The "Adobe Active File Monitor V8" service is installed with an improper security descriptor. A malicious user of the Users group (which on xp means a "limited account") can stop the service, then invoke the "sc config" command to replace the binary path with a value of choice, then restart the service to run the command with SYSTEM privileges.
This exploit is a Denial of Service (DoS) attack that targets the HTTP protocol. It sends a specially crafted GET request that causes the server to consume excessive resources and become unresponsive.
This exploit code is for a buffer overflow vulnerability in GlobalScape Secure FTP Server. The code is written in Python and is designed to overwrite the EIP (Extended Instruction Pointer) register. It sends a malicious buffer to the server and then connects to port 4444 on the victim machine. This code can be used to gain unauthorized access to the victim machine.
This exploit overwrites the thr_jmp_table in ESRI Arcgis 9.x, allowing for local root privilege escalation. The exploit has been tested on Solaris 10.
This is a Proof of Concept (POC) for a stack buffer overflow vulnerability in Notepad++ version 5.4.5. The vulnerability allows an attacker to overwrite the stack and potentially execute arbitrary code.
This code is a proof of concept for an unknown vulnerability in MP3 Studio v1.0. The author attempted to exploit the vulnerability but was unsuccessful. The code includes a bind shell on port 4444. The author notes that this media player is unlikely to be widely used.
This exploit allows local users to disclose proxy passwords in FilePocket v1.2 and possibly prior versions. The exploit leverages a vulnerability in the software that allows access to the proxy password through the Windows registry.
ICUII 7.0 discloses passwords to local users.
The tcpdump program, specifically versions 3.8.x to 3.9.1, is vulnerable to a remote denial of service attack. This vulnerability is caused by a single (GRE) packet that triggers an infinite loop in the isis_print() function, which is used in many places by tcpdump. The bug lies in the TLV_ISNEIGH_VARLEN portion of the code, where providing a zero length causes the infinite loop.
This exploit targets IIS 5.0 FTP Server on Windows 2000 SP4. It allows an attacker to execute arbitrary code with SYSTEM privileges. The exploit has been modified by adding an additional egghunter for a secondary larger payload. It opens a bind shell on port 4444.
Services By CQR