Apache Tomcat Connector jk2-2.0.2 (mod_jk2) remote overflow exploit that is Fedora Core 6, 7, 8 (exec-shield) based.
f2c20a72c6f0f767b7cdf1730e379fb20df15b7edd5262273f907b7c946ee96fApache Tomcat Connector mod_jk version 1.2.19 remote buffer overflow exploit for Fedora Core 5,6 (exec-shield).
24366bcf5fd939402e2136ae4afaf302d0e97d8a5f9ab0e2664a94791726f33eFedora Core 6 (exec-shield) based Webdesproxy version 0.0.1 remote root exploit.
a597e3eae30fff3e173ea50fa5b8d93a0a45a5fcfe86ce236cd50280358629bf3proxy version 0.5.3g proxy.c logurl() remote buffer overflow exploit. Uses the reverse connect-back method.
cb5338af3ab1feac826130b57cdbd6d1550d917686e22c285708f4158c9003f2Fenice OMS server version 1.10 remote root buffer overflow exploit.
ccb2a8ac8990e9209800f79b19078b6c4c6acc738a98dd5da1d2b538125e0ad6Fedora Core 6 (exec-shield) based GNU imap4d mailutils-0.6 search remote format string exploit.
446e3e6b76cd0a02db343848337da632eee1d94487876ba6ba92fdc125f114b8Whitepaper titled 'Advanced Exploitation In Exec-Shield: Fedora Core Case Study". This is an excellent paper and is in both PDF and text formats. Please check it out.
a8e5761dc6549e813b9928348cdf9f0062dfebc993c77dfa6cf7367eb33624afProFTPD versions 1.3.0 and 1.3.0a local overflow exploit.
f226fa4b69a0b38b89856b6fdf13dd0cae57a2c097428ced1cb703ee6948d130Zeroboard version 4.1 pl 7 is susceptible to cross site scripting attacks.
20123c6d7f762c448059ec975caa8110a197efcb19b9185c00bafe7b945a6bf4Global Hauri Virobot is susceptible to an authentication bypass flaw.
3b3ac939a77acd88b3bd2b1eb448a9cedf10c16a6c06e1f6d4abbb794893e7b3Snmppd is susceptible to a format string vulnerability.
bc5427491a4a901c393b53732a6504c2225b684ae85279588d94c9d19012c901Snmppd format string vulnerability. Snmppd (used by / with Nagios) may contain a format-string vulnerability in unsafe syslog() calls.
530283249b60e4f090b7e6f5b2df86eca244287192c133b0dfe453b3eb4a9996GLD 1.4 remote overflow format string exploit that binds a shell to port 36864.
e774ca4a0e106e9ad6a28c0eed3738f3657b001846638e469f61c6091406c537INetCop Security Advisory #2005-0x82-026 - Multiple buffer overflows and a format string vulnerability live in GLD versions 1.4 and below.
0955f8c245cdfd1d563ec36ffcd71eee970764667738d4bcc713e86608db5aa0Sh-httpd v0.3 and 0.4 contain a remote directory traversal vulnerability involving a wildcard character which allows attackers to read any file on the system and execute CGI's. Patch included.
a0ae3eee45856fba670f376c41e9f3a32c4c4558388732713876b66cc0eabf20wuftpd version 2.6.2 remote root exploit that makes use of the off-by-one vulnerability discussed here.
76fa131537012b1004aff58978340769dc77495dcc3679e28c335c7909cd545fwuftpd version 2.6.2 remote root exploit that makes use of the off-by-one vulnerability discussed here. Win32 version included that requires cygwin1.dll.
526db9e57fd9d03098a4ca647fd59e6961d4ccc10042d2d8bef0f4ec2b9e6426wuftpd version 2.6.2 remote root exploit that makes use of the off-by-one vulnerability discussed here.
ee456ce67583efada4d02d4662672efba77c520fe854673004cf4f185d954ed0New version of the DCOM remote exploit that uses a magic return address.
e5c92fea127afc1160f63d29acf4ebb26561218ac01cee7a18d6b64cba4c894fINetCop Security Advisory #2003-0x82-018 - The GNU bug tracking system GNATS has two bugs that exist in the pr-edit (Problem report editor) program. There is a heap based overflow when a user uses the -d option to input a directory name under version 3.2 There is an environment variable overflow vulnerability in version 3.113.x that will also yield root privileges.
ec98715198eb39ad65760e2d10ba0f2596b85ed8ee3d03b7491e1cdb626cea06Local root exploit against GNATS v3.113.x that makes use of a heap based environment variable overflow vulnerability. Related advisory found here. Tested against RedHat Linux versions 6-9.
538bd4423fdd435464a897aab663f0238af584df2870e50af3413af3511a2c1eLocal root exploit against GNATS v3.2 that makes use of the heap overflow found in the -d switch. Related advisory found here. Tested against RedHat Linux versions 6-9.
f5b477f0da8c0952aa1d3d05cdefb6691ea408d719dd83bb53879868bfcc2873This paper goes into great detail describing how to utilize format string attacks with limited buffer space.
26e76a849776b6bb6aed421c8c8e7c19ea279402faae685b8acaa53a90afbbd9INetCop Security Advisory #2003-0x82-017.b - New versions of WsMP3d are not patched against an old remote heap corruption overflow vulnerability. Remote exploit and advisory included.
bea05768421c2354342197437d34277cb5984897a68518e4181beeb625f26463INetCop Security Advisory #2003-0x82-017.a - WsMP3d, a web server that streams MP3s much like shoutcast but is GPL, suffers from a directory traversal vulnerability that not only allows viewing of files outside of the webroot, but allows for remote command execution as well.
bc72d07b2004ab7e987341e534050ec07ea4699fd37effc980c5656ccf6a0bd6
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed