This exploit takes advantage of a remote buffer overflow vulnerability in Quiksoft EasyMail 6. The vulnerable method is AddAttachment. The latest version of the software does not support this method. The exploit was created out of boredom and interest sparked by a similar post. For more details, refer to the advisory at http://www.bmgsec.com.au/advisory/48/.
The exploit is used to run the Golden FTP Server Pro v2.52. After running the exploit, a bind shell is opened on port 4444.
This exploit takes advantage of a buffer overflow vulnerability in FTPShell Client 4.1 RC2. By sending a malicious pasv response, an attacker can trigger the buffer overflow and potentially execute arbitrary code on the target system. The exploit has been tested on Windows XP SP3 and Windows 2000 SP4.
This exploit takes advantage of a buffer overflow vulnerability in the Yager game version 5.24. It allows an attacker to execute arbitrary code on the target system by sending a specially crafted packet. The exploit targets the binkw32.dll library in Windows XP Pro SP1 GER.
This exploit takes advantage of a buffer overflow vulnerability in MiniShare HTTP Server 1.5.5. It allows an attacker to execute arbitrary code on the targeted system.
Corel WordPerfect Office X5 is prone to a remote buffer overflow vulnerability because the application fails to perform adequate boundary checks on user supplied input with .WPD (WordPerfect Document) file. Attackers may exploit this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.
An unauthenticated attacker could send multiple log reset requests to eventlog.cgi, causing a denial of service, which would send the cable modem into a reboot loop.
EDraw Flowchart ActiveX Control version 2.3 suffers from a buffer overflow vulnerability when parsing .edd file format resulting in an application crash and overwritten few memory registers which can aid the attacker to execute arbitrary code.
A stack-based buffer overflow occurs when you pass to "strFontName" parameter a string overly long than 24 bytes which leads into EIP overwrite allowing the execution of arbitrary code in the context of the logged on user. This happens because an inadequate space is stored into the buffer intended to receive the font name.
This PoC executes the calc.exe software on the remote system. The bug was discovered by Luigi Auriemma (www.aluigi.org)
Services By CQR