exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 28 RSS Feed

Files

ddc152.zip
Posted Sep 17, 1999

Client (command line) v1.52 Archive password is set to p4ssw0rd. Use at your own risk.

tags | trojan
SHA-256 | 5ce0f7b9d3b0d1deb42e35ddc3fed01b8918b94b631f38a36de2328143e92116

Related Files

Ubuntu Security Notice USN-6146-1
Posted Jun 8, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6146-1 - It was discovered that Netatalk did not properly validate the length of user-supplied data in the DSI structures. A remote attacker could possibly use this issue to execute arbitrary code with the privileges of the user invoking the programs. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. It was discovered that Netatalk did not properly validate the length of user-supplied data in the ad_addcomment function. A remote attacker could possibly use this issue to execute arbitrary code with root privileges. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.

tags | advisory, remote, arbitrary, root
systems | linux, ubuntu
advisories | CVE-2021-31439, CVE-2022-0194, CVE-2022-23121, CVE-2022-23122, CVE-2022-23123, CVE-2022-23124, CVE-2022-23125, CVE-2022-43634, CVE-2022-45188
SHA-256 | 0a3668c0e69cd8ae683363baf9ba82938a5c5b1456134e2145fda35db4ca4ee9
pyLoad js2py Python Execution
Posted Feb 22, 2023
Authored by Spencer McIntyre, bAu | Site metasploit.com

pyLoad versions prior to 0.5.0b3.dev31 are vulnerable to Python code injection due to the pyimport functionality exposed through the js2py library. An unauthenticated attacker can issue a crafted POST request to the flash/addcrypted2 endpoint to leverage this for code execution. pyLoad by default runs two services, the primary of which is on port 8000 and can not be used by external hosts. A secondary Click N Load service runs on port 9666 and can be used remotely without authentication.

tags | exploit, code execution, python
advisories | CVE-2023-0297
SHA-256 | d86b89ccd29b81ac570725e1b71f96f42350980adb191ce14634207100bc2450
WordPress DFD Reddcoin Tips 1.1.1 Cross Site Scripting
Posted Nov 14, 2017
Authored by Ricardo Sanchez

WordPress DFD Reddcoin Tips plugin version 1.1.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | f3d4f0a0ee98d629ac02048da08e3e6ae00110db815e2b61128a50cb6090f735
OSMetaClassBase:safeMetaCast Return Value Check Fail
Posted Jan 27, 2016
Authored by Google Security Research, Ian Beer

IOUserClient::connectClient is an obscure IOKit method which according to the docs is supposed to "Inform a connection of a second connection." In fact IOKit provides no default implementation and only a handful of userclients actually implement it, and it's pretty much up to them to define the semantics of what "informing the connection of a second connection" actually means. One of the userclients which implements connectClient is IOAccelContext2 which is the parent of the IGAccelContext userclient family (which are the intel GPU accelerator userclients.) IOUserClient::connectClient is exposed to userspace as IOConnectAddClient.

tags | exploit
systems | linux
advisories | CVE-2015-6996
SHA-256 | e6b28ef3cbbacff31eb961ab63d921cbf6e4a18a44fb51c2925eaa646004d804
Mandriva Linux Security Advisory 2015-013
Posted Jan 8, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-013 - Multiple vulnerabilities were reported in ZNC version 1.0 which can be exploited by malicious authenticated users to cause a denial of service. These flaws are due to errors when handling the editnetwork, editchan, addchan, and delchan page requests; they can be exploited to cause a NULL pointer dereference. Adding an already existing channel to a user/network via web admin in ZNC causes a crash if the channel name isn't prefixed with '#'.

tags | advisory, web, denial of service, vulnerability
systems | linux, mandriva
advisories | CVE-2013-2130, CVE-2014-9403
SHA-256 | 970e71d6039b6c18059f5ee8e560e681756bf406a5d8978414539c119729de1c
Mandriva Linux Security Advisory 2012-087
Posted Jun 5, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-087 - Buffer overflow in the addchar function in common/parseconf.c in upsd in Network UPS Tools before 2.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (electric-power outage) via a long string containing non-printable characters. The updated packages have been patched to correct this issue.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2012-2944
SHA-256 | 59c537bfb95b209de0cd8108e1c6f0a217ece674644b5d8578659d35b090558d
Zero Day Initiative Advisory 11-307
Posted Oct 26, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-307 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists because Java does not sufficiently verify parameters certain functions. The function MixerSequencer.nAddControllerEventCallback fails to check for negative index numbers before writing user supplied data into a static array. This allows a malicious applet to write user controlled data outside the array boundaries resulting in remote code execution under the context of the current user.

