Nethack v3.4.0 local buffer overflow exploit which spawns a shell as uid=games. Runs /usr/games/lib/nethackdir/nethack.
d36c9676766104ed6f0e30024d355ec827f58589e60d86e963361827c6ef5db0This paper is focused on the Active directory attacks and various techniques which can be used by an attacker to abuse an AD environment in an enterprise network. This would also mark an introduction to Active directory along with its components. Topics covered include an introduction to Active Directory, Active Directory Structure, Multiple Attack Phases, Domain Persistence Techniques, Golden Ticket Attack, DCSync Attack, Silver Ticket Attack, and DSRM Attack techniques.
44a6dc0147aec02f155b590f92ed64b64954750c17a82f9750df4a42169a6b70RedTeam Pentesting discovered a denial of service vulnerability in the D-Link DSR-250N device which allows unauthenticated attackers in the same local network to execute a CGI script that reboots the device. Version 3.12 is confirmed affected.
9c93e843468650bf0270222facd25a1ee3a9a2887cda11b88288285ab0184247This is a brief overview of the unauthenticated non-persistent remote root shell vulnerability in various D-Link DSR routers. Versions affected include D-Link DSR-150 (Firmware < v1.08B44), D-Link DSR-150N (Firmware < v1.05B64), D-Link DSR-250 and DSR-250N (Firmware < v1.08B44), D-Link DSR-500 and DSR-500N (Firmware < v1.08B77), D-Link DSR-1000 and DSR-1000N (Firmware < v1.08B77).
de55e4448a4bec277f8621aefbf5e5ac01929a5f13a3f4b74cc2b5712046d40eD-Link DSR router series remote root shell exploit. Versions affected include D-Link DSR-150 (Firmware < v1.08B44), D-Link DSR-150N (Firmware < v1.05B64), D-Link DSR-250 and DSR-250N (Firmware < v1.08B44), D-Link DSR-500 and DSR-500N (Firmware < v1.08B77), D-Link DSR-1000 and DSR-1000N (Firmware < v1.08B77).
0ddcd599410d5c9d4349753fb1f66fbb2cd3e9606f56a18a28615b7d3f5dd814D-Link DSR-250N has a backdoor account that allows for persistent root access.
80fd9d3e7fad566709a302521d1f123f923a95c1459f2c137d1705ee73d4dd6cSecunia Research has discovered a vulnerability in Autonomy Keyview, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by a logic error in the Ichitaro speed reader (jtdsr.dll) when attempting to reconstruct higher-level objects and can be exploited to cause a heap-based buffer overflow. Successful exploitation may allow execution of arbitrary code. Version 10.3 is affected.
d5e75933e09e845ef137f1e214acd3daba62b091b867d3f86c99c49c4fb8a1bdSecunia Research has discovered a vulnerability in Autonomy Keyview, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by a boundary error in the Ichitaro speed reader (jtdsr.dll) when parsing "Text" chunks and can be exploited to cause a heap-based buffer overflow. Successful exploitation may allow execution of arbitrary code. Version 10.3 is affected.
d4c58b78a917a3975cccd3fd186aa9b3e2b0fa0d8eb7ac3c3fa3f6db6467cd41Secunia Research has discovered a vulnerability in Autonomy Keyview, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by an integer overflow error in the Ichitaro speed reader (jtdsr.dll) when parsing QLST chunks and can be exploited to cause a heap-based buffer overflow. Successful exploitation may allow execution of arbitrary code. Version 10.3 is affected.
d24cd05a6e4d709be1e57e4e15c52c15b5a2ed2e2c1e3e61fc50b6f372182659The Everfocus EDSR firmware fails to correctly handle authentication and sessions. This remote exploit takes advantages of versions 1.4 and below and lets you view the live cameras of remote DVRs.
10026da1a7949dc0eaf28f986ef241f8679e65ad5c74df580ec8f86a61a39823Microsoft Visual Basic Enterprise Edition version 6 SP 6 DSR file local buffer overflow exploit.
ed4d787e9973a5566ae6707044eda9ca12236913f12acae8689d9011cebc6c40Microsoft Visual Basic Enterprise Edition version 6 SP6 .dsr file handling buffer overflow exploit.
106ce6bde9a3606161a71ede5227c28c721428fe4cb6f33aea861c28e5842d16Norton insufficiently checks calling standard Windows API functions RegSaveKey, RegRestoreKey and RegDeleteKey. A proper combination of mentioned function calls on registry key 'HKLM\SYSTEM\CurrentControlSet\Services\SNDSrvc' or on key 'HKLM\SYSTEM\CurrentControlSet\Services\SymEvent' causes a system crash due to erroneous implementation of Norton's driver. Norton Personal Firewall 2006 version 9.1.0.33 is affected. Other versions of Norton software may also be affected.
8691d1f66cce2d51c2c679dfa90755af6fd62ceaf01f42c021b8a8f45c7e0dd7Local root exploit for QNX Neutrino RTOS's phfont command. Affects QNX Neutrino RTOS version 6.2.1. Earlier versions may also be susceptible.
9bbca002dda89b554504a0ee6a50ba18b07eb0cad32ac21956c276f13c26e03bCisco AP remote denial of service exploit that makes use of maliciously crafted ARP requests.
4083da861a5b98c1c4884acb301763e04d58d02fe2ac8140746df0c0400371a0Farmers WIFE version 4.4 sp1 ftpd remote exploit that allows for system compromise.
890997b51723f28c17e0b21e78bc7cc7e3e5fb4620c3ebe70555565e6bffafc1www.friendsreunited.co.uk suffers from a XSS vulnerability in the lost password section.
a85ff1a125b3942fe05765e508b818857b721d857c377c7a3625b6898197d84aMS04-011 DsRoleUpgradeDownlevelServer remote exploit. Submitted anonymously.
c345e1ceaf031691148d79a9fafffd9b68fdbe6f2ffeb4b7ad70da3edd68b5feRemote exploit for the Lsasrv.dll RPC buffer overflow. To make this exploit work remotely you have to use the sbaaNetapi.dll which modifies the DsRoleUpgradeDownlevelServer API.
c155fee77b812701dd4efb98b8ad352943a5fa4ca64edab679c6ddefca7a2e45Wmapm v3.1 local exploit - Gives a shell with UID=operator in FreeBSD if compiled via ports collection, or UID=root if compiled from source on FreeBSD or Linux. Requires a valid X display.
310dae0751d751688fbae10e7aa187a1b9842453da5cc6e64fb855d8d69cffe6Remote exploit for Cfengine versions 2.-2.0.3 that makes use of a stack overflow discussed here. Tested against FreeBSD 4.8-RELEASE. Binds a shell to port 45295.
e3e547732748f7447108587f2723bccdb4db27e138cffb4956e21946879efff3Local exploit for ViRobot 2.0 that works against the FreeBSD edition. Tested against FreeBSD 4.8.
41059e552df59b7c97ce59335d8a8059d66eb278653f384fb513f884278d70fdProof of concept local exploit for gnats version 3.113.1_6 tested on FreeBSD 5.0. If successful, escalates privileges to gnats.
2b31b10d89b57698e84d31e47881d7d90cf4391690ee56926c5a87a74db28850Local exploit for Upclient 5.0.b5 that spawns a shell with kmem privileges. Tested on FreeBSD 5.0.
12ad32e03b238b43ac52391150406436f569b35875fd12e93cbdce6c5c310419mIRC 6.03 and below allows an attacker to misleading supply a URL that poses as one URL but leads to another by setting the color of the secondary URL to the default background color.
6b69a01535a0c67322cb56b25faa8fc7dba090f0825a3a04ed026b05cdd0462dmIRC 6.03 and below allow the ability for a remote attacker to spoof a dcc chat request in a targets client.
e563523994f9fa8795dd89183f1920def4ff07f15d1392c758656569e82a5204
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed