Eznet v3.5.0 and below remote stack overflow exploit which includes shell code that downloads and runs an executable from a web server.
764cf4e0bf5f01b4ed6cff73b4071a15737bdaddab4b8c634e3fcbdaa9e41918Eznet v3.5.0 and below contains a stack overflow in eZnet.exe which can be exploited in a GET request to SwEzModule.dll.
f6257c897987cc1e3d11a346e0c9313375ab796a397fcf72b2e85cc15cd1b584eZphotoshare has multiple overflow vulnerabilities that allow remote code execution from a heap corruption in ntdll.dll and the ability to overwrite important saved values via vulnerable code in mfc42.dll.
b12e004365a61fc7f59fbe522739cc9cd0248db2cc93c71f0a27f7a07e9476f2IA WebMail Server v3.1 and below (iaregdll.dll version 1.0.0.5) remote exploit in perl. Tested against Windows XP Home SP1 and Windows 2000 Pro SP4. Included shellcode downloads netcat and spawns a shell.
46b9847fb05761825572db77b563585c6c829d08fe1ddd7ba09ddacbc98ff73bIA WebMail Server versions 3.1 and below from True North Software are vulnerable to a stack-based buffer overflow via its HTTP GET request header. This overflow can lead to a denial of service and remote code execution.
4ee7d2ce7cd21185e891a868872e9582aff0036983de46858eed8983a8b50341OmniCon WinShadow version 2.0 exploit that makes use of a buffer overflow in the client handling of hostnames in host files.
86813402c8fb4dfc3ce919ffaaa3d42a89d9a501b49144029fa04d5764e3e764Generic Windows XP URL download and execute shellcode.
a34c8afa73948e9a867355665d03c33149372aaa3f3bfd06d5782544de061ed0Minihttpserver 1.x Host Engine is susceptible to a directory traversal attack and has a login parsing flaw that allows a remote attacker to gain administrative privileges.
c3811137432dca7f6b3480030b9e97885c8de1ef80de534902b0ea664f882952WAM! FTP Server version 1.0.4.0 for Windows is susceptible to a directory traversal that allows a remote attacker to break out of the restricted root and download any file on the system.
2e6731198e30d3571d5619bf3047d785bb7909b2bc3946b3f18ad6bc1e61d654EF Commander versions 3.54 and below are vulnerable to various buffer overflows that can allow for remote arbitrary code execution.
4b6a103daedde0838356670bb130997652d09b35383a7ead54a7b31c2bb79a60Simple Windows XP shellcode for command execution.
7fede52a4ac15b3ba497f67cea81a03a018ab5ff550446329d9c39fb97250393Simple shellcode that allows command execution on Microsoft Windows platforms.
a5a6d5c1a064493d07a7279f0875d3e18e7199ccc79e6c56780408cd1ef3e18cThe TurboFTP client version 3.85 Build 304 is vulnerable to a buffer overflow attack from a malicious FTP server that can result in a denial of service and possibly remote command execution.
f666e3f6258f9bbb643fec3e3b0a1981eba0a2e3fab1c7aec152a14da0621a2dProof of concept exploit for IglooFTP PRO 3.8 and possibly earlier versions. This package suffers from multiple client side vulnerabilities including the banner, username, password, and account SMTP parameters.
012f188e05c0cd48ca2d55347c1fef1243732b738b287ec3f6b9007ffa7a13f5IglooFTP PRO 3.8 and possibly earlier versions suffers from multiple client side vulnerabilities including the banner, username, password, and account SMTP parameters. Related proof of concept exploit here.
be6ba59a065b4bbfe9a8f5feb2cda1345218b4d6b7fbaca76ce60f31f06aaf3dP-News versions 1.6 is vulnerable to a privilege escalation attack by allowing a remote attacker to populate strings with the | used for delimiting data stored about the account.
03e639c42ea8d778ec18f23eea9b43452efd029c4da46aeeeead26e57884221bPoster version.two, the PHP news posting system, suffers from a vulnerability in the index.php file that allows a user to edit their account. Since the user is allowed to change the embedded information in the code, they can achieve privilege escalation to an administrative level.
dc71044533eb04ee5b535377f6bf7916a5d9ffba89345827b2c427c81a5b49dc
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed