what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

git-lfs Remote Code Execution
Posted Nov 6, 2020
Authored by Dawid Golunski

Proof of concept git-lfs remote code execution exploit written in Go. Affects Git, GitHub CLI, GitHub Desktop, Visual Studio, GitKraken, SmartGit, SourceTree, and more.

tags | exploit, remote, code execution, proof of concept
advisories | CVE-2020-27955
SHA-256 | 0c8177c46d702e8d2020c52ea4e282b0e930192714df192331520c8802c41440

Related Files

Drupal Hotblocks 6.x Cross Site Scripting
Posted Aug 15, 2012
Authored by Justin C. Klein Keane

Drupal version 6.22 with Hotblocks 6.x suffers from cross site scripting and denial of service vulnerabilities. Proof of concept information included.

tags | exploit, denial of service, vulnerability, xss, proof of concept
SHA-256 | 17fd7caf06fdac8c5a9e14bc764b6c00c9303d84f1395974dc92767ed9a8a7f2
Drupal Custom Publishing Options 6.x XSS
Posted Aug 15, 2012
Authored by Justin C. Klein Keane

Drupal version 6.22 with Custom Publishing Options version 6.x-1.4 suffers from a cross site scripting vulnerability. Proof of concept information included.

tags | exploit, xss, proof of concept
SHA-256 | 48dd91f8b89ca979ca8e11af83723a4ee087f9e15fcaa581b8d6f6470708cf67
Pure-FTPd 1.0.21 Denial Of Service
Posted Aug 14, 2012
Authored by Kingcope

Pure-FTPd version 1.0.21 crash proof of concept exploit that leverages a NULL pointer dereference.

tags | exploit, proof of concept
SHA-256 | c2280992211c9ea41ac2e2ddf61f4ee7e7455a52f000ddfb5f9302a7a81ccbc0
Oracle BTM Server 12.1.0.2.7 Remote Code Execution
Posted Aug 7, 2012
Authored by rgod | Site retrogod.altervista.org

Oracle Business Transaction Management Server version 12.1.0.2.7 suffers from a remote code execution vulnerability in the FlashTunnelService WriteToFile message. Proof of concept included.

tags | exploit, remote, code execution, proof of concept
SHA-256 | acb8d1760f5f38380a8cfd44a94ad8e001b2abf766fc39b9cc5f2f92f8d61758
AOL Products downloadUpdater2 Plugin SRC Parameter Remote Code Execution
Posted Aug 7, 2012
Authored by rgod | Site retrogod.altervista.org

AOL products downloadUpdater2 plugin suffers from a remote code execution vulnerability. Proof of concept included.

tags | exploit, remote, code execution, proof of concept
SHA-256 | 5dd419850203744eecbd83ce5e621ac6ad8521036c7ff6ea92f36ad34d871c9d
FreeBSD Kernel SCTP Denial Of Service
Posted Aug 3, 2012
Authored by Shaun Colley

The SCTP implementation used by FreeBSD ("reference implementation") is vulnerable to a remote NULL pointer dereference in kernel due to a logic bug. When parsing ASCONF chunks, an attempt is made to find an association by address. if the address found is INADDR_ANY, sctp_findassoc_by_vtag() is called and an attempt is made to find an association by vtag. Before searching for the vtag in a hash table, a pointer is set to NULL, with the intention of redefining it after finding the association. However, if the specified vtag is not found, the function returns and the ptr is never reinitialized, causing a kernel panic when the NULL pointer is later dereferenced by the SCTP_INP_DECR_REF macro when flow returns to sctp_process_control(). This is a proof of concept denial of service exploit.

tags | exploit, remote, denial of service, kernel, proof of concept
systems | freebsd
SHA-256 | 318b17b766a7c0e5fc891db3c6cd991c6323ae2a559c0d010ec2ec369599711b
SC DHCP 4.1.2 Denial Of Service
Posted Jul 29, 2012
Authored by K1P0D

Proof of concept denial of service exploit for the zero length client id infinite loop vulnerability in DHCP version 4.1.2.

tags | exploit, denial of service, proof of concept
advisories | CVE-2012-3571
SHA-256 | 866407d6a01490397a0a69ab14d8818f3272133757b74cb32940ac7e6d151ada
Shahumyanmedia CMS 2010 Authentication Bypass
Posted Jul 22, 2012
Authored by Akastep, BOT_25

