This exploit allows an attacker to perform a Denial of Service attack on the Dlink DSL-2650U router. By sending a specially crafted request to the 'diagpppoe.cgi' script with a long string of characters, the router crashes and becomes unresponsive.
This code works as a preloaded shared library on a game server, hooking two functions on the running server: svc_directconnect() and sv_sendservercommand(). It sends malformed 'remapShader' commands to clients, causing vulnerable clients to bind a shell on a chosen port and exit cleanly with an unsuspicious error message.
Exploits the DecodeBase16 buffer overflow vulnerability in eMule version 0.42d. The exploit allows for remote code execution on vulnerable systems. The exploit has been tested on Windows XP SP1 and Windows 2000 SP4. The exploit uses bindport/connectback shellcode. Thanks to Kostya Kortchinsky for his posting to bugtraq.
This exploit takes advantage of the recent Joomla 1.6.3 XSS vulnerability to execute a CSRF vulnerability to create a superuser account. It injects a malicious script through the vulnerable link and uses an iframe to load the victim's administrator page and fill in the form fields with predefined values.
The vulnerability exists in the Event module in the front end of JoomlaXi. An attacker can inject malicious code, such as the example given, to execute arbitrary JavaScript code on the victim's browser.
The DoS is caused by an integer division by zero in the Xjp2.dll module. It can be triggered by opening a specially crafted file.
This module exploits a vulnerability found in DATAC Control International RealWinSCADA Server 2.1 and below. By supplying a specially crafted On_FC_BINFILE_FCS_*FILEpacket via port 910, RealWin will try to create a file (which would be saved toC:Program FilesDATACReal WinRW-versionfilename) by first copying the user-supplied filename with a inline memcpy routine without proper bounds checking, whichresults a stack-based buffer overflow, allowing arbitrary remote code execution.Tested version: 2.0 (Build 6.1.8.10)
This is a local root exploit for DEC Alpha Linux version 3.0 and below. It allows an attacker to gain root privileges on the system.
There are multiple vulnerabilities in Subrion CMS. The first vulnerability allows attackers to bypass authentication and gain access to the admin panel using a specific username and password. The second vulnerability is a persistent XSS vulnerability in the title field of the Poll module and Manage pages. Attackers can inject malicious code into the title field, which will be executed when the page is viewed by other users. Additionally, other products like Auto Classifieds, Articles Script, Real estate script, and Web directory that run on the same CMS are also vulnerable.
This exploit takes advantage of a buffer overflow vulnerability in The KMPlayer version 3.0.0.1440. It specifically bypasses the ASLR protection on Windows 7. The exploit is in the form of a specially crafted .mp3 file that triggers the buffer overflow when opened in the vulnerable software.
Services By CQR