corehttp version 0.5.3alpha remote buffer overflow exploit.
f94cd9f83f91db05428a8f172d80259fWebdesproxy version 0.0.1 GET request remote buffer overflow exploit.
243346b09ad17b18f42d97c551a609cbnotepad++ version 4.1 ruby file processing buffer overflow exploit for win32.
7d9f4e6f0fe368c14e601e299c42f65d3proxy version 0.5.3g proxy.c logurl() remote buffer overflow exploit for win32. Binds a shell to tcp port 7979.
6c25c781ca73d4e22164246425a480123proxy version 0.5.3g proxy.c logurl() remote buffer overflow exploit for Linux. Can spawn a bind shell or launch connect-back code.
4aa3b80e3126b2db928f68b83dd8fe4diDefense Security Advisory 03.02.06 - Local exploitation of a design error in version 10.3.9 of Apple Computer Inc.'s Mac OS X could allow arbitrary files to be overwritten with user supplied contents. iDefense has confirmed the existence of this vulnerability in Mac OS X Version 10.3.9. In addition, the following versions been confirmed by the vendor to be vulnerable: Mac OS X Server Version 10.3.9, Mac OS X Version 10.4.5, Mac OS X Server Version 10.4.5.
713561ccc67de4e8e0127687de6ca534/usr/bin/passwd local root exploit for Mac OS X.
0b8e98d93c5a075a72311800794cc7c5iDEFENSE Security Advisory 11.11.05 - Remote exploitation of a command injection vulnerability in various vendors' implementations of Lynx could allow attackers to execute arbitrary commands with the privileges of the underlying user. The problem specifically exists within the feature to execute local cgi-bin programs via the lynxcgi: URI handler. The handler is generally intended to be restricted to a specific directory or program(s). However, due to a configuration error on multiple platforms, the default settings allow for arbitrary websites to specify commands to run as the user running Lynx. iDEFENSE has confirmed the existence of this vulnerability in the latest stable release of Lynx, version 2.8.5. It is suspected that earlier versions are also affected.
51fe811052b9529851841a1252d1e59bOpenVPN version 2.0.x contain a remotely exploitable format string bug in the processing of its command-line and configuration arguments.
f77007a150f68a713ec441b3d28ede9biDEFENSE Security Advisory - Local exploitation of a design error in Adobe Systems, Inc. Version Cue allows local attackers to gain root privileges. Version Cue includes a setuid root application named VCNative which is vulnerable to a symlink attack. The vulnerability specifically exists due to the use of predictable log file names. VCNative uses a format such as VCNative-[pid].log for the filename and stores the file in the current working directory. Attackers can easily predict the created filename and supply user-controlled data via the -host and - port options. A carefully supplied value can cause a crafted log file to be written. Crafted strings written to root-owned files can lead to arbitrary code execution with root privileges.
006c050c25449b61284a0e704ee87d4diDEFENSE Security Advisory - Local exploitation of a design error in Adobe Systems, Inc. Version Cue allows local attackers to gain root privileges. Version Cue includes a setuid root application named VCNative which contains a design error that allows local attackers to gain root privileges. The vulnerability specifically exists due to an unchecked command line option parameter. The -lib command line option allows users to specify library bundles which allows for the introduction of arbitrary code in the context of a root owned process. The init function in a shared library is executed immediately upon loading. By utilizing the -lib argument to load a malicious library, local attackers can execute arbitrary code with root privileges.
12a71c59d4665571e0ee8aacf0fef6d1Ethereal versions 0.10.10 and below SMB dissector remote denial of service exploit. Tested on 0.9.4 and 0.10.10.
3ab2b3f2fbc4facb56d109e6506558d3Tcpdump v3.8.x/3.9.1 remote infinite loop denial of service exploit which takes advantage of the isis_print() function by sending a GRE packet.
a350bbe8a4a509d9a7ea62aee31f4411Tcpdump v3.8.x and below remote denial of service exploit which causes tcpdump to go into an infinite loop when it processes an evil BGP packet. Works if TCP port 179 is not filtered.
7910a287be1c5dc61afe4be886bba8beTcpdump v3.8.3 and below remote denial of service exploit which causes tcpdump to go into an infinite loop when it processes an evil LDP packet.
3991741f125a8d4af45b16bccb9449a5Tcpdump v3.9.1 and below and Ethereal v0.10.10 and below remote denial of service exploit which takes advantage of a bug in rsvp_print().
e53d15334d77bab6ccbe7c0f187f5ca9Local root exploit for /usr/bin/su on Mac OS X that makes use of the buffer overflow vulnerability discovered by iDefense using the CF_CHARSET_PATH environment variable.
f6fb2b97ea877182983ee16dafacce16The Finder utility that Mac OSX uses to launch and manipulate files and applications fails to check for hard linked files before performing changes. This allows an unprivileged user the ability to overwrite files as root. Full exploit included.
f7793f2703c2dbe3aa10b3b3a94c160cfkey version 0.0.2 local file accessibility exploit.
2afe0de2da98e6a863a419723fd42326X-Chat versions 2.0.8 through 1.8.0 remote exploit that makes use of a buffer overflow in the SOCKS-5 proxy code. Successful exploitation binds a shell to port 7979.
962882454041913d71efc4a5444ef886mpg123 v0.59r and 0.59s remote client-side heap corruption exploit that makes use of the overflow found in the readstring() function of httpget.c which does not limit the amount of data written to a buffer.
578765a85ce61b5cbc41aa2541e2d7dcNetscript is a portable and lightweight tcp socket scripting tool. It is intended to allow anyone to script situations based on a word-to-word ruleset response system. Includes wildcard support, character replacement, random replacement, argument inclusion, server timeout, initial send, display altering, multiple character dump formats, telnet protocol support, logging, program to socket dumping, executable ruleset support and reverse binding among other things.
55026e6fa66f467d9c4870918c31aa8aNetscript is a portable and lightweight tcp socket scripting tool. It is intended to allow anyone to script situations based on a word-to-word ruleset response system. Includes wildcard support, character replacement, random replacement, argument inclusion, server timeout, initial send, display altering, multiple character dump formats, telnet protocol support, logging, program to socket dumping, executable ruleset support and reverse binding among other things.
ec29e37f3d8fa6195904f099686cba85Netscript is a portable and lightweight tcp socket scripting tool. It is intended to allow anyone to script situations based on a word-to-word ruleset response system. Includes wildcard support, character replacement, random replacement, argument inclusion, server timeout, initial send, display altering, multiple character dump formats, telnet protocol support, logging, program to socket dumping, executable ruleset support and reverse binding among other things.
dec2f5ce7f142a8a95a3cccb5883a913Netscript is a portable and lightweight tcp socket scripting tool. It is intended to allow anyone to script situations based on a word-to-word ruleset response system. Includes wildcard support, character replacement, random replacement, argument inclusion, server timeout, initial send, display altering, multiple character dump formats, telnet protocol support, logging, program to socket dumping, executable ruleset support and reverse binding among other things.
38fc96a05a72c5e011618a3a4a7596b3
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed