The exploit takes advantage of a buffer overflow vulnerability in Slayer v2.4 (skin) to execute arbitrary code and gain control of the target system's SEH (Structured Exception Handling) mechanism.
The exploit allows an attacker to pass an overlong string as an id3 tag, causing a heap buffer overflow. By doing so, the attacker can redirect the program to a specific address in memory and execute arbitrary code.
The CDMA2000 A11 protocol dissector in Ethereal 0.10.9 and below has a stack overflow vulnerability when decoding Airlink records. This vulnerability allows remote attackers to execute arbitrary code with root privileges.
The Soulseek client allows distributed file search to one person, everyone, or in a specific Soulseek IRC channel, allowing a user to find the files they want. However, this feature is vulnerable to a remote SEH overwrite to a specific user or even to a whole Soulseek IRC channel.
This exploit targets a universal integer overflow vulnerability in Winamp version 5.55. By placing a specially crafted MAKI script file in the appropriate directory and running Winamp, an attacker can trigger the integer overflow and potentially execute arbitrary code.
This is a universal SEH overwrite exploit for Winamp version 5.55 and below. It allows an attacker to execute arbitrary code on a vulnerable system. More details about the vulnerability can be found in the advisory provided. The exploit code was developed by His0k4. The exploit has been tested on Windows XP Pro SP3 (EN).
The luxman_ex.pl script exploits a buffer overflow vulnerability in the luxman Pac-Man clone game. It uses a specially crafted payload to overwrite the return address and gain control of the execution flow.
The exploit targets the UDP License Service of SentinelLM. It overflows the stack by sending a buffer of around 3900 bytes. The overflow occurs at buffer[1035] and reaches eip when the buffer autogrows at around buffer[3940]. The exploit may need to be sent twice for it to work. It includes a popopret outside of a loaded module for SP2 and 2k3 targets. The offset has been tested on SP2 and 2003 ENGLISH. The exploit code is compiled for Win32 (MSVC, cygwin) and Linux (FreeBSD, etc.).
This is a proof of concept (PoC) exploit for the Ethereal IAPP remote buffer overflow vulnerability. It triggers a crash by sending 3-10 packets and scrolling between captured packets in Ethereal. The exploit code was written by Leon Juranic from LSS Security.
Exploit for httpdx FTP Server (CWD) that allows remote buffer overflow. The exploit uses a specific shellcode and an egghunter shellcode.
Services By CQR