the original cloud security
Showing 176 - 200 of 401 RSS Feed

Operating System: Windows XP

Microsoft IIS ISAPI w3who.dll Query String Overflow
Posted Nov 26, 2009
Authored by H D Moore | Site metasploit.com

This Metasploit module exploits a stack overflow in the w3who.dll ISAPI application. This vulnerability was discovered Nicolas Gregoire and this code has been successfully tested against Windows 2000 and Windows XP (SP2). When exploiting Windows XP, the payload must call RevertToSelf before it will be able to spawn a command shell.

tags | exploit, overflow, shell
systems | windows, 2k, xp
advisories | CVE-2004-1134
MD5 | 89125aafc4fb654536650e438ab573ca
Windows XP Pro SP2 English Message-Box Shellcode
Posted Nov 18, 2009
Authored by Aodrulez

16 bytes small Message-Box shellcode for Windows XP Pro SP2 English.

tags | shellcode
systems | windows, xp
MD5 | bddac642175c894755dc9cbebeac6188
Windows XP Pro SP2 English Wordpad Shellcode
Posted Nov 5, 2009
Authored by Aodrulez | Site aodrulez.blogspot.com

12 bytes small Windows XP Pro SP2 English Wordpad shellcode.

tags | shellcode
systems | windows, xp
MD5 | 4a6b1d04c6741ef0ed4857dc146ba552
iDEFENSE Security Advisory 2009-10-28.1
Posted Oct 28, 2009
Authored by iDefense Labs, regenrecht | Site idefense.com

Remote exploitation of a buffer overflow in the Mozilla Foundation's libpr0n image processing library allows attackers to execute arbitrary code. The libpr0n GIF parser was designed using a state machine which is represented as a series of switch/case statements. One particularly interesting state, 'gif_image_header', is responsible for interpreting a single image/frame description record. A single GIF file may contain many images, each with a different color map associated. The problem lies in the handling of changes to the color map of subsequent images in a multiple-image GIF file. Memory reallocation is not managed correctly and can result in an exploitable heap overflow condition. iDefense confirmed the existence of this vulnerability using Mozilla Firefox versions 3.0.13 and 3.5.2 on 32-bit Windows XP SP3. Other versions, and potentially other applications using libpr0n, are suspected to be vulnerable.

tags | advisory, remote, overflow, arbitrary
systems | windows, xp
advisories | CVE-2009-3373
MD5 | 44a92ee1872b49c79818d60937028c4a
Spider Solitaire Local Crash
Posted Oct 15, 2009
Authored by SirGod

Spider Solitaire local crash proof of concept exploit for Windows XP SP2.

tags | exploit, local, proof of concept
systems | windows, xp
MD5 | cd0e6c2fb6d427fee9e324cda7c58cdb
iDEFENSE Security Advisory 2009-10-13.3
Posted Oct 15, 2009
Authored by iDefense Labs, wushi | Site idefense.com

iDefense Security Advisory 10.13.09 - Remote exploitation of a heap based buffer overflow vulnerability in Microsoft Corp.'s Windows GDI+ could allow an attacker to execute arbitrary code with the privileges of the current user. This vulnerability occurs when parsing a malformed TIFF file. By supplying incorrect values in a BitsPerSample tag, it is possible to trigger a heap based buffer overflow. iDefense has confirmed the existence of this vulnerability in Windows XP Service Pack 2. Please see the Microsoft bulletin for additional details on affected software.

tags | advisory, remote, overflow, arbitrary
systems | windows, xp
advisories | CVE-2009-2502
MD5 | 037a2ae7e6363cd67887b56ed4afdfbf
Web-Based Firewall Logging Tool 0.94
Posted Oct 15, 2009
Authored by Bob Hockney | Site webfwlog.sourceforge.net

Webfwlog is a Web-based firewall log reporting and analysis tool. It allows users to design reports to use on logged firewall data in whatever configuration they desire. Included are sample reports as a starting point. Reports can be sorted with a single click, or "drilled-down" all the way to the packet level, and saved for later use. Supported log formats are netfilter, ipfilter, ipfw, ipchains, and Windows XP. Netfilter support includes ulogd MySQL or PostgreSQL database logs using the iptables ULOG target.

Changes: This is a maintenance release, mostly to fix numerous but harmless PHP notice-level messages.
tags | tool, web, firewall
systems | linux, windows, xp
MD5 | 5af2fbbd36b039c004592e9dbf10ccc1
httpdx 1.4 Buffer Overflow Exploit
Posted Oct 8, 2009
Authored by Pankaj Kohli | Site pank4j.com

httpdx web server version 1.4 if vulnerable to a remote buffer overflow vulnerable when supplied a long GET request. Exploit is written for httpdx 1.4 on Windows XP SP3 and binds a shell to port 58821.

tags | exploit, remote, web, overflow, shell
systems | windows, xp
MD5 | 00b412c87dc078e5022add43ffd4f5c3
Mozilla Firefox 2.0.0.16 Buffer Overflow
Posted Sep 15, 2009
Authored by Dominic Chell

Mozilla Firefox version 2.0.0.16 Windows XP SP3 UTF-8 URL buffer overflow exploit that has adduser shellcode.

tags | exploit, overflow, shellcode
systems | windows, xp
MD5 | e9e51b094746ef393b54a280e1c3608f
Microsoft TCP/IP Orphaned Connections
Posted Sep 10, 2009
Authored by Fabian Yamaguchi | Site recurity-labs.com

The TCP/IP-Stack of the Microsoft Windows XP/Vista Operating System is vulnerable to a remote resource exhaustion vulnerability. By taking advantage of this vulnerability, an attacker can cause a connection's Transmission Control Block (TCB) to remain in memory for an indefinite amount of time without the need for the attacker to further maintain the connection's activity.

tags | advisory, remote, tcp
systems | windows, xp
advisories | CVE-2009-1926
MD5 | a6db4b7c9fc168d5c98697fc58b7a950
41 Bytes notepad.exe Shellcode
Posted Aug 28, 2009
Authored by Inj3ct0r | Site Inj3ct0r.com

41 bytes small notepad.exe shell for Microsoft Windows XP SP2 (FR).

tags | shell, shellcode
systems | windows, xp
MD5 | 21e4233ab91deb6b5a06c9420b185974
MS Wordpad Local Crash
Posted Aug 13, 2009
Authored by murderkey

Microsoft Wordpad on Windows XP SP3 memory exhaustion exploit.

tags | exploit
systems | windows, xp
MD5 | 3eb8df16e20b39d7e49e370ac23f8899
Microsoft Windows XP SP2/SP3 win32k.sys Privilege Escalation
Posted Aug 5, 2009
Authored by Alex from NT Internals | Site ntinternals.org

Local privilege escalation exploit for Microsoft Windows XP SP2/SP3 that leverages win32k.sys versions 5.1.2600.5796 and below.

tags | exploit, local
systems | windows, xp
MD5 | 780b542699a59c77a258625b0a66bd53
Microsoft Office Web Active-X Exploit
Posted Jul 21, 2009
Authored by Ahmed Obied

Microsoft Office Web Components Active-X related buffer overflow proof of concept exploit. The author tested on Internet Explorer 7.0.5730.13 on Windows XP SP3 with owc10.dll and owc11.dll installed. Written in Python.

tags | exploit, web, overflow, activex, proof of concept, python
systems | windows, xp
MD5 | fdfee884f2199dcd8d35babc3f82e6ab
iDEFENSE Security Advisory 2009-07-14.1
Posted Jul 16, 2009
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 07.14.09 - Remote exploitation of a heap based buffer overflow vulnerability in Microsoft Corp.'s Embedded OpenType Font Engine (T2EMBED.DLL) could allow an attacker to execute arbitrary code with the privileges of the current user. During the processing of a malicious OpenType Font, an integer truncation issue can occur on a specific length value. This can result in a large overwrite of the heap using attacker controlled data. The attacker may gain arbitrary execution control by overwriting specific data structures on the heap, such as an object virtual function table. iDefense has confirmed the existence of this vulnerability in the Embedded OpenType Font Engine for Windows Vista SP1 (T2EMBED.DLL version 6.0.6001.18000) and Windows XP SP3 (T2EMBED.DLL version 5.1.2600.5512). Previous versions may also be affected.

tags | advisory, remote, overflow, arbitrary
systems | windows, xp, vista
advisories | CVE-2009-0231
MD5 | 779aa063fcc7380f50da5a7045798bbc
Digital Defense VRT Advisory 2009.26
Posted Jul 13, 2009
Authored by Digital Defense, r@b13$, Geoff Humes | Site digitaldefense.net

The login screen of the LogRover web interface is vulnerable to a SQL Injection which can allow remote attackers to login to the system via an authentication bypass. Version 2.3 for Windows XP is affected.

tags | advisory, remote, web, sql injection
systems | windows, xp
MD5 | fc9466d2f2152310983fd8cd729634fd
Windows XP-SP3 Beep And Exit Process Shellcode
Posted Jul 1, 2009

Microsoft Windows XP SP3 beep and exitprocess shellcode.

tags | shellcode
systems | windows, xp
MD5 | 6969e8a23b9099eaabed2ac407b0fc15
Bopup Communications Server Buffer Overflow
Posted Jun 29, 2009
Authored by His0k4