Shahumyanmedia CMS 2010 suffers from an authentication bypass vulnerability. Proof of concept code included.

tags | exploit, proof of concept, bypass
systems | linux
SHA-256 | 6ac8ee86a9dc1a3b5060656cdad5bfd5ebf07f42f98648432dd21f90f0dd5023
PHP 6.0 openssl_verify() Buffer Overflow
Posted Jul 20, 2012
Authored by Pr0T3cT10n

PHP version 6.0 openssl_verify() local buffer overflow proof of concept exploit.

tags | exploit, overflow, local, php, proof of concept
SHA-256 | ca7179cfea7e511031571eaf312bb0ce52f952b755fb3d52e7056cff68d72e8a
Oracle Outside-In FPX File Parsing Heap Overflow
Posted Jul 20, 2012
Authored by Francis Provencher

Oracle Outside-In FPX file parsing suffers from a heap overflow vulnerability. Proof of concept included.

tags | exploit, overflow, proof of concept
systems | linux
SHA-256 | 3ffbb6827d9d2382b9a76b9305e37a7d6d37e039b353eabc680e393957f21ada
Oracle Outside-In LWP File Parsing Buffer Overflow
Posted Jul 20, 2012
Authored by Francis Provencher

Oracle Outside-In LWP file parsing suffers from a stack based buffer overflow vulnerability. Proof of concept included.

tags | exploit, overflow, proof of concept
systems | linux
SHA-256 | 953c76d252ea3d1ef9599ded5a1b13cc01db9cce40b4df74f6ac34219722ac04
Oracle Outside-In JP2 File Parsing Heap Overflow
Posted Jul 20, 2012
Authored by Francis Provencher

Oracle Outside-IN JP2 file parsing suffers from a heap overflow vulnerability. Proof of concept included.

tags | exploit, overflow, proof of concept
systems | linux
SHA-256 | 7c878849d29af52f8ddf17660a63425f5e710c5f84ddfa7cbd6a34ab807ed406
Arora Browser 0.10.2 Denial Of Service
Posted Jul 18, 2012
Authored by t3rm!n4t0r

Arora Browser version 0.10.2 remote denial of service proof of concept exploit.

tags | exploit, remote, denial of service, proof of concept
SHA-256 | 87264302a9bde89050e168e8b2b9679fc2b02cd931240a0e758de293a46e69fa
WaveSurfer 1.8.8p4 Memory Corruption
Posted Jul 13, 2012
Authored by Jean Pereira

WaveSurfer version 1.8.8p4 memory corruption proof of concept exploit.

tags | exploit, proof of concept
SHA-256 | d4deff1bae6282d551700d55692f595d5773d5a0250ecd06933d407d8d9fca97
Microsoft XML Core Services Uninitialized Memory
Posted Jul 5, 2012
Authored by Brian Mariani, High-Tech Bridge SA, Frederic Bourla | Site htbridge.com

This is a thorough analysis of the Microsoft XML core services uninitialized memory vulnerability as noted by CVE-2012-1889. It includes proof of concept data to trigger the issue and goes through the flow.

tags | paper, proof of concept
advisories | CVE-2012-1889
SHA-256 | 71478922d4d7dd398af9e4e90d1f859e3494d8ddf266086e502d50612e95667a
Microsoft IIS Tilde Character Name Disclosure / Denial Of Service
Posted Jul 2, 2012
Authored by Soroush Dalili

Microsoft IIS suffers from a short file/folder name disclosure vulnerability when handling tilde characters. The .NET framework may also suffer from a denial of service condition relating to the handling of tilde. Proof of concept scanner included.

tags | exploit, denial of service, proof of concept
systems | linux
SHA-256 | ac7e17676655fc32991058e316c32da4c4a71a9100a0f1c88e9530581b4638c8
GIMP 2.8.0 Denial Of Service
Posted Jun 29, 2012
Authored by Joseph Sheridan | Site reactionpenetrationtesting.co.uk

There is a file handling denial of service in GIMP (the GNU Image Manipulation Program) for the 'fit' file format affecting all versions (Windows and Linux) up to 2.8.0. A file in the fit format with a malformed 'XTENSION' header will cause a crash in the GIMP program. The flaw is triggered by opening a crafted 'fit' file or allowing the file explorer dialog to preview the file. Proof of concept included.