tags | advisory, java, remote, arbitrary, code execution
advisories | CVE-2011-3545
SHA-256 | 060a302119a9b97e9bbab4d11daf2343cda725d77cd345adbb06190183d3233f
Microsoft WMI Administration Tools ActiveX Buffer Overflow
Posted Dec 22, 2010
Authored by MC, jduck, WooYun | Site metasploit.com

This Metasploit module exploits a memory trust issue in the Microsoft WMI Administration tools ActiveX control. When processing a specially crafted HTML page, the WEBSingleView.ocx ActiveX Control (1.50.1131.0) will treat the 'lCtxHandle' parameter to the 'AddContextRef' and 'ReleaseContext' methods as a trusted pointer. It makes an indirect call via this pointer which leads to arbitrary code execution. This exploit utilizes a combination of heap spraying and the .NET 2.0 'mscorie.dll' module to bypass DEP and ASLR. This Metasploit module does not opt-in to ASLR. As such, this module should be reliable on all Windows versions.

tags | exploit, arbitrary, code execution, activex
systems | windows
advisories | OSVDB-69942
SHA-256 | 2fbd749099ccbb1eb6187af91f72d8f6bdafd96cce71ee281207ddc8baca9110
mBlogger 1.0.04 Cross Site Scripting
Posted Sep 6, 2010
Authored by Ptrace Security

mBlogger version 1.0.04 addcomment.php persistent cross site scripting exploit.

tags | exploit, php, xss
SHA-256 | f6f75356b9d51e39254a83f1e0276f29fd2c2355aac7b4a3fa904f4ddb1edc6d
Mandriva Linux Security Advisory 2010-140
Posted Jul 28, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-140 - This is a maintenance and security update that upgrades php to 5.3.3 for 2010.0/2010.1. Rewrote var_export() to use smart_str rather than output buffering, prevents data disclosure if a fatal error occurs. Fixed a possible resource destruction issues in shm_put_var(). Fixed a possible information leak because of interruption of XOR operator. Fixed a possible memory corruption because of unexpected call-time pass by reference and following memory clobbering through callbacks. Fixed a possible memory corruption in ArrayObject::uasort(). Fixed a possible memory corruption in parse_str(). Fixed a possible memory corruption in pack(). Fixed a possible memory corruption in substr_replace(). Fixed a possible memory corruption in addcslashes(). Fixed a possible stack exhaustion inside fnmatch(). Fixed a possible dechunking filter buffer overflow. Fixed a possible arbitrary memory access inside sqlite extension. Fixed string format validation inside phar extension. Fixed handling of session variable serialization on certain prefix characters. Fixed a NULL pointer dereference when processing invalid XML-RPC requests. Fixed SplObjectStorage unserialization problems. Fixed possible buffer overflows in mysqlnd_list_fields, mysqlnd_change_user. Fixed possible buffer overflows when handling error packets in mysqlnd. Additionally some of the third party extensions and required dependencies has been upgraded and/or rebuilt for the new php version.

tags | advisory, overflow, arbitrary, php
systems | linux, mandriva
advisories | CVE-2010-2531, CVE-2010-0397, CVE-2010-2225
SHA-256 | 263282a55164e1c13bdc2969faf4e31379a529b35efca4398c0ecb9b5e04c31a
Mandriva Linux Security Advisory 2010-139
Posted Jul 27, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-139 - This is a maintenance and security update that upgrades php to 5.2.14 for CS4/MES5/2008.0/2009.0/2009.1. Rewrote var_export() to use smart_str rather than output buffering, prevents data disclosure if a fatal error occurs. Fixed a possible interruption array leak in strrchr(). Fixed a possible interruption array leak in strchr(), strstr(), substr(), chunk_split(), strtok(), addcslashes(), str_repeat(), trim(). Fixed a possible memory corruption in substr_replace(). Fixed SplObjectStorage unserialization problems. Fixed a possible stack exhaustion inside fnmatch(). Fixed a NULL pointer dereference when processing invalid XML-RPC requests. Fixed handling of session variable serialization on certain prefix characters. Fixed a possible arbitrary memory access inside sqlite extension. Reported by Mateusz Kocielski. Additionally some of the third party extensions has been upgraded and/or rebuilt for the new php version.

