The Nvidia Mental Ray Satellite Service listens for control commands on port 7414. When it receives the command to load a DLL (via an UNC path) it will try to connect back to the host on port 7514. If a TCP connection is successful it will then attempt to load the DLL. This Metasploit module has been tested successfully on Win7 x64 with Nvidia Mental Ray Satellite Service v3.11.1.
d20a1acb01b0356c8f7a9dfb93f9f6c186f8a9c91ae2ee919bd91f597ae8afefThis paper details a vulnerability affecting NVIDIA mental ray, which allows an attacker to take control over a mental ray based render farm.
775f48d6630d6aac147c8f09fc15e01a82cf693584d38a901be40b58fff0f320This paper details several issues affecting different game engines. All the vulnerabilities discussed in this paper are 0-days, at time of writing. This paper has been released as a companion paper along with the authors' talk Exploiting Game Engines For Fun And Profit presented at the NoSuchCon conference.
d6ecd8f4c602a765dcc75745f021e2021968f2607ffd8bafed3a506e1bda08edThis presentation discusses what to look for and how to go about exploiting game engines.
19c17c8c8f9f909e61f6f1dc27550abd5f28f40ed4090d437df048b0efb363afIn this paper the authors uncover and demonstrate an interesting way to convert local bugs and features in remotely exploitable security vulnerabilities by using the well known EA Origin platform as an attack vector against remote systems. The attack proposed in this paper is similar to the attack targeting the Steam platform that they detailed in their previous research. The Origin attack detailed in this paper affects more than 40 million Origin users.
49def0264cec468ffef03ccdced1ff431068dffff126aca570d55caf707dd49fThis paper describes a pre-auth server-side NULL pointer dereference vulnerability in Call Of Duty: Modern Warfare 3, which is due to an issue related to the DemonWare6 query packets. This vulnerability can be exploited to perform Denial of Service (DoS) attacks against game servers.
1db66d6df1c094eebc40c0809e56c80069be073ae8a823feafea42632a3104daIn this paper the authors uncover and demonstrate a novel and interesting way to convert local bugs and features in remotely exploitable security vulnerabilities by using the well known Steam3 platform as an attack vector against remote systems.
57c4272e83ee441c391a6f412f9d691391e59e3704ad2da10b6aa6bdd6606b73DirectContact version 0.3b is susceptible to a classic directory traversal attack.
34922012bb4c31ade3163c42cd6ddfec78315b1faa3a02f8841fd373069632e5Home FTP Server version 1.0.7 b45 suffers from information disclosure and directory traversal flaws.
7851cce7cc1179707f46cc1835af116df83aa2c4ba71b04748ea12bd45069870WinFTP Server version 1.6.8 suffers from a Unicode buffer overflow.
ab27d046e0f4447dc1ecf476c43ed829dad3671be63c87b0b1920cc65e40a8c5SimpleCam 1.2 suffers from a directory traversal flaw.
d4e58f065d5c7588a794c9e5395507eab6a319a2473bb1d69625b852d95f74e6Video Cam Server version 1.0.0 is susceptible to a directory traversal attack.
ada3a5328ddaa14bdc136ad11e095dc6ab58a6c24f3b0f31394aa705cb84dc7dYawcam 0.2.5 suffers from a directory traversal flaw.
b182d057b90cd3f81c55e8e073477556ee02a409f252428b6e2bfb479dd98c59RaidenHTTPD version 1.1.27 is susceptible to a directory traversal flaw where any file can be extracted from the disk partition where the httpd is installed.
269edca2c20fc62296721fc364efa750631965f3d26ff48a5c321679256841a2LANChat Pro Revival 1.666c suffers from a denial of service flaw due to a mishandling of malformed UDP packets.
76f66f7589c9c61cc5603217be57359f569333d4150f25b8af167f515dde5784yacy version 0.31 is susceptible to a cross site scripting attack.
d64d8c10568564ba1a5c218da503bc0f39e78f0f0dfa75004c3a458b24efa51fProof of concept exploit for a buffer overflow vulnerability that exists in Open Dc Hub version 0.7.14.
8258ae931f345dbb3993fba33e50fa99806a19f8996a9b591ba1f150a0fb65d9A buffer overflow exists in the Open Dc Hub program that allows for arbitrary code execution. Version 0.7.14 is affected.
5d7728d7a1361bced3f0c6e6bc6738ad15502e921eb3164f0124e62d24c94b98ParaChat server version 5.5 is susceptible to a directory traversal attack.
dc2d73d8a10c1ee9e0c6d1f19a2dd02664444349c0c58c5ea495325c5a299b7aBird Chat version 1.61 is susceptible to a denial of service attack.
3fd39ba61940268943a877e48620af76ea13d357c808d10f8725f4e5f0bf3a91Free Web Chat suffers from both denial of service and resource allocation bugs.
b362a9f9b51a02212145eb681c34e6703a1ce8028a93fa4e37eeca36ea288982When over 40 connections are made to Webbsyte 0.9.0, the service crashes.
12c2dcce1b42eb0808a9da9ec432387ab867d5469e37f8251f8f8ea3d4e6ff6412Planet Chat server version 2.9 suffers from a cross site scripting flaw.
8a592ed48bd7f885d4a341fdf4cfd031d08dea96ce06367a38a213f087a3115bSCI Photo Chat Server version 3.4.9 is susceptible to a cross site scripting vulnerability.
8575e09aa1bcbc883017a75c4aa4d09bca783a470652829a1020c77a2876379eEasy Chat Server version 1.2 is susceptible to multiple denial of service vulnerabilities.
c14351e99bc7c75e715099537ef5a044db63e359260141a3b392bcedcdb5a32d
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed