Heh is a buffer overflow exploit for gpsdrive_2.09-2_powerpc.deb. It crashes the program and goes to frame 2, and is caused by a fprintf call in the dg_echo and ma_echo functions. The exploit is written in Perl and the shellcode is written by Charles Stevenson.
This vulnerability is a buffer overflow in the std_err() function in Luigi Auriemma's code. It can be exploited by sending a specially crafted packet to the vulnerable system. This can lead to arbitrary code execution and privilege escalation.
A buffer overflow vulnerability exists in the FTP server of the Linksys BEFSR41 v2.44.7. An attacker can send a specially crafted FTP request to the vulnerable server to trigger the buffer overflow and execute arbitrary code.
PHPNuke 7.8 with all security fixes/patches 'Downloads','Web_Links' & 'Your_Account' modules are vulnerable to SQL Injection / remote commands execution exploit. This exploit has not been tested on PHPNuke 7.9.
NPDS (Net Portal Dynamic System) is a French(and now English !) GNU dynamic portal. The vulnerability allows an attacker to register multiple users for Denial of Service. The exploit works on the last version (5.0, tested) and probably prior versions. The exploit includes a malicious file for DDoS attack. The website can also be vulnerable if it sends passwords to the email, as it adds an email in the database.
This exploit is for XMail 1.21 'sendmail' which is a local exploit that yields uid root or gid mail. It is written in C and uses the ret-into-libc technique. It creates a mailroot directory and gets the libc base address. It then gets the system() and file() addresses and writes a file. It then exploits the vulnerability and waits for a shell. Finally, it executes the shell.
VERITAS NetBackup is vulnerable to a format string vulnerability on OSX/ppc. This vulnerability can be exploited remotely by sending a specially crafted packet to the NetBackup service. This packet contains a malicious payload which is then executed on the vulnerable system.
This module exploits a vulnerability in the CA CAM service by passing a long parameter to the log_security() function. The CAM service is part of TNG Unicenter. This module has been tested on Unicenter v3.1.
This module exploits a stack overflow in the SecurID Web Agent for IIS. This ISAPI filter runs in-process with inetinfo.exe, any attempt to exploit this flaw will result in the termination and potential restart of the IIS service.
This exploit abuses an unpublished vulnerability in the HP-UX FTP service. This flaw allows an unauthenticated remote user to obtain directory listings from this server with the privileges of the root user. This vulnerability was silently patched by HP sometime between 2001 and 2003.
Services By CQR