tags | advisory, arbitrary, php
systems | linux, mandriva
advisories | CVE-2010-2484, CVE-2010-2225, CVE-2010-0397, CVE-2010-2531
SHA-256 | ebb87718bcfb837ddb1778560e0e7d8acfd8aa738446314fbcafa2464569d551
MOPS-2010-006 - PHP addcslashes() Interruption Information Leak
Posted May 11, 2010
Authored by Stefan Esser | Site php-security.org

Month Of PHP Security - PHP addcslashes() Interruption Information Leak Vulnerability. PHP versions 5.2.13 and below and 5.3.2 and below are affected.

tags | exploit, php
SHA-256 | f6746f43dfc72d30fc8e08e9f054b30111e25a63d28fcbb7a542dcf629c5ac63
VideoLAN Client (VLC) Win32 smb:// URI Buffer Overflow
Posted Feb 15, 2010
Authored by jduck | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow in the Win32AddConnection function of the VideoLAN VLC media player. Versions 0.9.9 throught 1.0.1 are reportedly affected. This vulnerability is only present in Win32 builds of VLC. This payload was found to work with the windows/exec and windows/meterpreter/reverse_tcp payloads. However, the windows/meterpreter/reverse_ord_tcp was found not to work.

tags | exploit, overflow
systems | windows
advisories | CVE-2009-2494
SHA-256 | a3aa0c6ca5cd47caa7c0c765b71284dcfa7bcc0b1f90d243d75f975cddf960c3
CA BrightStor ARCserve Backup AddColumn() ActiveX Buffer Overflow
Posted Nov 26, 2009
Authored by dean | Site metasploit.com

The CA BrightStor ARCserve Backup ActiveX control (ListCtrl.ocx) is vulnerable to a stack-based buffer overflow. By passing an overly long argument to the AddColumn() method, a remote attacker could overflow a buffer and execute arbitrary code on the system.

tags | exploit, remote, overflow, arbitrary, activex
advisories | CVE-2008-1472
SHA-256 | deda324d5d17fb5a0a5f8b8fcc9d39b55328a2faeca975767d3d6875b67d01d1
ddc-overflow.txt
Posted Jan 18, 2008
Authored by rgod | Site retrogod.altervista.org

Digital Data Communications RtspVaPgCtrl Class remote buffer overflow exploit that makes use of RtspVapgDecoder.dll version 1.1.0.29.

tags | exploit, remote, overflow
SHA-256 | af015133b5fb852204dcbe8a9e537fb0c262cb3e6f6a5107a22e3410079835b1
Gentoo Linux Security Advisory 200710-27
Posted Oct 25, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200710-27 - regenrecht reported multiple infinite loops in functions ReadDCMImage() and ReadXCFImage(), multiple integer overflows when handling certain types of images, and an off-by-one error in the ReadBlobString() function. Versions less than 6.3.5.10 are affected.

tags | advisory, overflow
systems | linux, gentoo
advisories | CVE-2007-4985, CVE-2007-4986, CVE-2007-4987, CVE-2007-4988
SHA-256 | eab1acd588148e6adf677900e62f05bdaf7074c1aa70850b6845ac89dbdd0b41
iDEFENSE Security Advisory 2007-09-19.3
Posted Sep 25, 2007
Authored by iDefense Labs, regenrecht | Site idefense.com

iDefense Security Advisory 09.19.07 - Remote exploitation of multiple denial of service vulnerabilities in ImageMagick, as included in various vendors' operating system distributions, allows attackers to consume excessive CPU resources on the target system. The first vulnerability exists in the ReadDCMImage() function. Since the return value of ReadBlobByte() is not properly checked, it can enter an infinite loop. The second vulnerability exists in the ReadXCFImage() function. Since the return value of ReadBlobMSBLong() is not properly checked, it can enter an infinite loop. iDefense Labs confirmed that ImageMagick version 6.3.4 is vulnerable. It is suspected that other versions of ImageMagick are also vulnerable.

tags | advisory, remote, denial of service, vulnerability
advisories | CVE-2007-4985
SHA-256 | 0a5c70db502c3a5cf0ea526562f6fa2b0f92c51300e22a74037a7ad48f2d63fc
Gentoo Linux Security Advisory 200705-13
Posted May 11, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200705-13 - iDefense Labs has discovered multiple integer overflows in ImageMagick in the functions ReadDCMImage() and ReadXWDImage(), that are used to process DCM and XWD files. Versions less than 6.3.3 are affected.

