21 matches found
Buffer-Overflow-PoC
Buffer Overflow PoC — ret2libc on x86-64 Linux Overview D...
picoCTF_2025_pie_time
PIE Exploit Challenge Exploiting a PIE Position Independent...
glibc qsort() Out-Of-Bounds Read / Write
Qualys Security Advisory For the algorithm lovers: Nontransitive comparison functions lead to out-of-bounds read & write in glibc's qsort ======================================================================== Contents ========================================================================...
Neowise CarbonFTP 1.4 - Insecure Proprietary Password Encryption
Title: Neowise CarbonFTP 1.4 - Insecure Proprietary Password Encryption Date: 2020-04-20 Author: hyp3rlinx Vendor: CVE: CVE-2020-6857 import time, string, sys, argparse, os, codecs Fixed: updated for Python 3, the hex decode function was not working in Python 3 version. This should be compatible...
Oracle Solaris Common Desktop Environment 1.6 - Local Privilege Escalation
Title: Oracle Solaris Common Desktop Environment 1.6 - Local Privilege Escalation Date: 2020-04-21 Author: Marco Ivaldi Vendor: www.oracle.com CVE: CVE-2020-2944 / raptorsdtcmconv.c - CDE sdtcmconvert LPE for Solaris/Intel Copyright c 2019-2020 Marco Ivaldi A buffer overflow in the SanityCheck...
PHP 5.2.6 'create_function()' Code Injection Weakness (2)
No description provided by source. source: http://www.securityfocus.com/bid/31398/info PHP is prone to a code-injection weakness because it fails to sufficiently sanitize input to 'createfunction'. Note that the anonymous function returned need not be called for the supplied code to be executed. ...
PHP 5.2.6 'create_function()' Code Injection Weakness (1)
No description provided by source. source: http://www.securityfocus.com/bid/31398/info PHP is prone to a code-injection weakness because it fails to sufficiently sanitize input to 'createfunction'. Note that the anonymous function returned need not be called for the supplied code to be executed. ...
Solaris 2.6/7.0 /locale Subsystem Format String
No description provided by source. / source: http://www.securityfocus.com/bid/1634/info nectiva 4.x/5.x,Debian 2.x,IBM AIX 3.x/4.x,Mandrake 7,RedHat 5.x/6.x,IRIX 6.x, Solaris 2.x/7/8,Turbolinux 6.x,Wirex Immunix OS 6.2 Locale Subsystem Format String Many UNIX operating systems provide...
nginx URI Parsing Buffer Underflow (CVE-2009-2629)
A remote buffer underflow vulnerability exists within nginx HTTP server. The vulnerability is due to an error when processing malicious HTTP requests. A remote attacker can exploit this vulnerability by sending an HTTP request containing specially crafted URI to the target system. Successful...
FTPShell Client 4.1 RC2 Name Session Stack Overflow Exploit
No description provided by source. / FTPShell Client, Name Session Stack Overflow Exploit Tested on Version 4.1 RC2 on Windows XP SP3 Vulnerable program download page : http://www.ftpshell.com/downloadclient.htm Coded by zec Feel yourself freely to get into touch : [email protected] / package ftpbo...
FTPShell Client 4.1 RC2 Name Session Stack Overflow Exploit
Exploit for unknown platform in category local exploits =========================================================== FTPShell Client 4.1 RC2 Name Session Stack Overflow Exploit =========================================================== / FTPShell Client, Name Session Stack Overflow Exploit Tested...
FTPShell Client 4.1 RC2 - Name Session Stack Overflow
FTPShell Client 4.1 RC2 - Name Session Stack Overflow / FTPShell Client, Name Session Stack Overflow Exploit Tested on Version 4.1 RC2 on Windows XP SP3 Vulnerable program download page : http://www.ftpshell.com/downloadclient.htm Coded by zec Feel yourself freely to get into touch :...
FTPShell Client 4.1 RC2 - Name Session Stack Overflow
/ FTPShell Client, Name Session Stack Overflow Exploit Tested on Version 4.1 RC2 on Windows XP SP3 Vulnerable program download page : http://www.ftpshell.com/downloadclient.htm Coded by zec Feel yourself freely to get into touch : [email protected] / package ftpbof; import java.io.DataOutputStream;...
Linux/x86 - execve(/bin/sh) - 16 bytes
No description provided by source. / $Id: reusage-linux.c,v 1.3 2004/01/30 20:08:46 raptor Exp $ reusage-linux.c - re-use of "/bin/sh" string in .rodata Copyright c 2003 Marco Ivaldi [email protected] Short local shellcode for /bin/sh execve. It re-uses the "/bin/sh" string stored in the...
JVN#72065744 K's CGI Access Log Kaiseki (Jcode.pm) vulnerable to cross-site scripting
K's CGI Access Log Kaiseki is a program to analyze access to a web page. analysis.cgi included in Access Log Kaiseki Jcode.pm contains a cross-site scripting vulnerability. Impact An arbitrary script could be executed on the user's web browser. Solution Update the Software Apply the latest update...
Sqlhello overflow process-vulnerability warning-the black bar safety net
Two days before the use of sqlhello overflow vulnerability tools with a local area network inside a colleague made a joke, made his win2k shell So also want to play about overflow. First with Delphi write a vulnerable program. If not check the input string length, then the input string length is...
Phrack55:Klog
Rewrite pointer to memory window ------- Phrack Magazine --- Vol. 9 | Issue 55 --- 09.09.99 --- 08 of 19 ------------------------ Rewrite pointer to memory window -------- klog ---- Introduction If buffers can be overflowed, then by overwriting critical data, stored in the address space of the...
pkc004.txt
/ pkc004.txt / -= SECURITY ADVISORY 004 =- | \ www.pkcrew.org / \ \ | / \ | | | | | / | | | | | / | | | | / | | / / | | | / | - Group: Packet Knights http://www.pkcrew.org/ - Date of release: 01/22/2000 - Problems: Format bugs - Impact: Remote vulnerablity allows to execute arbitrary code with th...
MDKSA-2000:028 kon2 update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Linux-Mandrake Security Update Advisory Package name: kon2 Date: August 1st, 2000 Advisory ID: MDKSA-2000:028 Affected versions: 7.0, 7.1 Problem Description: There is a vulnerable suid program called fld. This program accepts option input from a text...
pakmail.txt
Vulnerable Program: PakMail v1.25 SMTP/POP3 Server Platform : Windows95, 98, NT Vendor : SilverSoft Corporation www.pak.net Impact : Remote/local users can DoS both STMP & POP3 servers Found by : slackee [email protected] Date : 5th December '99 PakMail SMTP/POP3 Server Pakmail V1.25, a sta...