This Metasploit module exploits a stack buffer overflow in DATAC Control International RealWin SCADA Server 2.0 (Build 6.1.8.10). By sending a specially crafted packet, an attacker may be able to execute arbitrary code.
b59d9a1f23c5626c6efa73bf36caa496b08cb3ed11b9c2ff88e058916f50b1c6
This Metasploit module exploits a stack buffer overflow in DATAC Control International RealWin SCADA Server 2.0 (Build 6.1.8.10). By sending a specially crafted packet, an attacker may be able to execute arbitrary code.
6cf335d7a911baa5a781d9110c547c3f8feb4e5400dc4f0212b17723f78da7c3
This Metasploit module exploits a stack buffer overflow in DATAC Control International RealWin SCADA Server 2.0 (Build 6.1.8.10). By sending a specially crafted packet, an attacker may be able to execute arbitrary code.
388759d36655c0ed2039607f9ec5c8c8d9a87a60ebfb3d8b487ad627d522e542
DATAC RealWin versions 2.0 build 6.1.8.10 and below suffer from multiple stack overflow vulnerabilities.
10cc6e32b4b5e6a19e7719ef4706e7a1cd904c85d9ca48c6783de69e3ed6cdc2
Rocket Software UniData versions 7.2.7.3806 and below suffer from various denial of service vulnerabilities.
d61f5f2e29252ddc27c114fab16623b0aa6b985c5be991ced7e832b553b7098f
IBM solidDB versions 6.5.0.3 and below suffer from a remote denial of service vulnerability when receiving a malformed packet.
863115a1791808ffc3159bf92a78b1ccf005d2d625480a6795e9b2f627e2039f
Winamp versions 5.5.8.2985 and below suffer from various integer overflows and a buffer overflow. Demonstration proof of concept code included.
a0cb1e9de2217d6f06ad1289f88cdf207c26d90803921c157b810b06c921fa89
Unreal Tournament III suffers from an uninitialized pointer vulnerability.
4f03ee16d11664440497200a3044e2b1c74ba81bb6fd7c59fec78d672f1e22b5
The Lithtech engine in F.E.A.R and F.E.A.R. 2 Project Origin suffers from a memory corruption vulnerability. Exploit included.
34287796cabe7c93695c0dc48cdfbec8df8c736277f0b7f0ea6e0911536a1625
DirectPlay8 suffers from NULL pointer and access violation / freeze vulnerabilities. Exploit included.
1059213ca6067595a354e83762de856ece3e7b9ef12c97d4dfcd58d11a74000f
Freeciv version 2.2.1 suffers from denial of service vulnerabilities. Exploit included.
9d9e673eee5c1ce184752800c40c16a06d773e5a251dffdd15ceaf0a2a965042
Ghost Recon Advanced Warfighter versions 1 and 2 suffer from integer and array indexing overflows.
d973bcc1e6529953596abb97784dab67f32422d00caf4533203eb9fcab4cab84
The Refractor 2 engine in Battlefield 2 versions 1.50 and below and Battlefield 2142 versions 1.50 and below suffers from multiple arbitrary file upload vulnerabilities. Exploit included.
c719436be31cc3d812b256a0566b6669d91a7366594c74a49b5940eb5ce70c97
Qt versions 4.6.3 and below suffer from a remote denial of service vulnerability. Exploit included.
a98ad307a19189b74621d8afdcf89966c842795c15ee9ef0845f54e7ed9b8ae5
Remote exploit for SAP MaxDB versions 7.6.03 build 007 and below which suffer from a pre-authentication remote code execution vulnerability. This version has been updated by FortConsult A/S to use the same byte code as the Nessus plugin.
05af56508525edf0cf99ea659ff6d05ca91fd9083283f2d88a196e7beafa974b
This Metasploit module exploits a buffer overflow in the header parsing of icecast, discovered by Luigi Auriemma. Sending 32 HTTP headers will cause a write one past the end of a pointer array.
f52566cdec54b398c8bf936c7c78edca800747f33139bbed5058021572328958
UDPSZ is a simple proof of concept exploit/tool for spoofing UDP.
e8042b84d8869853e556af1e563425d40d6be10c6bc20ebe6ae535458a135f23
America's Army 3 versions 3.0.5 and below suffer from an endless packet looping vulnerability.
cc12aed70ab266df042298956c3516806327ca54a06e4cd885e9b01d6b5f7a43
America's Army 3 versions 3.0.5 and below suffer from resource consumption and crash vulnerabilities.
436dc7355cb5fcab14d683b579c77e9406c373195bab6416c1280d2890f812ad
America's Army 3 versions 3.0.4 and below suffer from a null pointer vulnerability.
3acfb90412f07f7f8f0f99747a102e8c481be969db2fe902334f360e2dba9822
Unreal Tournament v1.3 (build 3601 and 3614) suffer from a directory traversal in the web interface.
17218c9d1f467e7dd29ba5fb2bb0ee6793d87e3757a1e1aff9b2b1d9d7d13482
Server shutdown exploit for Unreal Engine which suffers from a failed assertion vulnerability.
b7e7f1463c21f51de7f49c1f903f44cdd78632aa54a69a21b30c8bf88a042f62
Unreal Engine suffers from a failed assertion vulnerability that allows for server shutdown.
83af6f51a1662c1603b02411ceb0ebbbaeea83057640b31febbbbed85f5c3498
The Unreal engine is affected by some format string vulnerabilities which can be exploited by a malicious server when the victim client connects to it. The main format string can be exploited through a malformed CLASS parameter of the DLMGR command but another one seems to be exploitable through the forcing of the download of a malformed package (PKG). Some older games instead can be exploited through a malformed LEVEL parameter of the WELCOME command. The bug is caused by the calling of _vsnwprintf_s or _vsnwprintf for building an error message to visualize to the user (for example for a missing class) using a max size of 4 kilobytes and, naturally, without passing the needed format argument. All related exploit code is included in this tarball.
863f67850b55e9c9c3297e5e56a9c2c5c4cb9c1adea759190bb77fe1d9feaa1b
Unreal engine 3 remote denial of service exploit that leverages a failed memory allocation vulnerability.
085f6e99f790ab5b50851dcc299a7b582152c776dedb75e44dd63093bef86737