Remote buffer overflow exploit for the Bopup Communications Server version 3.2.26.54.60. Tested on Microsoft Windows XP SP3.

tags | exploit, remote, overflow
systems | windows, xp
MD5 | cc085236892f5d4e7b47ea55ba59aaa7
Green Dam 3.17 URL Buffer Overflow
Posted Jun 12, 2009
Authored by Seer[N.N.U]

Green Dam version 3.17 remote buffer overflow exploit with shellcode for Microsoft Windows XP SP2.

tags | exploit, remote, overflow, shellcode
systems | windows, xp
MD5 | 2ac42bc0f4fcc7875f9623dabf2a3e2d
iDEFENSE Security Advisory 2009-06-09.2
Posted Jun 11, 2009
Authored by iDefense Labs, Jun Mao | Site idefense.com

iDefense Security Advisory 06.09.09 - Remote exploitation of a stack buffer overflow vulnerability in Microsoft Corp.'s Windows 2000 operating system could allow an unauthenticated attacker to execute arbitrary code with system-level privileges. This vulnerability exists in the EnumeratePrintShares function in win32spl.dll. The vulnerable function does not correctly validate the length of the printer server's response. When a malformed response is received from the printer server, the stack buffer can be overflowed, resulting in an exploitable condition. iDefense has confirmed the existence of this vulnerability in win32spl.dll version 5.00.2195.7054, as included in Windows 2000 Service Pack 4, with all available patches as of September 2008. All previous versions are suspected vulnerable. Windows XP SP2 and later versions of Windows are not affected.

tags | advisory, remote, overflow, arbitrary
systems | windows, 2k, xp
advisories | CVE-2009-0228
MD5 | 84dfab800df1a2f61408093d471034c2
Windows XP SP1 Generate Portbind Shellode
Posted Jun 9, 2009
Authored by Jonathan Salwan | Site shell-storm.org

This is a utility to generate portbinding shellcode payload for Windows XP/SP1.

tags | shellcode
systems | windows, xp
MD5 | 39358d1522aecdcd0da580256a90b5c4
iDEFENSE Security Advisory 2009-04-14.2
Posted Apr 15, 2009
Authored by iDefense Labs, Sean Larsson, Jun Mao | Site idefense.com

iDefense Security Advisory 04.14.09 - Remote exploitation of a stack buffer overflow vulnerability in Microsoft Corp.'s WordPad could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when parsing the content of a Word97 format file. When reading in the data, the code uses a 32-bit integer from the file to check a buffer length while using the lower 16-bit value to do the actual copy. This results in a stack buffer overflow. This stack buffer is overwritten with data from the file. iDefense has confirmed the existence of this vulnerability in Wordpad on Windows 2000 SP4. Windows XP SP3 is not affected. Vista and Server 2008 are not affected as they no longer contain the Word97 converter.

tags | advisory, remote, overflow, arbitrary
systems | windows, 2k, xp
advisories | CVE-2009-0235
MD5 | 6d1e854873fc0efe59cf75d35001e497
JRE unpack200 Exploit
Posted Apr 3, 2009
Authored by 0day.service

JRE Update 11/12 Pack 200 exploit for Windows XP.

tags | exploit
systems | windows, xp
MD5 | 4e30bd369c8c67952f1488f7407c8cd2
CDex 1.70b2 Buffer Overflow
Posted Mar 19, 2009
Authored by Nine:Situations:Group | Site retrogod.altervista.org

CDex version 1.70b2 local buffer overflow exploit that creates a malicious .ogg file. Written for Windows XP SP3.

tags | exploit, overflow, local
systems | windows, xp
MD5 | 14a9a7ff6ef788c2a63953b05d7a1c24
iDEFENSE Security Advisory 2009-03-17.1
Posted Mar 18, 2009
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 03.17.09 - Remote exploitation of a stack-based buffer overflow in Autonomy Inc's KeyView SDK allows attackers to execute arbitrary code with the privileges of the current user. This vulnerability exists within the "wp6sr.dll" which implements the processing of Word Perfect Documents. When processing certain records, data is copied from the file into a fixed-size stack buffer without ensuring that enough space is available. By overflowing the buffer, an attacker can overwrite control flow structures stored on the stack. iDefense confirmed that this vulnerability exists within Lotus Notes 8 installed on a Windows XP SP3 machine. All applications which utilize the Autonomy KeyView SDK to process Word Perfect Documents are suspected to be vulnerable.

tags | advisory, remote, overflow, arbitrary
systems | windows, xp
advisories | CVE-2008-4564
MD5 | f108b1538a97e95c3da65394ca775b80
Page 8 of 16
Back678910Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close