tags | exploit, denial of service, proof of concept
systems | linux, windows
advisories | CVE-2012-3236
SHA-256 | 0341418c409c2905c278b5539d3f0236be8f96cdfce5f9140782b205443ab209
Irfanview Plugins 4.33 Overflow
Posted Jun 29, 2012
Authored by Joseph Sheridan | Site reactionpenetrationtesting.co.uk

IrfanView Formats PlugIn is prone to an overflow condition. The JLS Plugin (jpeg_ls.dll) library fails to properly sanitize user-supplied input resulting in a heap-based buffer overflow. With a specially crafted JLS compressed image file, a context-dependent attacker could potentially execute arbitrary code. Proof of concept included. Irfanview Plugins version 4.33 is affected.

tags | exploit, overflow, arbitrary, proof of concept
systems | linux
advisories | CVE-2012-3585
SHA-256 | cd8bb7da17eb6fd5c44d2f4ceac57a18c44aca435eea690d9247652a97f176d8
Sielco Sistemi Winlog 2.07.16 Code Execution / Directory Traversal
Posted Jun 27, 2012
Authored by Luigi Auriemma | Site aluigi.org

Sielco Sistemi Winlog versions 2.07.16 and below suffer from various code execution, stack overflow, and directory traversal vulnerabilities. Proof of concept utility included.

tags | exploit, overflow, vulnerability, code execution, proof of concept
systems | linux
SHA-256 | 2c3d3186116ed66592e68144dac18e5288896dc07ba9846d20cbd79b708917db
Apple QuickTime Security Bypass
Posted Jun 25, 2012
Authored by Adam Gowdiak | Site security-explorations.com

Security Explorations does not agree with Apple's evaluation of a vulnerability they reported. They have decided to release proof of concept code to demonstrate a bypass vulnerability in Apple QuickTime Java extensions.

tags | exploit, java, proof of concept, bypass
systems | linux, apple
SHA-256 | c2aeee9d3f479037cf3a1177e445be5a6068ad94532c3d4c68af96ada0b39421
IrfanView 4.33 Heap Overflow
Posted Jun 25, 2012
Authored by Francis Provencher

IrfanView version 4.33 suffers from a DJVU image processing heap overflow vulnerability. Proof of concept included.

tags | exploit, overflow, proof of concept
systems | linux
SHA-256 | e436390561dec51d8a5dee5ab9cec39964b18ee239173724fdeb63a1dfbb24c1
ACDSee PRO 5.1 Heap Overflows
Posted Jun 23, 2012
Authored by Francis Provencher

ACDSee PRO version 5.1 suffers from image processing heap overflow vulnerabilities. Proof of concepts included.

tags | exploit, overflow, vulnerability, proof of concept
systems | linux
SHA-256 | 7a29c303284a12fafe7bde596241454a712c247046e5141fda568b7871231f44
XnView 1.98.8 Heap Overflows
Posted Jun 23, 2012
Authored by Francis Provencher

XnView version 1.98.8 suffers from GIF, PCT, and TIFF image processing heap overflow vulnerabilities. Proof of concepts included.

tags | exploit, overflow, vulnerability, proof of concept
systems | linux
SHA-256 | 7a33f45ffe3e05b1ae8eff4edeb90a2337504c569f19a6aab17d6a976045bc2b
Samsung AllShare 2.1.1.0 NULL Pointer
Posted Jun 20, 2012
Authored by Luigi Auriemma | Site aluigi.org

Samsung AllShare versions 2.1.1.0 and below suffer from a NULL pointer vulnerability. Proof of concept utility included.

tags | exploit, proof of concept
systems | linux
SHA-256 | 83cd80b6e2edbb33b8a4976ea647724003619c7fb8d84f66b2a16fcef95d2296
Total Video Player 1.31 Proof Of Concept
Posted Jun 18, 2012
Authored by 0dem

Total Video Player version 1.31 crash proof of concept denial of service exploit that creates malicious files.

tags | exploit, denial of service, proof of concept
SHA-256 | 50826852f4723c4697c5342a471db0766e94f72ffba3dc55768b3c1d68c3014d
Page 1 of 4
Back1234Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    40 Files
  • 13
    Sep 13th
    18 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close