tags | advisory, overflow
systems | linux, gentoo
advisories | CVE-2007-1797
SHA-256 | 4b00eb3f21d36bc2732e635d2ac4b591b01b0967a343cf468344db2da2c66f6c
iDEFENSE Security Advisory 2007-03-31.1
Posted Apr 3, 2007
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 03.31.07 - Remote exploitation of several buffer overflow vulnerabilities in ImageMagick, as included in various vendors' operating system distributions, allows attackers to execute arbitrary code with the credentials used for image processing. An integer overflow exists ImageMagick's handling of DCM (Digital Imaging and Communications in Medicine) format files which allows an attacker to cause a heap-based buffer overflow. This vulnerability specifically exists in the ReadDCMImage() function. Two integer overflows exists ImageMagick's handling of XWD (X Windows Dump) format files that allows an attacker to cause a heap-based buffer overflow. The vulnerabilities specifically exist in the ReadXWDImage() function. An integer overflow could occur when calculating the amount of memory to allocate for the 'colors' or 'comment' field. iDefense has confirmed the existence of these vulnerabilities in ImageMagick version 6.3.x. Additionally, the source code for versions 6.3.1, 6.3.2, 6.3.3-3 and 6.2.9 contain the affected code. It is suspected that earlier versions of ImageMagick are also vulnerable.

tags | advisory, remote, overflow, arbitrary, vulnerability
systems | windows
SHA-256 | 56c8a5a660452e4edd55f8cf111ae151e2bbb5158e4cacb4bafc0360b92bed25
Gentoo Linux Security Advisory 200611-19
Posted Nov 27, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200611-19 - M. Joonas Pihlaja has reported that a boundary error exists within the ReadDCMImage() function of coders/dcm.c, causing the improper handling of DCM images. Pihlaja also reported that there are several boundary errors in the ReadPALMImage() function of coders/palm.c, similarly causing the improper handling of PALM images. Versions less than 6.3.0.5 are affected.

tags | advisory
systems | linux, gentoo
SHA-256 | eb03626dd75b41e22a1dd7f7a4714a958ea8b46bf360b20cc7dd3bc65b5c01c3
Gentoo Linux Security Advisory 200611-7
Posted Nov 14, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200611-07 - M. Joonas Pihlaja has reported that a boundary error exists within the ReadDCMImage() function of coders/dcm.c, causing the improper handling of DCM images. Pihlaja also reported that there are several boundary errors in the ReadPALMImage() function of coders/palm.c, similarly causing the improper handling of PALM images. Versions less than 1.1.7-r3 are affected.

tags | advisory
systems | linux, gentoo
SHA-256 | 6f9aa5deebf1f72365102310802a087c85cc9c7ea240a3ae42907b6041966175
Mandriva Linux Security Advisory 2006.193
Posted Nov 1, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-193: Multiple buffer overflows in GraphicsMagick before 1.1.7 and ImageMagick 6.0.7 allow user-assisted attackers to cause a denial of service and possibly execute execute arbitrary code via (1) a DCM image that is not properly handled by the ReadDCMImage function in coders/dcm.c, or (2) a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, mandriva
SHA-256 | a075da044882737ae4b41b0fff9c45e67b2bd7aa97983a7af8befb943fe5f1d3
nucleusCMSSQL.txt
Posted Jul 27, 2004
Authored by aCiDBiTS

Nucleus CMS version 3.01 addcoment/itemid SQL Injection Proof of Concept PHP exploit that dumps the username and md5 hash of the password for the administrator user.

tags | exploit, php, sql injection, proof of concept
SHA-256 | f381b9e4184efeb21af8394ab8bfa4585b0b12a1ecc75b4d37d1c396de95e22d
ddc_src.zip
Posted Oct 7, 1999

Donald Dick: Sources of Client (command line) v1.53. Archive password is set to p4ssw0rd. Use at your own risk.

tags | trojan
SHA-256 | 90c3eedafc87fbe2821752e54718b8ea655d8f3d35a57bcd4e1e208fdc4f07ac
ddc153.zip
Posted Oct 7, 1999

Donald Dick: Client (command line) v1.53. Archive password is set to p4ssw0rd. Use at your own risk.

tags | trojan
SHA-256 | eb28c962092e6bd51f8007307c3f5c76574be51c089045ae310b53aabc7a0f79
Page 1 of 2
Back12Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    7 Files
  • 23
    May 23rd
    111 Files
  • 24
    May 24th
    27 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    6 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close