1049
Integer overflow in the LoadImage API of the USER32 Lib for Microsoft Windows allows remote attackers to execute arbitrary code via a .bmp, .cur, .ico or .ani file with a large image size field, which leads to a buffer overflow, aka the "Cursor and Icon Format Handling Vulnerability."...
Private Wire Gateway - Remote Buffer Overflow (Metasploit)
$Id: privatewiregateway.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Windows ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (HTTP)
This module exploits a buffer overflow vulnerability in the LoadAniIcon function in USER32.dll. The flaw can be triggered through Internet Explorer 6 and 7 by using the CURSOR style sheet directive to load a malicious .ANI file. The module can also exploit Mozilla Firefox by using a UNC path in a...
Windows ANI LoadAniIcon() Chunk Size Stack Overflow (HTTP)
$Id: ms07017aniloadimagechunksize.rb 9085 2010-04-15 16:08:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Shadow Stream Recorder 3.0.1.7 (.asx) Local Buffer Overflow
No description provided by source. !/usr/bin/python Title: Shadow Stream Recorder 3.0.1.7 .asx Local Buffer Overflow Date: 03-29-2010 Author: b0telh0 Link: http://www.rm-to-mp3.net/downloads/ssrecordersetup.exe Tested on: Windows XP SP3 windows/exec - 228 bytes EXITFUNC=seh, CMD=calc.exe shellcod...
Shadow Stream Recorder 3.0.1.7 Buffer Overflow
!/usr/bin/python Title: Shadow Stream Recorder 3.0.1.7 .asx Local Buffer Overflow Date: 03-29-2010 Author: b0telh0 Link: http://www.rm-to-mp3.net/downloads/ssrecordersetup.exe Tested on: Windows XP SP3 windows/exec - 228 bytes EXITFUNC=seh, CMD=calc.exe shellcode =...
WM Downloader 3.0.0.9 - '.asx' Local Buffer Overflow
!/usr/bin/python Title: WM Downloader 3.0.0.9 .asx Local Buffer Overflow Date: 03-29-2010 Author: b0telh0 Tested on: Windows XP SP3 windows/exec - 227 bytes EXITFUNC=process, CMD=calc.exe shellcode = "\x29\xc9\xb1\x33\xda\xd3\xbd\x07\x4a\x9e\x37\xd9\x74\x24\xf4"...
Shadow Stream Recorder 3.0.1.7 (.asx) Local Buffer Overflow
Exploit for windows platform in category local exploits =========================================================== Shadow Stream Recorder 3.0.1.7 .asx Local Buffer Overflow =========================================================== !/usr/bin/python Title: Shadow Stream Recorder 3.0.1.7 .asx Loc...
Shadow Stream Recorder 3.0.1.7 - '.asx' Local Buffer Overflow
!/usr/bin/python Title: Shadow Stream Recorder 3.0.1.7 .asx Local Buffer Overflow Date: 03-29-2010 Author: b0telh0 Link: http://www.rm-to-mp3.net/downloads/ssrecordersetup.exe Tested on: Windows XP SP3 windows/exec - 228 bytes EXITFUNC=seh, CMD=calc.exe shellcode =...
ProSSHD Buffer Overflow
Exploit Title: ProSSHD buffer overflow Date: 2010.02.19 Author: S2 Crew Hungary Software Link: http://www.labtam-inc.com/ Version: 1.2 20090726 Tested on: Windows XP SP2 EN CVE: - Registers: EAX 000003E4 ECX 0012ED44 EDX 7C90EB94 ntdll.KiFastSystemCallRet EBX 00000674 ESP 0012EFC0 ASCII...
ProSSHD 1.2 20090726 - Remote Buffer Overflow
ProSSHD 1.2 20090726 - Remote Buffer Overflow Author: S2 Crew Hungary Tested on: Windows XP SP2 EN CVE: - Registers: EAX 000003E4 ECX 0012ED44 EDX 7C90EB94 ntdll.KiFastSystemCallRet EBX 00000674 ESP 0012EFC0 ASCII "BBBBBBBBBBBBBBBBBB..." EBP 0012F3DC ASCII "BBBBBBBBBBBBBBBBBB..." ESI 7C81DD9A...
Audiotran 1.4.1 Buffer Overflow
Exploit Title: Audiotran v1.4.1 direct RET BOF Date: 2010-1-16 Author: Jacky Software Link: http://www.e-soft.co.uk/Audiotran.htm Version: 1.4.1 Tested on: Windows XP SP2 CVE : if exists Code : Audiotran v1.4.1 Direct RET local BOF Vulnerability. Exploit Discovered by Sébastien Duquette Greetz to...
Audiotran v1.4.1 direct RET BOF
Exploit for unknown platform in category local exploits =============================== Audiotran v1.4.1 direct RET BOF =============================== Exploit Title: Audiotran v1.4.1 direct RET BOF Date: 2010-1-16 Author: Jacky Software Link: http://www.e-soft.co.uk/Audiotran.htm Version: 1.4.1...
Mini-stream 3.0.1.1 - Local Buffer Overflow (Metasploit)
$Id: ministream.rb 11516 2011-01-08 01:13:26Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...
Mini-stream Ripper (Windows XP SP2/SP3) - Local Overflow
!/usr/bin/python ...:| Code Fix/Patch for WinXP - English |:... Referenced: http://www.exploit-db.com/exploits/10745 - mrme and fixed the offset as well as tested the exploit against WinXP SP2 and SP3 Exploit against Mini-Stream 3.0.1.1 WinXP English 12.27.2009 Author: Ron Henry -...
Mini-stream Ripper (Windows XP SP2SP3) - Local Overflow
Mini-stream Ripper Windows XP SP2SP3 - Local Overflow !/usr/bin/python ...:| Code Fix/Patch for WinXP - English |:... Referenced: http://www.exploit-db.com/exploits/10745 - mrme and fixed the offset as well as tested the exploit against WinXP SP2 and SP3 Exploit against Mini-Stream 3.0.1.1 WinXP...
Mini-stream 3.0.1.1 - Local Buffer Overflow (Metasploit)
Mini-stream 3.0.1.1 - Local Buffer Overflow Metasploit $Id: ministream.rb 11516 2011-01-08 01:13:26Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensi...
Mini-Stream Exploit for Windows XP SP2 and SP3
Exploit for unknown platform in category local exploits ============================================== Mini-Stream Exploit for Windows XP SP2 and SP3 ============================================== Title: Mini-Stream Exploit for Windows XP SP2 and SP3 CVE-ID: OSVDB-ID: Author: Ron Henry Published:...