A remote exploit against the aircrack-ng tools that allows for remote code execution. The exploit takes advantage of a vulnerability in the code responsible for parsing IEEE802.11 packets, specifically EAPOL packets. By manipulating the proclaimed length of the EAPOL packet and the packet's padding, an attacker can cause heap corruption and potentially gain control over $EIP. This exploit requires Scapy >= 2.x and Pyrit >= 0.3.1-dev r238 to work.
The vulnerability is caused due to a boundary error when processing the 'SntpGetReply' function in the SKSntp.ocx ActiveX control. This can be exploited to cause a buffer overflow by passing an overly long string to the affected function. Successful exploitation could allow execution of arbitrary code.
The Magneto Software ICMP ActiveX Control is vulnerable to a buffer overflow. This vulnerability can be exploited by an attacker to execute arbitrary code on a target system. The vulnerability was discovered by s4squatch and was published on 04/13/10. The exploit involves sending a specially crafted buffer to the SKIcmp.ocx ActiveX control, causing it to overwrite the EIP register with a malicious address, leading to code execution. The exploit includes a shellcode payload that spawns the Windows calculator (calc.exe).
The Openurgence vaccin 1.03 software is vulnerable to multiple file inclusion vulnerabilities, which can be exploited by remote or local attackers to include arbitrary files. This can lead to remote code execution, information disclosure, or denial of service attacks.
VMrc vulnerable to format string attacks. Exploitation of this issue may lead to arbitrary code execution on the system where VMrc is installed.
The Vieassociative Openmairie 1.01 beta version is vulnerable to multiple file include vulnerability through remote or local file inclusion. An attacker can exploit this vulnerability to include arbitrary files and execute remote code or read sensitive information.
The FusionForge 5.0 application is vulnerable to multiple remote file inclusion vulnerabilities. An attacker can exploit these vulnerabilities to include arbitrary remote files, leading to remote code execution.
The eToken PKI Client is vulnerable to an unspecified memory corruption issue. This vulnerability can be exploited by creating a specially crafted virtual file, which can lead to arbitrary code execution or denial of service.
A vulnerability exists in vBulletin add-on "Cyb - Advanced Forum Statistics" in the misc.php file show=latestposts&vsacb_resnr=, where the application loads all latest 'n' no of posts depending on (vsacb_resnr= n) value. By setting a large value for "vsacb_resnr", an attacker can make vBulletin load a huge number of data from the database, causing it to run out of memory and crash PHP. This can potentially crash the entire server and result in denial of service.
This exploit allows an attacker to execute arbitrary code on a target system running AzDGDatingLite version 2.1.3 or possibly prior versions. It supports generic HTTP proxy for remote execution. The attacker needs to launch this script from Apache, fill the requested fields, and execute the exploit.
Services By CQR