Email address | private |
---|---|
First Active | 2005-04-18 |
Last Active | 2006-01-26 |
POC Exploit for the MSVC 6.0 run file bug.
8dc1ea0a87aeaf315faada5f0a3e56449a6ecd38e65005ebcc862f8b10894989
MSVC 6.0 run file bug - Generally authors offer code as a project with source, headers, and msvc project files if it is a fairly big project. Most users will simply open up the project.dsw file, ( especialy if it says to do so in a readme.txt or other compiler instructions ) which in turn loads the project.dsp files, which provides the compiler directives. A malicious attacker could embed commands to be executed in the project files, and execute any local code of his choosing.
6a5009f0e4aebe69416725cbeacce66fef04e21047c8e1e2cc4db50de6dbc0ff
TYPSoft FTP Server v1.11 and earlier does not properly support the RETR command allowing authenticated users to crash the daemon. POC code included.
36612b83e504f58ccaf2a816acc4c7c0d8164955ae0ab23d1114e380567f28b5
XAMPP contains multiple vulnerabilities, including default usernames / passwords and Cross-site scripting issues. Example exploit URLs provided as part of advisory.
1c1cffe32942fde51d981767af0ae64e1987d397b5288232d1cce12aa159380c